Re: [VOTE] Release Apache Tomcat 10.1.0-M14

[Felix Schumacher <fe...@internetallee.de>]

Am 31.03.22 um 15:57 schrieb Mark Thomas:
> The proposed Apache Tomcat 10.1.0-M14 release is now available for
> voting.
>
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 
> 10 without changes. Java EE applications designed for Tomcat 9 and 
> earlier may be placed in the $CATALINA_BASE/webapps-javaee directory 
> and Tomcat will automatically convert them to Jakarta EE and copy them 
> to the webapps directory.
>
> The notable changes compared to 10.1.0-M12 are:
>
> - Update the packaged version of the Tomcat Native Library to 1.2.32 to
>   pick up Windows binaries built with OpenSSL 1.1.1n.
>
> - Improve logging of unknown HTTP/2 settings frames. Pull request by
>   Thomas Hoffmann.
>
> - Update the JASPIC 2.0 API to Jakarta Authentication 3.0 (JASPIC was
>   renamed for Jakarta EE 10)
>
> - Harden the class loader to provide a mitigation for CVE-2022-22965
>   a Spring Framework vulnerability
>
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.0-M14/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1367
>
> The tag is:
> https://github.com/apache/tomcat/tree/10.1.0-M14
> 02e84c839def0228475fad85d0b19abc2f70b03f
>
>
> The proposed 10.1.0-M14 release is:
> [ ] Broken - do not release
> [x] Alpha - go ahead and release as 10.1.0-M14 (alpha)

unit test run on Java 11 and Linux

Felix

>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
>