Apache Tomcat^®

Announcements from previous years can be found here:

• year 2021
• year 2020
• year 2019
• year 2018
• year 2017
• year 2016
• year 2015
• year 2014
• year 2013
• year 2012
• year 2011
• year 2010

The Apache Tomcat Project is proud to announce the release of version 10.0.5 of Apache Tomcat. This release implements specifications that are part of the Jakarta EE 9 platform.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE based applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

• Fix a regression in 10.0.4 that meant that an error during an asynchronous read broke all future asynchronous reads associated with the same request instance.
• Prevent concurrent calls to ServletInputStream.isReady() corrupting the input buffer.
• Update the packaged version of Tomcat Native to 1.2.27 to pick up binaries built with OpenSSL 1.1.1k.

Full details of these changes, and all the other changes, are available in the Tomcat 10 changelog.

Download

The Apache Tomcat Project is proud to announce the release of version 9.0.45 of Apache Tomcat. This release implements specifications that are part of the Java EE 8 platform. The notable changes compared to 9.0.44 include:

• Fix a regression in 9.0.44 that meant that an error during an asynchronous read broke all future asynchronous reads associated with the same request instance.
• Prevent concurrent calls to ServletInputStream.isReady() corrupting the input buffer.
• Update the packaged version of Tomcat Native to 1.2.27 to pick up binaries built with OpenSSL 1.1.1k.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

The Apache Tomcat Project is proud to announce the release of version 8.5.65 of Apache Tomcat. This release implements specifications that are part of the Java EE 7 platform. The notable changes compared to 8.5.64 include:

• Fix a regression in 8.5.64 that meant that an error during an asynchronous read broke all future asynchronous reads associated with the same request instance.
• Prevent concurrent calls to ServletInputStream.isReady() corrupting the input buffer.
• Update the packaged version of Tomcat Native to 1.2.27 to pick up binaries built with OpenSSL 1.1.1k.

Full details of these changes, and all the other changes, are available in the Tomcat 8.5 changelog.

Download

The Apache Tomcat Project is proud to announce the release of version 1.2.28 of Tomcat Native. The notable changes since 1.2.27 include:

• Correct a regression in the fix for 65181 that prevented an error message from being displayed if an invalid key file was provided and no OpenSSL Engine was configured.

Download | ChangeLog for 1.2.28

The Apache Tomcat Project is proud to announce the release of version 1.2.27 of Tomcat Native. The notable changes since 1.2.26 include:

• Windows binaries built using OpenSSL 1.1.1k
• Improve support for using OpenSSL Engines that use proprietary key formats. Patch provided by Edin Hodzic. (bug 65181)

Download | ChangeLog for 1.2.26

The Apache Tomcat Project is proud to announce the release of version 10.0.4 of Apache Tomcat. This release is targeted at Jakarta EE 9.

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 without changes. Java EE applications designed for Tomcat 9 and earlier may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will automatically convert them to Jakarta EE and copy them to the webapps directory. This conversion is performed using the Apache Tomcat migration tool for Jakarta EE tool which is also available as a separate download for off-line use.

The notable changes in this release are:

• Integration of the Apache Tomcat Migration Tool for Jakarta EE via the webapps-javaee directory
• Improvements to Async and non-blocking IO error handling
• Add support for Unix Domain Sockets to the APR/Native connector

Full details of these changes, and all the other changes, are available in the Tomcat 10 changelog.

Download

The Apache Tomcat Project is proud to announce the release of version 9.0.44 of Apache Tomcat. The notable changes compared to 9.0.43 include:

• Improvements to Async and non-blocking IO error handling
• Improvements to handling of OpenSSL errors
• Align the behaviour when null is passed to the ServletResponse methods setCharacterEncoding(), setContentType() and setLocale() with the recent clarification from the Jakarta Servlet project of the expected behaviour in these cases.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

The Apache Tomcat Project is proud to announce the release of version 8.5.64 of Apache Tomcat. Apache Tomcat 8.5.x replaces 8.0.x and includes new features pulled forward from Tomcat 9.0.x. The minimum Java version and implemented specification versions remain unchanged. The notable changes compared to 8.5.63 include:

• Improvements to Async and non-blocking IO error handling
• Improvements to handling of OpenSSL errors
• Align the behaviour when null is passed to the ServletResponse methods setCharacterEncoding(), setContentType() and setLocale() with the recent clarification from the Jakarta Servlet project of the expected behaviour in these cases.

