The Apache Tomcat team announces the immediate availability of Apache
Tomcat 10.1.0-M14 (alpha).
Apache Tomcat 10 is an open source software implementation of the
Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language,
Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations
specifications.
Applications that run on Tomcat 9 and earlier will not run on Tomcat 10
without changes. Java EE applications designed for Tomcat 9 and earlier
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
will automatically convert them to Jakarta EE and copy them to the
webapps directory. This conversion is performed using the Apache Tomcat
migration tool for Jakarta EE tool which is also available as a separate
download for off-line use.
Apache Tomcat 10.1.0-M14 is a milestone release of the 10.1.x branch and
has been made to provide users with early access to the new features in
Apache Tomcat 10.1.x so that they may provide feedback. The notable
changes compared to 10.1.0-M12 include:
- Update the packaged version of the Tomcat Native Library to 1.2.32 to
pick up Windows binaries built with OpenSSL 1.1.1n.
- Improve logging of unknown HTTP/2 settings frames. Pull request by
Thomas Hoffmann.
- Add additional warnings if incompatible TLS configurations are used
such as HTTP/2 with CLIENT-CERT authentication
- Harden the class loader to provide a mitigation for CVE-2022-22965
a Spring Framework vulnerability
Please refer to the change log for the complete list of changes:
http://tomcat.apache.org/tomcat-10.1-doc/changelog.html
Downloads:
http://tomcat.apache.org/download-10.cgi
Migration guides from Apache Tomcat 7.0.x, 8.5.x and 9.0.x:
http://tomcat.apache.org/migration.html
Enjoy!
- The Apache Tomcat team
