Am 16.03.26 um 16:26 schrieb Rémy Maucherat:
The proposed Apache Tomcat 9.0.116 release is now available for voting.
The notable changes compared to 9.0.115 are:
- Relax HTTP/2 header validation and respond to invalid requests with
a stream reset or a 400 response as appropriate rather then with a
connection reset.
- Fix bug 69964: Respect the configured cipher order, which was no
longer respected following the addition of TLS 1.3 specific cipher
configuration. TLS 1.3 ciphers will always be first in the list.
- Update Tomcat Native to 1.3.7 / 2.0.14 and increase the recommended
version to 1.3.7 / 2.0.14
For full details, see the changelog:
https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html
It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.116/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1583
The tag is:
https://github.com/apache/tomcat/tree/9.0.116
d2c7dce5e94d6d1d81ad7d66402140b1c1962a53
The proposed 9.0.116 release is:
[ ] -1, Broken - do not release
[X] +1, Stable - go ahead and release as 9.0.116
+1 to release.
Reproducibility of the build checked (including the Windows installer)
using "ant verify-release" on Linux Mint 22.3. OK after setting LANG.
Original Windows installer signature verified with osslsigncode 2.10.
Unit tests ran on platforms
- RHEL 7, 8, 9 and 10 and SLES 12 and 15
using
- recent patch versions of JDK 1.8.0, 11, 17, 21, 25, 26 (only OpenJDK
GA) and 27 (EA)
from
- Eclipse Adoptium, Azul Zulu, Amazon Coretto, Oracle, RedHat and
OpenJDK (for 26 and 27)
where available.
Also tested with
- tcnative 1.3.7, 2.0.14 and panama
- tcnative including post-release memory leak patches
based on
- OpenSSL 3.0.19, 3.5.5, 3.6.1 and 4.0.0-alpha1 (for tcnative 2 and panama)
- OpenSSL containing one post-release patch for 3.5 and 3.6.
Not all test runs are done yet, but by far most of them. Only some
JDK25, 26 and 27 on RHEL still need to run.
Test observations:
- IMHO none critical
- TestOcspSoftFailTryLater often fails with jsse
(any JDK version)
- For TC 11 it was only for NIO2 and either
java.net.SocketException: Broken pipe or
java.net.SocketException: Connection reset by peer
- TestOcspEnabled sometimes fails when using panama
- TestOcspEnabled sometimes fails when using tcnative and JDK21+
(no crash case)
- in addition very few sporadic failures and or crashes
(8 without crash, 19 with crash; total 1150 test runs until now)
Thanks for RM!
Best regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
