The following votes were cast:
Binding:
+1: remm, markt, dsoumis, schultz, csutherl, rjung
No other votes were cast. The vote therefore passes.
Thanks to everyone who contributed to this release.
Mark
On 16/03/2026 17:48, Mark Thomas wrote:
The proposed Apache Tomcat 11.0.20 release is now available for voting.
The notable changes compared to 11.0.18 include:
- Relax HTTP/2 header validation and respond to invalid requests with
a stream reset or a 400 response as appropriate rather then with a
connection reset.
- Fix bug 69964: Respect the configured cipher order, which was no
longer respected following the addition of TLS 1.3 specific cipher
configuration. TLS 1.3 ciphers will always be first in the list.
- Update Tomcat Native to 2.0.14 and increase the recommended version to
2.0.14
For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
Applications that run on Tomcat 9 and earlier will not run on Tomcat 11
without changes. Java EE applications designed for Tomcat 9 and earlier
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
will automatically convert them to Jakarta EE and copy them to the
webapps directory. Applications using deprecated APIs may require
further changes.
It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.20/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1584
The tag is:
https://github.com/apache/tomcat/tree/11.0.20
1c65de6f27a3bac481514e56e3637785b65a4f2c
The proposed 11.0.20 release is:
[ ] -1 Broken - do not release
[ ] +1 Stable - go ahead and release as 11.0.20
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
