The Apache Tomcat team announces the immediate availability of Apache
Tomcat 10.0.23.

This release is targeted at Jakarta EE 9.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

Apache Tomcat 10 is an open source software implementation of the
Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language,
Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations

The notable changes compared to 10.0.22 include:

- Implement support for repeatable builds

- Update the packaged version of the Tomcat Native Library to 1.2.35.
  This includes Windows binaries built with with OpenSSL 1.1.1q.

- Fix CVE-2022-34305, a low severity XSS vulnerability in the Form
  authentication example

Please refer to the change log for the complete list of changes:


Migration guides from Apache Tomcat 7.0.x, 8.5.x and 9.0.x:


- The Apache Tomcat team

Reply via email to