The Apache Tomcat team announces the immediate availability of Apache Tomcat 9.0.62.
Apache Tomcat 9 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies. Apache Tomcat 9.0.62 is a bugfix and feature release. The notable changes compared to 9.0.60 include: - Update the packaged version of the Tomcat Native Library to 1.2.32 to pick up Windows binaries built with OpenSSL 1.1.1n. - Improve logging of unknown HTTP/2 settings frames. Pull request by Thomas Hoffmann. - Add additional warnings if incompatible TLS configurations are used such as HTTP/2 with CLIENT-CERT authentication - Harden the class loader to provide a mitigation for CVE-2022-22965 a Spring Framework vulnerability Along with lots of other bug fixes and improvements. Please refer to the change log for the complete list of changes: https://tomcat.apache.org/tomcat-9.0-doc/changelog.html Downloads: https://tomcat.apache.org/download-90.cgi Migration guides from Apache Tomcat 7.x and 8.x: https://tomcat.apache.org/migration.html Enjoy! - The Apache Tomcat team --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
