Content

Older news

Announcements from previous years can be found here:

2025-06-10 Tomcat 9.0.106 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.106 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.105 include:

  • Provide finer grained control of multi-part request processing via two new attributes on the Connector element.
  • Mark the JSP wrapper for reload after a failed compilation.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2025-06-09 Tomcat 11.0.8 Released

The Apache Tomcat Project is proud to announce the release of version 11.0.8 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 11 platform.

Users of Tomcat 10 onwards should be aware that, as a result of the move from Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse Foundation, the primary package for all implemented APIs has changed from javax.* to jakarta.*. This will almost certainly require code changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later. A migration tool is available to aid this process.

The notable changes in this release are:

  • Provide finer grained control of multi-part request processing via two new attributes on the Connector element.
  • Mark the JSP wrapper for reload after a failed compilation.
  • Update Tomcat Native to 2.0.9 including Windows binaries built with OpenSSL 3.5.0.

Full details of these changes, and all the other changes, are available in the Tomcat 11 changelog.

Download

2025-06-09 Tomcat 10.1.42 Released

The Apache Tomcat Project is proud to announce the release of version 10.1.42 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 10 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Provide finer grained control of multi-part request processing via two new attributes on the Connector element.
  • Mark the JSP wrapper for reload after a failed compilation.
  • Update Tomcat Native to 2.0.9 including Windows binaries built with OpenSSL 3.5.0.

Full details of these changes, and all the other changes, are available in the Tomcat 10.1 changelog.

Download

2025-05-12 Tomcat 9.0.105 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.105 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.104 include:

  • Process possible path parameters rewrite production in the rewrite valve.
  • Enable allowLinking to be set on PreResources, JarResources and PostResources. If not set explicitly, the setting will be inherited from the Resources.
  • Add support for optimized execution of c:set and c:remove tags, when activated via JSP servlet param useNonstandardTagOptimizations.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2025-05-12 Tomcat 10.1.41 Released

The Apache Tomcat Project is proud to announce the release of version 10.1.41 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 10 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Process possible path parameters rewrite production in the rewrite valve.
  • Enable allowLinking to be set on PreResources, JarResources and PostResources. If not set explicitly, the setting will be inherited from the Resources.
  • Add support for optimized execution of c:set and c:remove tags, when activated via JSP servlet param useNonstandardTagOptimizations.

Full details of these changes, and all the other changes, are available in the Tomcat 10.1 changelog.

Download

2025-05-13 Tomcat 11.0.7 Released

The Apache Tomcat Project is proud to announce the release of version 11.0.7 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 11 platform.

Users of Tomcat 10 onwards should be aware that, as a result of the move from Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse Foundation, the primary package for all implemented APIs has changed from javax.* to jakarta.*. This will almost certainly require code changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later. A migration tool is available to aid this process.

The notable changes in this release are:

  • Process possible path parameters rewrite production in the rewrite valve.
  • Enable allowLinking to be set on PreResources, JarResources and PostResources. If not set explicitly, the setting will be inherited from the Resources.
  • Add support for optimized execution of c:set and c:remove tags, when activated via JSP servlet param useNonstandardTagOptimizations.

Full details of these changes, and all the other changes, are available in the Tomcat 11 changelog.

Download

2025-04-09 Tomcat 11.0.6 Released

The Apache Tomcat Project is proud to announce the release of version 11.0.6 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 11 platform.

Users of Tomcat 10 onwards should be aware that, as a result of the move from Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse Foundation, the primary package for all implemented APIs has changed from javax.* to jakarta.*. This will almost certainly require code changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later. A migration tool is available to aid this process.

The notable changes in this release are:

  • Remove the requirement that an MD5 implementation must be provided by JRE.
  • Improve the handling of %nn URL encoding in the RewriteValve
  • Various improvements to the JsonErrorReportValve

Full details of these changes, and all the other changes, are available in the Tomcat 11 changelog.

Download

2025-04-09 Tomcat 9.0.104 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.104 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.102 include:

  • Remove the requirement that an MD5 implementation must be provided by JRE.
  • Improve the handling of %nn URL encoding in the RewriteValve.
  • Various improvements to the JsonErrorReportValve.
  • Simplify build process by requiring Java 22 or newer for the release package.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2025-04-08 Tomcat 10.1.40 Released

The Apache Tomcat Project is proud to announce the release of version 10.1.40 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 10 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Remove the requirement that an MD5 implementation must be provided by JRE.
  • Improve the handling of %nn URL encoding in the RewriteValve
  • Various improvements to the JsonErrorReportValve

Full details of these changes, and all the other changes, are available in the Tomcat 10.1 changelog.

