The proposed Apache Tomcat 9.0.19 release is now available for voting. 9.0.19 corrects a regression and a number of packaging errors in 9.0.18.
The major changes compared to the 9.0.17 release are: - Fix for CVE-2019-0232 a RCE vulnerability on Windows - Add support for Java 11 to the JSP compiler. Java 12 and 13 are also now supported if used with a ECJ version with support for those Java versions - Various NIO2 stability improvements Along with lots of other bug fixes and improvements. For full details, see the changelog: https://ci.apache.org/projects/tomcat/tomcat9/docs/changelog.html It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.19/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1210/ The tag is: https://github.com/apache/tomcat/tree/9.0.19 854f4dcf435a6d335576aa22402e2871c66f4fd9 The proposed 9.0.19 release is: [ ] Broken - do not release [ ] Stable - go ahead and release as 9.0.19 Due to the security fix contained in this release, the voting period may be shortened once sufficient votes are cast to enable a faster release. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
