[VOTE][CANCELLED] Release Apache Tomcat 11.0.17

Thu, 22 Jan 2026 15:06:47 -0800 

I am cancelling this vote due to

https://bz.apache.org/bugzilla/show_bug.cgi?id=69936

There is a significant memory leak in 110.17 when used with Tomcat Native.

The issue has been fixed and I expect to re-tag 11.0.x tomorrow.

Mark


On 21/01/2026 00:57, Mark Thomas wrote:

The proposed Apache Tomcat 11.0.17 release is now available for voting.

The notable changes compared to 11.0.15 include:

- For configuration consistency between OpenSSL and JSSE TLS
   implementations, TLSv1.3 cipher suites included in the ciphers
   attribute of an SSLHostConfig are now always ignored (previously
   they would be ignored with OpenSSL implementations and used with
   JSSE implementations) and a warning is logged that the cipher
   suite has been ignored.

- Expand OCSP support to JSSE based connections and expand OCSP
   configuration options

- Update Commons Daemon to 1.5.1.

- Update Tomcat Native to 2.0.12 and increase the minimum version to
   2.0.12 / 1.3.4


For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
Applications that run on Tomcat 9 and earlier will not run on Tomcat 11 without changes. Java EE applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. Applications using deprecated APIs may require further changes. 

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.17/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1577

The tag is:
https://github.com/apache/tomcat/tree/11.0.17
c4ac38afc5edd64a71a000955fee47ee6f9c0e27

The proposed 11.0.17 release is:
[ ] -1 Broken - do not release
[ ] +1 Stable - go ahead and release as 11.0.17

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]




---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to