Download

2025-03-06 Tomcat 9.0.102 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.102 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.100 include:

  • Improve the checks for exposure to and protection against CVE-2024-56337 so that reflection is not used unless required. The checks for whether the file system is case sensitive or not have been removed.
  • Use Transfer-Encoding for compression rather than Content-Encoding if the client submits a TE header containing gzip.
  • Add makensis as an option for building the Installer for Windows on non-Windows platforms.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2025-03-05 Tomcat 11.0.5 Released

The Apache Tomcat Project is proud to announce the release of version 11.0.5 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 11 platform.

Users of Tomcat 10 onwards should be aware that, as a result of the move from Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse Foundation, the primary package for all implemented APIs has changed from javax.* to jakarta.*. This will almost certainly require code changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later. A migration tool is available to aid this process.

The notable changes in this release are:

  • Improve the checks for exposure to and protection against CVE-2024-56337 so that reflection is not used unless required. The checks for whether the file system is case sensitive or not have been removed.
  • Use Transfer-Encoding for compression rather than Content-Encoding if the client submits a TE header containing gzip.
  • Add makensis as an option for building the Installer for Windows on non-Windows platforms.

Full details of these changes, and all the other changes, are available in the Tomcat 11 changelog.

Download

2025-03-07 Tomcat 10.1.39 Released

The Apache Tomcat Project is proud to announce the release of version 10.1.39 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 10 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Improve the checks for exposure to and protection against CVE-2024-56337 so that reflection is not used unless required. The checks for whether the file system is case sensitive or not have been removed.
  • Use Transfer-Encoding for compression rather than Content-Encoding if the client submits a TE header containing gzip.
  • Add makensis as an option for building the Installer for Windows on non-Windows platforms.

Full details of these changes, and all the other changes, are available in the Tomcat 10.1 changelog.

Download

2025-02-18 Tomcat 10.1.36 Released

The Apache Tomcat Project is proud to announce the release of version 10.1.36 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 10 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Fix 69576. Add a catch for InaccessibleObjectException to avoid embedded users having to add an additional --add-opens
  • Add a JSON formatter to JULI

Full details of these changes, and all the other changes, are available in the Tomcat 10.1 changelog.

Download

2025-02-17 Tomcat 9.0.100 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.100 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.99 include:

  • Fix a regression in 9.0.99 and add a catch for InaccessibleObjectException to avoid users of embedded Tomcat having to add an additional --add-opens.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2025-02-17 Tomcat 11.0.4 Released

The Apache Tomcat Project is proud to announce the release of version 11.0.4 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 11 platform.

Users of Tomcat 10 onwards should be aware that, as a result of the move from Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse Foundation, the primary package for all implemented APIs has changed from javax.* to jakarta.*. This will almost certainly require code changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later. A migration tool is available to aid this process.

The notable changes in this release are:

  • Fix a regression in 11.0.3 and add a catch for InaccessibleObjectException to avoid users of embedded Tomcat having to add an additional --add-opens.

Full details of these changes, and all the other changes, are available in the Tomcat 11 changelog.

Download

2025-02-10 Tomcat 10.1.35 Released

The Apache Tomcat Project is proud to announce the release of version 10.1.35 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 10 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Allow readOnly attribute configuration on the Resources element and allow configuration of the readOnly attribute value of the main resources. The attribute value will also be used by the default and WebDAV Servlets.
  • Correct a regression in the fix for bug 69382 that broke JSP include actions if both the page attribute and the body contained parameters. Pull request #803 provided by Chenjp.
  • Expand the options for handling encoded '/' and '\' characters in URLs both in the Connector and when using a RequestDispatcher.

Full details of these changes, and all the other changes, are available in the Tomcat 10.1 changelog.

Download

2025-02-10 Tomcat 9.0.99 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.99 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.98 include:

  • Allow readOnly attribute configuration on the Resources element and allow configuration of the readOnly attribute value of the main resources. The attribute value will also be used by the default and WebDAV Servlets.
  • Correct a regression in the fix for bug 69382 that broke JSP include actions if both the page attribute and the body contained parameters. Pull request #803 provided by Chenjp.
  • Expand the options for handling encoded '/' and '\' characters in URLs both in the Connector and when using a RequestDispatcher.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2025-02-10 Tomcat 11.0.3 Released

The Apache Tomcat Project is proud to announce the release of version 11.0.3 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 11 platform.

Users of Tomcat 10 onwards should be aware that, as a result of the move from Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse Foundation, the primary package for all implemented APIs has changed from javax.* to jakarta.*. This will almost certainly require code changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later. A migration tool is available to aid this process.

The notable changes in this release are:

  • Allow readOnly attribute configuration on the Resources element and allow configuration of the readOnly attribute value of the main resources. The attribute value will also be used by the default and WebDAV Servlets.
  • Correct a regression in the fix for bug 69382 that broke JSP include actions if both the page attribute and the body contained parameters. Pull request #803 provided by Chenjp
  • Expand the options for handling encoded '/' and '\' characters in URLs both in the Connector and when using a RequestDispatcher.

Full details of these changes, and all the other changes, are available in the Tomcat 11 changelog.

Download