On Fri, Feb 28, 2025 at 7:13 PM Mark Thomas <ma...@apache.org> wrote:
> The proposed Apache Tomcat 11.0.5 release is now available for voting. > > The notable changes compared to 11.0.4 include: > > - Improve the checks for exposure to and protection against > CVE-2024-56337 so that reflection is not used unless required. The > checks for whether the file system is case sensitive or not have been > removed. > > - Use Transfer-Encoding for compression rather than Content-Encoding if > the client submits a TE header containing gzip > > - Add makensis as an option for building the Installer for Windows on > non-Windows platforms. > > For full details, see the change log: > https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html > > Applications that run on Tomcat 9 and earlier will not run on Tomcat 11 > without changes. Java EE applications designed for Tomcat 9 and earlier > may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat > will automatically convert them to Jakarta EE and copy them to the > webapps directory. Applications using deprecated APIs may require > further changes. > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.5/ > > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1534 > > The tag is: > https://github.com/apache/tomcat/tree/11.0.5 > 1ba1f9061e49ce03c77b57beff3d50e5c2c3ee29 > > The proposed 11.0.5 release is: > [ ] -1 Broken - do not release > [ X] +1 Stable - go ahead and release as 11.0.5 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > +1 Build is reproducible and all tests pass on Fedora 41 with Java 21, tcnative-2.0.8, apr-1.7.4, openssl-3.2.4.
