Ping.
We need one more PMC vote for this release.
Mark
On 14/07/2022 10:25, Mark Thomas wrote:
The proposed Apache Tomcat 10.0.23 release is now available for
voting.
Apache Tomcat 10.0.x implements Jakarta EE 9 and, as such, the primary
package for all the specification APIs has changed from javax.* to
jakarta.*
Applications that run on Tomcat 9 will not run on Tomcat 10 without
changes. Java EE applications designed for Tomcat 9 and earlier may be
placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will
automatically convert them to Jakarta EE and copy them to the webapps
directory
The notable changes compared to 10.0.22 are:
- Implement support for repeatable builds
- Update the packaged version of the Tomcat Native Library to 1.2.35.
This includes Windows binaries built with with OpenSSL 1.1.1q.
- Fix CVE-2022-34305, a low severity XSS vulnerability in the Form
authentication example
Along with lots of other bug fixes and improvements.
For full details, see the changelog:
https://nightlies.apache.org/tomcat/tomcat-10.0.x/docs/changelog.html
It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.0.23/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1383
The tag is:
https://github.com/apache/tomcat/tree/10.0.23
cda46e050e09bd394c82ba874633367f80eeb259
The proposed 10.0.23 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 10.0.23 (stable)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
