On Mon, Mar 16, 2026 at 5:35 PM Rémy Maucherat <[email protected]> wrote:
> The proposed Apache Tomcat 9.0.116 release is now available for voting. > > The notable changes compared to 9.0.115 are: > > - Relax HTTP/2 header validation and respond to invalid requests with > a stream reset or a 400 response as appropriate rather then with a > connection reset. > > - Fix bug 69964: Respect the configured cipher order, which was no > longer respected following the addition of TLS 1.3 specific cipher > configuration. TLS 1.3 ciphers will always be first in the list. > > - Update Tomcat Native to 1.3.7 / 2.0.14 and increase the recommended > version to 1.3.7 / 2.0.14 > > For full details, see the changelog: > https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.116/ > > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1583 > > The tag is: > https://github.com/apache/tomcat/tree/9.0.116 > d2c7dce5e94d6d1d81ad7d66402140b1c1962a53 > > The proposed 9.0.116 release is: > [ ] -1, Broken - do not release > [X] +1, Stable - go ahead and release as 9.0.116 > > Rémy > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
