The proposed Apache Tomcat 9.0.116 release is now available for voting. The notable changes compared to 9.0.115 are:
- Relax HTTP/2 header validation and respond to invalid requests with a stream reset or a 400 response as appropriate rather then with a connection reset. - Fix bug 69964: Respect the configured cipher order, which was no longer respected following the addition of TLS 1.3 specific cipher configuration. TLS 1.3 ciphers will always be first in the list. - Update Tomcat Native to 1.3.7 / 2.0.14 and increase the recommended version to 1.3.7 / 2.0.14 For full details, see the changelog: https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.116/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1583 The tag is: https://github.com/apache/tomcat/tree/9.0.116 d2c7dce5e94d6d1d81ad7d66402140b1c1962a53 The proposed 9.0.116 release is: [ ] -1, Broken - do not release [ ] +1, Stable - go ahead and release as 9.0.116 Rémy --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
