[
https://issues.apache.org/jira/browse/OFBIZ-11407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17042903#comment-17042903 ]
Pierre Smits commented on OFBIZ-11407:
--------------------------------------
Thank you for bringing this forward.
What will be the impact of 'AJP defaults changed to listen the loopback address, require a secret
and to be disabled in the sample server.xml' be visavis adopter implementations?
> Upgrade Tomcat from 9.0.29 to 9.0.31
> ------------------------------------
>
> Key: OFBIZ-11407
> URL:
https://issues.apache.org/jira/browse/OFBIZ-11407> Project: OFBiz
> Issue Type: Improvement
> Components: framework
> Affects Versions: Trunk
> Reporter: Michael Brohl
> Assignee: Michael Brohl
> Priority: Minor
>
> The Apache Tomcat team announces the immediate availability of Apache
> Tomcat 9.0.30.
> Apache Tomcat 9 is an open source software implementation of the Java
> Servlet, JavaServer Pages, Java Unified Expression Language, Java
> WebSocket and JASPIC technologies.
> Apache Tomcat 9.0.31 is a bugfix and feature release. The notable
> changes compared to 9.0.30 include:
> - AJP defaults changed to listen the loopback address, require a secret
> and to be disabled in the sample server.xml
> - The JmxRemoteLifecycleListener is now deprecated
> - The HTTP Connector attribute rejectIllegalHeaderName is renamed to
> rejectIllegalHeader and expanded to include header values as well as
> names
> Please refer to the change log for the complete list of changes:
> [
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
Locked
