The Apache Tomcat team announces the immediate availability of Apache Tomcat 8.5.30.
Tomcat 8.x users should be using 8.5.x releases in preference to 8.0.x releases. Apache Tomcat 8 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and Java Authentication Service Provider Interface for Containers technologies. Apache Tomcat 8.5.x is intended to replace 8.0.x and includes new features pulled forward from the 9.0.x branch. The notable changes since 8.5.29 include: - Add support for the maxDays attribute to the AccessLogValve and ExtendedAccessLogValve. This allows the maximum number of days for which rotated access logs should be retained before deletion to be defined. - Avoid infinite recursion, when trying to validate a session while loading it with PersistentManager. - Correct two protocol errors with HTTP/2 PUSH_PROMISE frames. - The OpenSSL engine SSL session will now ignore invalid accesses. Please refer to the change log for the complete list of changes: http://tomcat.apache.org/tomcat-8.5-doc/changelog.html Downloads: http://tomcat.apache.org/download-80.cgi Migration guides from Apache Tomcat 7.x and 8.0.x: http://tomcat.apache.org/migration.html Enjoy! - The Apache Tomcat team