Apache Tomcat is a servlet container for the Java Servlet and JavaServerPages (JSP) technologies.A denial of service flaw was found in the way certain strings wereconverted to Double objects. A remote attacker could use this flaw to causeTomcat to hang via a specially-crafted HTTP request. (CVE-2010-4476)A flaw was found in the Tomcat NIO (Non-Blocking I/O) connector. A remoteattacker could use this flaw to cause a denial of service (out-of-memorycondition) via a specially-crafted request containing a large NIO buffersize request value. (CVE-2011-0534)This update also fixes the following bug:Users of Tomcat should upgrade to these updated packages, which containbackported patches to correct these issues. Tomcat must be restarted forthis update to take effect.