Apache Tomcat 7.0.21 has been released and is available for immediate download from http://tomcat.apache.org/download-70.cgi Mark Thomas notes on the Tomcat Users list: " Apache Tomcat 7.0.21 includes security fixes, bug fixes and new features compared to version 7.0.20 including: - A fix for CVE-2011-3190 that allowed an attacker to inject requests when Tomcat was configured behind a reverse proxy using the AJP protocol. - Multiple additions and improvements to the memory leak detection/prevention features. - Improved validation of received AJP messages. Please refer to the change log for the complete list of changes: http://tomcat.apache.org/tomcat-7.0-doc/changelog.html "
... real developers use subtitles