I'm cancelling this vote to pick up the SNI fix.
Mark
On 13/03/2026 17:25, Mark Thomas wrote:
The proposed Apache Tomcat 11.0.19 release is now available for voting.
The notable changes compared to 11.0.18 include:
- Relax HTTP/2 header validation and respond to invalid requests with
a stream reset or a 400 response as appropriate rather then with a
connection reset.
- Fix bug 69964: Respect the configured cipher order, which was no
longer respected following the addition of TLS 1.3 specific cipher
configuration. TLS 1.3 ciphers will always be first in the list.
- Update Tomcat Native to 2.0.14 and increase the recommended version to
2.0.14
For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
Applications that run on Tomcat 9 and earlier will not run on Tomcat 11
without changes. Java EE applications designed for Tomcat 9 and earlier
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
will automatically convert them to Jakarta EE and copy them to the
webapps directory. Applications using deprecated APIs may require
further changes.
It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.19/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1582
The tag is:
https://github.com/apache/tomcat/tree/11.0.19
6e79f712663fd5dc1636d7a1201ed4eaf5e389a8
The proposed 11.0.19 release is:
[ ] -1 Broken - do not release
[ ] +1 Stable - go ahead and release as 11.0.19
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
