Content

Older news

Announcements from previous years can be found here:

2021-08-16 Tomcat 8.5.70 Released

The Apache Tomcat Project is proud to announce the release of version 8.5.70 of Apache Tomcat. This release implements specifications that are part of the Java EE 7 platform. The notable changes compared to 8.5.70 include:

  • Correct a regression in the previous release in the HTTP/2 flow control window management along with additional improvements to HTTP/2 flow control
  • Make the CorsFilter simpler to extend
  • To avoid unnecessary cache revalidation, do not add an HTTP Expires header when setting adding an HTTP header of CacheControl: private

Full details of these changes, and all the other changes, are available in the Tomcat 8.5 changelog.

Download

2021-08-06 Tomcat 9.0.52 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.52 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.50 include:

  • Correct a regression in the previous release in the HTTP/2 flow control window management
  • Correct a regression the could cause some TLS connections to hang when using NIO
  • Use of GraalVM native images no longer automatically disables JMX support

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2021-08-06 Tomcat 10.1.0-M4 (alpha) Released

The Apache Tomcat Project is proud to announce the release of version 10.1.0-M4 of Apache Tomcat. This release is a milestone release and is targeted at Jakarta EE 10.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • The minimum Java version has been increased to Java 11 to align with the plans for the Jakarta EE 10 platform
  • Correct a regression in the previous release in the HTTP/2 flow control window management
  • Enable EL lambda expressions to be coerced to functional interfaces. This is an implementation of a proposed extension to the Jakarta Expression Language specification.

Full details of these changes, and all the other changes, are available in the Tomcat 10.1 (alpha) changelog.

Download

2021-08-05 Tomcat 10.0.10 Released

The Apache Tomcat Project is proud to announce the release of version 10.0.10 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 9 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Correct a regression in the previous release in the HTTP/2 flow control window management
  • Correct a regression the could cause some TLS connections to hang when using NIO
  • Use of GraalVM native images no longer automatically disables JMX support.

Full details of these changes, and all the other changes, are available in the Tomcat 10 changelog.

Download

2021-07-05 Tomcat 8.5.69 Released

The Apache Tomcat Project is proud to announce the release of version 8.5.69 of Apache Tomcat. This release implements specifications that are part of the Java EE 7 platform. The notable changes compared to 8.5.68 include:

  • Re-work the HTTP/2 overhead protection to reduce the likelihood of false positives. Note that the default overheadCountFactor has changed from 1 to 10 and that the useful range is now 0 to ~20.
  • Fix regressions in JSP compilation in the previous release.
  • Improve HTTP header parsing to ignore empty elements in 1#token values, as per RFC 7230 section 7.

Full details of these changes, and all the other changes, are available in the Tomcat 8.5 changelog.

Download

2021-07-02 Tomcat 9.0.50 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.50 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.48 include:

  • Re-work the HTTP/2 overhead protection to reduce the likelihood of false positives. Note that the default overheadCountFactor has changed from 1 to 10 and that the useful range is now 0 to ~20.
  • Update to Eclipse JDT compiler 4.20.
  • Fix regressions in JSP compilation in the previous release.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2021-07-02 Tomcat 10.0.8 Released

The Apache Tomcat Project is proud to announce the release of version 10.0.8 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 9 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Re-work the HTTP/2 overhead protection to reduce the likelihood of false positives. Note that the default overheadCountFactor has changed from 1 to 10 and that the useful range is now 0 to ~20.
  • Update to Eclipse JDT compiler 4.20.
  • Fix regressions in JSP compilation in the previous release.

Full details of these changes, and all the other changes, are available in the Tomcat 10 changelog.

Download

2021-07-02 Tomcat 10.1.0-M2 (alpha) Released

The Apache Tomcat Project is proud to announce the release of version 10.1.0-M2 of Apache Tomcat. This release is a milestone release and is targeted at Jakarta EE 10.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Re-work the HTTP/2 overhead protection to reduce the likelihood of false positives. Note that the default overheadCountFactor has changed from 1 to 10 and that the useful range is now 0 to ~20.
  • Update to Eclipse JDT compiler 4.20.
  • Fix regressions in JSP compilation in the previous release.

