On Thu, Mar 31, 2022 at 3:58 PM Mark Thomas <ma...@apache.org> wrote: > > The proposed Apache Tomcat 10.1.0-M14 release is now available for > voting. > > Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 > without changes. Java EE applications designed for Tomcat 9 and earlier > may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat > will automatically convert them to Jakarta EE and copy them to the > webapps directory. > > The notable changes compared to 10.1.0-M12 are: > > - Update the packaged version of the Tomcat Native Library to 1.2.32 to > pick up Windows binaries built with OpenSSL 1.1.1n. > > - Improve logging of unknown HTTP/2 settings frames. Pull request by > Thomas Hoffmann. > > - Update the JASPIC 2.0 API to Jakarta Authentication 3.0 (JASPIC was > renamed for Jakarta EE 10) > > - Harden the class loader to provide a mitigation for CVE-2022-22965 > a Spring Framework vulnerability > > For full details, see the change log: > https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.0-M14/ > > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1367 > > The tag is: > https://github.com/apache/tomcat/tree/10.1.0-M14 > 02e84c839def0228475fad85d0b19abc2f70b03f > > > The proposed 10.1.0-M14 release is: > [ ] Broken - do not release > [X] Alpha - go ahead and release as 10.1.0-M14 (alpha)
Rémy --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
