Content

Older news

Announcements from previous years can be found here:

2015-01-15 Tomcat 8.0.17 Released

The Apache Tomcat Project is proud to announce the release of version 8.0.17 of Apache Tomcat. Apache Tomcat 8.0.17 includes numerous fixes for issues identified in 8.0.15 as well as a number of other enhancements and changes. The notable changes since 8.0.15 include:

  • Fixing a regression in annotation scanning introduced in 8.0.15
  • The RemoteAddrValve and RemoteHostValve can now optionally include the port when filtering along with a new option to trigger authentication rather than denying access
  • Various edge cases fixes in WebSocket

Warning: The following notable bug was found in 8.0.17: 57476: some HTTP responses may be truncated. The team works on preparing the next release (8.0.18) to address this issue.

Full details of these changes, and all the other changes, are available in the Tomcat 8 changelog.

Download

2014-11-07 Tomcat 8.0.15 Released

The Apache Tomcat Project is proud to announce the release of version 8.0.15 of Apache Tomcat. Apache Tomcat 8.0.15 includes numerous fixes for issues identified in 8.0.14 as well as a number of other enhancements and changes. The notable changes since 8.0.14 include:

  • Add support for RFC6265 cookie parsing and generation. This is currently disabled by default and may be enabled via the CookieProcessor element of a Context.
  • Add pluggable password derivation support to the Realms via the new CredentialHandler interface.
  • Add support for TLSv1.1 and TLSv1.2 for APR connector. Based upon a patch by Marcel Ĺ ebek. This feature requires Tomcat Native library 1.1.32 or later.
  • Disable SSLv3 by default for all HTTPS connectors.

Full details of these changes, and all the other changes, are available in the Tomcat 8 changelog.

Download