The proposed Apache Tomcat 8.5.89 release is now available for voting.
The notable changes compared to 8.5.88 are: - Many improvements to the JSON access log valve. - Deprecate support for the HTTP Connector settings rejectIllegalHeader and allowHostHeaderMismatch and reject HTTP headers without names. - Add a RateLimitFilter which can be used to mitigate DoS and Brute Force attacks. Along with lots of other bug fixes and improvements. For full details, see the changelog: https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.89/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1436 The tag is: https://github.com/apache/tomcat/tree/8.5.89/ da91bd19ef2cb34a96e4ad04749dfc97c941db87 The proposed 8.5.89 release is: [ ] Broken - do not release [ ] Stable - go ahead and release as 8.5.88 (stable) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org