The proposed Apache Tomcat 6.0.43 release is now available for voting. The key changes since 6.0.41 are:
- Disable SSLv3 by default in light of the recently announced POODLE vulnerability. (CVE-2014-3566) - Update to Tomcat Native Library version 1.1.32 to pick up the Windows binaries that are based on OpenSSL 1.0.1j and APR 1.5.1. - Various fixes to EL parsing when EL is used in a JSP. It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-6/v6.0.43/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1027/ The svn tag is: http://svn.apache.org/repos/asf/tomcat/tc6.0.x/tags/TOMCAT_6_0_43/ The proposed 6.0.43 release is: [ ] Broken - do not release [ ] Stable - go ahead and release as 6.0.43 Stable --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