Full details of these changes, and all the other changes, are available in the Tomcat 10.1 (alpha) changelog.

Download

2021-06-15 Tomcat 8.5.68 Released

The Apache Tomcat Project is proud to announce the release of version 8.5.68 of Apache Tomcat. This release implements specifications that are part of the Java EE 7 platform. The notable changes compared to 8.5.66 include:

  • Improve robustness of HTTP/2 HPACK decoding
  • Improvements to the handling of the Transfer-Encoding header
  • Review code used to generate Java source from JSPs and tags and remove code found to be unnecessary.

Full details of these changes, and all the other changes, are available in the Tomcat 8.5 changelog.

Download

2021-06-15 Tomcat 9.0.48 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.48 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.48 include:

  • Improve robustness of HTTP/2 HPACK decoding.
  • Improvements to the handling of the Transfer-Encoding header.
  • Review code used to generate Java source from JSPs and tags and remove code found to be unnecessary.
  • Backport the updated blocking NIO code and optimizations from Tomcat 10.0.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2021-06-15 Tomcat 10.0.7 Released

The Apache Tomcat Project is proud to announce the release of version 10.0.7 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 9 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Improve robustness of HTTP/2 HPACK decoding
  • Improvements to the handling of the Transfer-Encoding header
  • Review code used to generate Java source from JSPs and tags and remove code found to be unnecessary.
    Warning: Please test that all your JSP pages are compiled successfully. There are known regressions caused by this change, to be fixed in the next release. See bugs 65387, 65390.

Full details of these changes, and all the other changes, are available in the Tomcat 10 changelog.

Download

2021-06-15 Tomcat 10.1.0-M1 (alpha) Released

The Apache Tomcat Project is proud to announce the release of version 10.1.0-M1 of Apache Tomcat. This release is a milestone release and is targeted at Jakarta EE 10.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Remove code (but not the APR/Native Connector) previously marked for removal in 10.1.x The APR/Native Connector will almost certainly be removed in a future milestone.
  • Align the Servlet API implementation with the current Servlet API development branch.
  • Align the EL API implementation with the current El API development branch.

Full details of these changes, and all the other changes, are available in the Tomcat 10.1 (alpha) changelog.

Download

2021-06-04 Tomcat Native 1.2.30 Released

The Apache Tomcat Project is proud to announce the release of version 1.2.30 of Tomcat Native. The notable changes since 1.2.28 include:

  • Fix an issue where some Windows systems in some configurations would only listen on IPv6 addresses on dual stack systems even though configured to listen on both IPv6 and IPv4 addresses.
  • Additional fix for bug 65181 (support loading private keys in proprietary formats).

Download | ChangeLog for 1.2.30

2021-05-12 Tomcat 9.0.46 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.46 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.45 include:

  • Ensure the correct escaping of attribute values and search filters in the JNDIRealm.
  • HandlesTypes should include classes that use the specified annotation types on fields or methods.
  • Refactor the creation of WebSocket end point, decoder and encoder instances to be more IoC friendly. Instances are now created via the InstanceManager where possible.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2021-05-12 Tomcat 10.0.6 Released

The Apache Tomcat Project is proud to announce the release of version 10.0.6 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 9 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Ensure the correct escaping of attribute values and search filters in the JNDIRealm.
  • HandlesTypes should include classes that use the specified annotation types on fields or methods.
  • Refactor the creation of WebSocket end point, decoder and encoder instances to be more IoC friendly. Instances are now created via the InstanceManager where possible.

Full details of these changes, and all the other changes, are available in the Tomcat 10 changelog.

Download

2021-05-12 Tomcat 8.5.66 Released

The Apache Tomcat Project is proud to announce the release of version 8.5.66 of Apache Tomcat. This release implements specifications that are part of the Java EE 7 platform. The notable changes compared to 8.5.65 include:

  • Ensure the correct escaping of attribute values and search filters in the JNDIRealm.
  • HandlesTypes should include classes that use the specified annotation types on fields or methods.
  • Refactor the creation of WebSocket end point, decoder and encoder instances to be more IoC friendly. Instances are now created via the InstanceManager where possible.

