On 14/11/2014 10:42, Mark Thomas wrote: > The proposed Apache Tomcat 6.0.43 release is now available for voting. > > The key changes since 6.0.41 are: > > - Disable SSLv3 by default in light of the recently announced POODLE > vulnerability. (CVE-2014-3566) > > - Update to Tomcat Native Library version 1.1.32 to pick up the Windows > binaries that are based on OpenSSL 1.0.1j and APR 1.5.1. > > - Various fixes to EL parsing when EL is used in a JSP. > > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-6/v6.0.43/ > > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1027/ > The svn tag is: > http://svn.apache.org/repos/asf/tomcat/tc6.0.x/tags/TOMCAT_6_0_43/ > > The proposed 6.0.43 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 6.0.43 Stable
Servlet 2.5 and JSP 2.1 TCKs pass. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
