On Mon, Aug 8, 2022 at 3:15 PM Christopher Schultz < ch...@christopherschultz.net> wrote:
> The proposed Apache Tomcat 8.5.82 release is now available for voting. > > The notable changes compared to 8.5.81 are: > > - Update the packaged version of the Tomcat Native Library to 1.2.35 to > pick up Windows binaries built with OpenSSL 1.1.1q. > > - Enable the use of the FIPS provider for TLS enabled Connectors when > using Tomcat Native 1.2.34 onwards built with OpenSSL 3.0.x onwards. > > - Improvements to HTTP/2 header handling. > > - Fix CVE-2022-34305, a low severity XSS vulnerability in the > Form authentication example. > > Along with lots of other bug fixes and improvements. > > For full details, see the changelog: > https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.82/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1385 > The tag is: > https://github.com/apache/tomcat/tree/8.5.82/ > 237076605ea6b44ec7b97ee1158d5aa7f2f0b53c > > The proposed 8.5.82 release is: > [ ] Broken - do not release > > [X] Stable - go ahead and release as 8.5.82 (stable) > > -chris > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
