The proposed Apache Tomcat 9.0.1 release is now available for voting. The major changes compared to the 9.0.0.M27 release are:
- Fix CVE-2017-12617 - Servlet 4.0 implementation is complete - Add the ability to reconfigure TLS connectors at runtime without stopping the connector - Stricter validation of the Host header Along with lots of other bug fixes and improvements. For full details, see the changelog: http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.1/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1156/ The svn tag is: http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_1/ The proposed 9.0.1 release is: [ ] Broken - do not release [ ] Alpha - go ahead and release as 9.0.1 [ ] Beta - go ahead and release as 9.0.1 [ ] Stable - go ahead and release as 9.0.1 --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