Full details of these changes, and all the other changes, are available in the Tomcat 8.5 changelog.

Download

2021-04-06 Tomcat 10.0.5 Released

The Apache Tomcat Project is proud to announce the release of version 10.0.5 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 9 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Fix a regression in 10.0.4 that meant that an error during an asynchronous read broke all future asynchronous reads associated with the same request instance.
  • Prevent concurrent calls to ServletInputStream.isReady() corrupting the input buffer.
  • Update the packaged version of Tomcat Native to 1.2.27 to pick up binaries built with OpenSSL 1.1.1k.

Full details of these changes, and all the other changes, are available in the Tomcat 10 changelog.

Download

2021-04-06 Tomcat 9.0.45 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.45 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.44 include:

  • Fix a regression in 9.0.44 that meant that an error during an asynchronous read broke all future asynchronous reads associated with the same request instance.
  • Prevent concurrent calls to ServletInputStream.isReady() corrupting the input buffer.
  • Update the packaged version of Tomcat Native to 1.2.27 to pick up binaries built with OpenSSL 1.1.1k.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2020-04-06 Tomcat 8.5.65 Released

The Apache Tomcat Project is proud to announce the release of version 8.5.65 of Apache Tomcat. This release implements specifications that are part of the Java EE 7 platform. The notable changes compared to 8.5.64 include:

  • Fix a regression in 8.5.64 that meant that an error during an asynchronous read broke all future asynchronous reads associated with the same request instance.
  • Prevent concurrent calls to ServletInputStream.isReady() corrupting the input buffer.
  • Update the packaged version of Tomcat Native to 1.2.27 to pick up binaries built with OpenSSL 1.1.1k.

Full details of these changes, and all the other changes, are available in the Tomcat 8.5 changelog.

Download

2021-04-06 Tomcat Native 1.2.28 Released

The Apache Tomcat Project is proud to announce the release of version 1.2.28 of Tomcat Native. The notable changes since 1.2.27 include:

  • Correct a regression in the fix for 65181 that prevented an error message from being displayed if an invalid key file was provided and no OpenSSL Engine was configured.

Download | ChangeLog for 1.2.28

2021-03-29 Tomcat Native 1.2.27 Released

The Apache Tomcat Project is proud to announce the release of version 1.2.27 of Tomcat Native. The notable changes since 1.2.26 include:

  • Windows binaries built using OpenSSL 1.1.1k
  • Improve support for using OpenSSL Engines that use proprietary key formats. Patch provided by Edin Hodzic. (bug 65181)

Download | ChangeLog for 1.2.26

2021-03-10 Tomcat 10.0.4 Released

The Apache Tomcat Project is proud to announce the release of version 10.0.4 of Apache Tomcat. This release is targeted at Jakarta EE 9.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

  • Integration of the Apache Tomcat Migration Tool for Jakarta EE via the webapps-javaee directory
  • Improvements to Async and non-blocking IO error handling
  • Add support for Unix Domain Sockets to the APR/Native connector

Full details of these changes, and all the other changes, are available in the Tomcat 10 changelog.

Download

2021-03-10 Tomcat 9.0.44 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.44 of Apache Tomcat. The notable changes compared to 9.0.43 include:

  • Improvements to Async and non-blocking IO error handling
  • Improvements to handling of OpenSSL errors
  • Align the behaviour when null is passed to the ServletResponse methods setCharacterEncoding(), setContentType() and setLocale() with the recent clarification from the Jakarta Servlet project of the expected behaviour in these cases.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2020-03-10 Tomcat 8.5.64 Released

The Apache Tomcat Project is proud to announce the release of version 8.5.64 of Apache Tomcat. Apache Tomcat 8.5.x replaces 8.0.x and includes new features pulled forward from Tomcat 9.0.x. The minimum Java version and implemented specification versions remain unchanged. The notable changes compared to 8.5.63 include:

  • Improvements to Async and non-blocking IO error handling
  • Improvements to handling of OpenSSL errors
  • Align the behaviour when null is passed to the ServletResponse methods setCharacterEncoding(), setContentType() and setLocale() with the recent clarification from the Jakarta Servlet project of the expected behaviour in these cases.

