The proposed Apache Tomcat 10.1.37 release is now available for
voting.
All committers and PMC members are kindly requested to provide a vote if
possible. ANY TOMCAT USER MAY VOTE, though only PMC members votes are
binding. We welcome non-committer votes or comments on release builds.
The notable changes compared to 10.1.36 are:
- Improve the checks for exposure to and protection against
CVE-2024-56337 so that reflection is not used unless required. The
checks for whether the file system is case sensitive or not have been
removed.
- Use Transfer-Encoding for compression rather than Content-Encoding if
the client submits a TE header containing gzip
- Add makensis as an option for building the Installer for Windows on
non-Windows platforms.
For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html
Applications that run on Tomcat 9 and earlier will not run on Tomcat 10
without changes. Java EE applications designed for Tomcat 9 and earlier
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
will automatically convert them to Jakarta EE and copy them to the
webapps directory.
It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.37/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1535
The tag is:
https://github.com/apache/tomcat/tree/10.1.37
https://github.com/apache/tomcat/commit/e4338ee7a3e0f22d85f7cb2e04dacee752eaa619
Please reply with a +1 for release or +0/-0/-1 with an explanation.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
