This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit fffc72fb688b99aaa6385850c04d7295ad45d684 Author: Mark Thomas <[email protected]> AuthorDate: Wed Mar 18 17:34:45 2026 +0000 Update the baseline to 11.0.20 --- webapps/docs/changelog.xml | 157 +-------------------------------------------- 1 file changed, 1 insertion(+), 156 deletions(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 7f26c8144e..ab94953c66 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -109,7 +109,7 @@ <changelog> <scode> This release contains all of the changes up to and including those in - Apache Tomcat 11.0.18 plus the additional changes listed below. (markt) + Apache Tomcat 11.0.20 plus the additional changes listed below. (markt) </scode> <update> The minimum Java version has been updated to Java 21. (markt) @@ -186,15 +186,6 @@ to <code>true</code>. (markt) </update> <!-- Entries for backport and removal before 12.0.0-M1 below this line --> - <fix> - <bug>69967</bug>: Fix inconsistencies related to - <code>Content-Length</code> and <code>Content-Type</code> headers when - accessed using the <code>getHeader</code> method and similar. (remm) - </fix> - <fix> - <bug>69940</bug>: Improve redirect handling in the - <code>LoadBalancerDrainingValve</code>. (schultz) - </fix> </changelog> </subsection> <subsection name="Coyote"> @@ -227,101 +218,6 @@ Remove support for HTTP 0.9. (markt) </update> <!-- Entries for backport and removal before 12.0.0-M1 below this line --> - <add> - Add an HTTP configuration setting, <code>noCompressionEncodings</code>, - that can be used to control which content encodings will not be - compressed when compression is enabled. Based on pull request - <pr>914</pr> by Long9725. (markt) - </add> - <fix> - Add size limit for OCSP responses. Based on code submitted by Chenjp. - (remm) - </fix> - <fix> - To maintain the documented alignment with the OpenSSL development - branch, the use of the aliases <code>SSLv3</code>, <code>EXPORT</code>, - <code>EXPORT40</code>, <code>EXPORT56</code>, <code>KRB5</code>, - <code>kFZA</code>, <code>aFZA</code>, <code>eFZA</code> and - <code>FZA</code> are no longer supported when setting the - <code>ciphers</code> attribute of an <code>SSLHostConfig</code> element. - (markt) - </fix> - <fix> - To maintain the documented alignment with the OpenSSL development - branch, add support for the aliases <code>ARIAGCM</code> and - <code>CBC</code>when setting the <code>ciphers</code> attribute of - an <code>SSLHostConfig</code> element. (markt) - </fix> - <add> - <bug>69870</bug>: Add a <code>drainTimeout</code> to the HTTP/2 - <code>UpgradeProtocol</code> element to allow configuration of an - time between the two final <code>GOAWAY</code> frames sent by Tomcat - when closing am HTTP/2 connection. Pull request <pr>917</pr> provided by - Kai Burjack. (markt) - </add> - <update> - Update the minimum recommended version of Tomcat Native so that users of - 1.3.x are recommended to update to 2.0.x. (markt) - </update> - <fix> - Respect the value for the <code>jdk.tls.namedGroups</code> system - property as the default value for the configured group list on the - Connector. (remm) - </fix> - <fix> - <bug>69964</bug>: Respect the configured cipher order, which was no - longer respected following the addition of TLS 1.3 specific cipher - configuration. TLS 1.3 ciphers will always be first in the list. (remm) - </fix> - <fix> - Free the x509 object in the FFM code when getting the peer certificate - if getting the bytes from the certificate somehow fails. - Pull request <pr>951</pr> provided by Chenjp. (remm) - </fix> - <fix> - Improve HPACK exception use, making sure <code>HpackException</code> - is thrown instead of unexpected types. (remm) - </fix> - <fix> - Update the parser for the HTTP <code>Host</code> header and - <code>:authority</code> pseudo header to convert the port, if any, to an - <code>Integer</code> rather than a <code>Long</code> to be consistent - with how port is exposed in the Servlet API. (markt) - </fix> - <scode> - Replace the external OpenSSL based OCSP responder used during unit tests - with a Bouncy Castle based, in-process Java OCSP responder. (markt) - </scode> - <fix> - Relax HTTP/2 header validation and respond to invalid requests with a - stream reset or a 400 response as appropriate rather then with a - connection reset. (markt) - </fix> - <fix> - Add validation of chunk extensions for chunked transfer encoding. - (markt) - </fix> - <update> - Update the recommended version for Tomcat Native 2.x to 2.0.14. (markt) - </update> - <fix> - Align the FFM handling of OCSP <code>TRY_LATER</code> responses with - Tomcat Native. (remm) - </fix> - <fix> - Free CA certificate after calling <code>SSL_CTX_add_client_CA</code> - in the FFM code. Based on code from PR 44 from tomcat-native. (remm) - </fix> - <fix> - Free certificate chain if an error occurs, in the FFM code. (remm) - </fix> - <fix> - Report handshake issues as <code>SSLException</code> in the FFM - code, rather than <code>IllegalStateException</code>. (remm) - </fix> - <fix> - Fix case sensitive handling of the protocol host name. (remm) - </fix> </changelog> </subsection> <subsection name="Jasper"> @@ -360,19 +256,6 @@ (markt) </add> <!-- Entries for backport and removal before 12.0.0-M1 below this line --> - <fix> - <bug>69948</bug>: Avoid ArrayOutOfBoundsException instead of - PropertyNotFoundException when generating a properties not found - exception in AstValue. Based on <pr>950</pr> submitted by Jérôme - Besnard. (remm) - </fix> - <add> - Add support for specifying Java 27 (with the value <code>27</code>) as - the compiler source and/or compiler target for JSP compilation. If used - with an Eclipse JDT compiler version that does not support these values, - a warning will be logged and the default will be used. - (markt) - </add> </changelog> </subsection> <subsection name="Cluster"> @@ -382,14 +265,6 @@ <code>AES/GCM/NoPadding</code>. (markt) </scode> <!-- Entries for backport and removal before 12.0.0-M1 below this line --> - <fix> - <bug>69970</bug>: Support raw IPv6 in Kubernetes membership provider - for the service host. (remm) - </fix> - <add> - Add support for new algorithms provided by JPA providers to the - <code>EncyptInterceptor</code>. (markt) - </add> </changelog> </subsection> <subsection name="WebSocket"> @@ -445,36 +320,6 @@ Update Derby to 10.17.1.0. (markt) </update> <!-- Entries for backport and removal before 12.0.0-M1 below this line --> - <update> - Update the internal fork of Apache Commons BCEL to 6.12.0. (markt) - </update> - <update> - Update to the Eclipse JDT compiler 4.39. (markt) - </update> - <update> - Update Tomcat Native to 2.0.14. (markt) - </update> - <update> - Update Objenesis to 3.5. (markt) - </update> - <update> - Update Byte Buddy to 1.18.7. (markt) - </update> - <update> - Update Checkstyle to 13.3.0. (markt) - </update> - <update> - Update BND to 7.2.1. (markt) - </update> - <update> - Improvements to French translations. (remm) - </update> - <update> - Improvements to Chinese translations provided by eaststrongox. (markt) - </update> - <update> - Improvements to Japanese translations provided by tak7iji. (markt) - </update> </changelog> </subsection> </section> --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