Full details of these changes, and all the other changes, are available in the Tomcat 8.5 changelog.

Download

2021-02-18 Tomcat Migration Tool for Jakarta EE 0.2.0 Released

The Apache Tomcat Project is proud to announce the release of 0.2.0 of the Apache Tomcat Migration Tool for Jakarta EE. This release contains a number of bug fixes and improvements compared to version 0.1.0.

The notable changes in this release are:

  • Various fixes to the packages that are and are not converted
  • A new option to process zip archives in memory to support zip files that use options that are incompatible with a streaming approach
  • A new option to exclude files from transformation

Full details of these changes, and all the other changes, are available in the changelog.

Download

2021-02-05 Tomcat 7.0.108 Released

The Apache Tomcat Project is proud to announce the release of version 7.0.108 of Apache Tomcat. This release implements specifications that are part of the Java EE 6 platform. This release contains a number of bug fixes and improvements compared to version 7.0.107.

  • Fix a potential file descriptor leak when WebSocket connections are attempted and fail. Patch provided by Maurizio Adami.

Full details of these changes, and all the other changes, are available in the Tomcat 7 changelog.

Note: End of life date for Apache Tomcat 7.0.x is announced. Read more...

Download

2021-02-02 Tomcat 10.0.2 Released

The Apache Tomcat Project is proud to announce the release of version 10.0.2 of Apache Tomcat. This release is the first stable release in the 10.0.x series and is targeted at Jakarta EE 9.

Users of Tomcat 10 onwards should be aware that, as a result of the move from Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse Foundation, the primary package for all implemented APIs has changed from javax.* to jakarta.*. This will almost certainly require code changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later. A migration tool is under development to aid this process.

The notable changes in this release are:

  • Add support for using Unix domain sockets for NIO when running on Java 16 or later.
  • Add a new StringInterpreter interface that allows applications to provide customised string attribute value to type conversion within JSPs. This allows applications to provide a conversion implementation that is optimised for the application.
  • Add peerAddress to coyote request, which contains the IP address of the direct connection peer. If a reverse proxy sits in front of Tomcat and the RemoteIp(Valve|Filter) is used, the peerAddress is likely to differ from the remoteAddress. The remoteAddress is likely to contain the address of the client in front of the reverse proxy, not the address of the proxy itself.

Full details of these changes, and all the other changes, are available in the Tomcat 10 changelog.

Download

2021-02-02 Tomcat 9.0.43 Released

The Apache Tomcat Project is proud to announce the release of version 9.0.43 of Apache Tomcat. The notable changes compared to 9.0.41 include:

  • Add support for using Unix domain sockets for NIO when running on Java 16 or later.
  • Add a new StringInterpreter interface that allows applications to provide customised string attribute value to type conversion within JSPs. This allows applications to provide a conversion implementation that is optimised for the application.
  • Add peerAddress to coyote request, which contains the IP address of the direct connection peer. If a reverse proxy sits in front of Tomcat and the RemoteIp(Valve|Filter) is used, the peerAddress is likely to differ from the remoteAddress. The remoteAddress is likely to contain the address of the client in front of the reverse proxy, not the address of the proxy itself.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

2020-02-03 Tomcat 8.5.63 Released

The Apache Tomcat Project is proud to announce the release of version 8.5.63 of Apache Tomcat. Apache Tomcat 8.5.x replaces 8.0.x and includes new features pulled forward from Tomcat 9.0.x. The minimum Java version and implemented specification versions remain unchanged. The notable changes compared to 8.5.61 include:

  • Add a new StringInterpreter interface that allows applications to provide customised string attribute value to type conversion within JSPs. This allows applications to provide a conversion implementation that is optimised for the application.
  • Add peerAddress to coyote request, which contains the IP address of the direct connection peer. If a reverse proxy sits in front of Tomcat and the RemoteIp(Valve|Filter) is used, the peerAddress is likely to differ from the remoteAddress. The remoteAddress is likely to contain the address of the client in front of the reverse proxy, not the address of the proxy itself.
  • Escape elements in the access log that need to be escaped for the access log to be parsed unambiguously.

Full details of these changes, and all the other changes, are available in the Tomcat 8.5 changelog.

Download