Full details of these changes, and all the other changes, are available in the Tomcat 8.5 changelog.

Download

The Apache Tomcat Project is proud to announce the release of 0.2.0 of the Apache Tomcat Migration Tool for Jakarta EE. This release contains a number of bug fixes and improvements compared to version 0.1.0.

The notable changes in this release are:

• Various fixes to the packages that are and are not converted
• A new option to process zip archives in memory to support zip files that use options that are incompatible with a streaming approach
• A new option to exclude files from transformation

Full details of these changes, and all the other changes, are available in the changelog.

Download

The Apache Tomcat Project is proud to announce the release of version 7.0.108 of Apache Tomcat. This release implements specifications that are part of the Java EE 6 platform. This release contains a number of bug fixes and improvements compared to version 7.0.107.

• Fix a potential file descriptor leak when WebSocket connections are attempted and fail. Patch provided by Maurizio Adami.

Full details of these changes, and all the other changes, are available in the Tomcat 7 changelog.

Note: End of life date for Apache Tomcat 7.0.x is announced. Read more...

Download

The Apache Tomcat Project is proud to announce the release of version 10.0.2 of Apache Tomcat. This release is the first stable release in the 10.0.x series and is targeted at Jakarta EE 9.

Users of Tomcat 10 onwards should be aware that, as a result of the move from Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse Foundation, the primary package for all implemented APIs has changed from javax.* to jakarta.*. This will almost certainly require code changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later. A migration tool is under development to aid this process.

The notable changes in this release are:

• Add support for using Unix domain sockets for NIO when running on Java 16 or later.
• Add a new StringInterpreter interface that allows applications to provide customised string attribute value to type conversion within JSPs. This allows applications to provide a conversion implementation that is optimised for the application.
• Add peerAddress to coyote request, which contains the IP address of the direct connection peer. If a reverse proxy sits in front of Tomcat and the RemoteIp(Valve|Filter) is used, the peerAddress is likely to differ from the remoteAddress. The remoteAddress is likely to contain the address of the client in front of the reverse proxy, not the address of the proxy itself.

Full details of these changes, and all the other changes, are available in the Tomcat 10 changelog.

Download

The Apache Tomcat Project is proud to announce the release of version 9.0.43 of Apache Tomcat. The notable changes compared to 9.0.41 include:

• Add support for using Unix domain sockets for NIO when running on Java 16 or later.
• Add a new StringInterpreter interface that allows applications to provide customised string attribute value to type conversion within JSPs. This allows applications to provide a conversion implementation that is optimised for the application.
• Add peerAddress to coyote request, which contains the IP address of the direct connection peer. If a reverse proxy sits in front of Tomcat and the RemoteIp(Valve|Filter) is used, the peerAddress is likely to differ from the remoteAddress. The remoteAddress is likely to contain the address of the client in front of the reverse proxy, not the address of the proxy itself.

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

The Apache Tomcat Project is proud to announce the release of version 8.5.63 of Apache Tomcat. Apache Tomcat 8.5.x replaces 8.0.x and includes new features pulled forward from Tomcat 9.0.x. The minimum Java version and implemented specification versions remain unchanged. The notable changes compared to 8.5.61 include:

• Add a new StringInterpreter interface that allows applications to provide customised string attribute value to type conversion within JSPs. This allows applications to provide a conversion implementation that is optimised for the application.
• Add peerAddress to coyote request, which contains the IP address of the direct connection peer. If a reverse proxy sits in front of Tomcat and the RemoteIp(Valve|Filter) is used, the peerAddress is likely to differ from the remoteAddress. The remoteAddress is likely to contain the address of the client in front of the reverse proxy, not the address of the proxy itself.
• Escape elements in the access log that need to be escaped for the access log to be parsed unambiguously.

Full details of these changes, and all the other changes, are available in the Tomcat 8.5 changelog.

Download