On Thu, Jul 14, 2022 at 11:26 AM Mark Thomas <ma...@apache.org> wrote: > > The proposed Apache Tomcat 10.0.23 release is now available for > voting. > > Apache Tomcat 10.0.x implements Jakarta EE 9 and, as such, the primary > package for all the specification APIs has changed from javax.* to jakarta.* > > Applications that run on Tomcat 9 will not run on Tomcat 10 without > changes. Java EE applications designed for Tomcat 9 and earlier may be > placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will > automatically convert them to Jakarta EE and copy them to the webapps > directory > > The notable changes compared to 10.0.22 are: > > - Implement support for repeatable builds > > - Update the packaged version of the Tomcat Native Library to 1.2.35. > This includes Windows binaries built with with OpenSSL 1.1.1q. > > - Fix CVE-2022-34305, a low severity XSS vulnerability in the Form > authentication example > > Along with lots of other bug fixes and improvements. > > For full details, see the changelog: > https://nightlies.apache.org/tomcat/tomcat-10.0.x/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.0.23/ > > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1383 > > The tag is: > https://github.com/apache/tomcat/tree/10.0.23 > cda46e050e09bd394c82ba874633367f80eeb259 > > The proposed 10.0.23 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 10.0.23 (stable)
Remy --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
