Am 01.05.26 um 22:53 schrieb Mark Thomas:
The proposed Apache Tomcat 11.0.22 release is now available for voting.
The notable changes compared to 11.0.21 include:
- Enhance version.sh and version.bat to display APR, Tomcat Native, and
OpenSSL version information.
- Free private keys, keys and certificates after use in FFM based
connector configuration.
- Various HTTP/2 validation improvements and a broader change to use
stream resets rather than connection closures where appropriate.
For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
Applications that run on Tomcat 9 and earlier will not run on Tomcat 11
without changes. Java EE applications designed for Tomcat 9 and earlier
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
will automatically convert them to Jakarta EE and copy them to the
webapps directory. Applications using deprecated APIs may require
further changes.
It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.22/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1590
The tag is:
https://github.com/apache/tomcat/tree/11.0.22
ccdf7a8c736bde0f4875a10667b21cddbd4be21f
The proposed 11.0.22 release is:
[ ] -1 Broken - do not release
[ ] +1 Stable - go ahead and release as 11.0.22
+1 to release.
Reproducibility of the build checked (including the Windows installer)
using "ant verify-release" on Linux Mint 22.3. OK after setting LANG.
Original Windows installer signature verified with osslsigncode 2.10.
Unit tests ran on platforms
- RHEL 8, 9 and 10 and SLES 15
using
- recent patch versions of JDK 17, 21, 25, 26 and 27 (EA)
from
- Eclipse Adoptium, Azul Zulu, Amazon Coretto, Oracle, RedHat and from
OpenJDK for 27
where available.
Also tested with
- tcnative 1.3.7, 2.0.14 and panama
- tcnative including post-release memory leak patches
based on
- OpenSSL 3.0.20, 3.5.6, 3.6.2 and 4.0.0 (for tcnative 2 and panama)
Test observations:
- IMHO nothing critical
- only a few combinations still need to run
- post-release test fixes for TestProxyErrorReportValve and
TestAccessLogValveFile applied
- TestOcspSoftFailTryLater one failure with amazon JDK 17 on RHEL 8
- TestOcspEnabled 4 failures various JDKs with tcnative or panama
- in addition
- very few crashes with tcnative (10 in 951 runs)
- very few failures with jsse (3 in 138 runs)
- very few non-crash-failures with tcnative (1 in 951 runs)
Thanks for RM!
Best regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
