On 19/03/2010 10:12, Daniel Plappert wrote:
Hi,
I am not sure which version to use. As a developer I want to use the new
version 6.0.26, but unfortunately it's not part of the debian packaging
management system. They only support the 5.5.28 version with the remark,
that this version is more secure and tested than 6.0. Is that true?
Frankly, no. That remark is complete rubbish.
The typical order for vulnerability fixes, announcements and releases is:
- fix trunk, 6.0.x, 5.5.x
- release 6.0.x
- announce
- release 5.5.x
Therefore, you are better off on 6.0.x from a security point of view.
In terms of testing and reliability 6.0.x started as 5.5.x so the code
bases are very similar. In addition, every bug fixed in 5.5.x is also
fixed in 6.0.x but it is not always the case that a bug fixed in 6.0.x
is also fixed in 5.5.x
Because Tomcat 6.0 has a better memory usage and supports the new JSP
and Servlet spec. I want to upgrade. But, as I mentioned before, this
version is not part of the debian system (not now) and I've to install
the new version 6.0.26 outside the packaging management system and I
also have to update this tomcat version myself. Are there any reasonable
reasons not to use the new version of tomcat?
None.
Has anyone experienced a
performance difference between 5.5 and 6.0?
I wouldn't expect to see one. However, you'll normally see a performance
improvement when you upgrade your JVM.
And for production usage,
which version is better?
6.0.x every time.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
