apache tomcat

Apache Tomcat 9.0.8 & 8.5.31 release, Web application server

Software

Apache Tomcat is an open source implementation of Java Servlets, JavaServer Pages, Java Expression Language, and Java WebSocket technology. Designed to provide users with the original Java environment to run Web applications.

Apache Tomcat 9.0.8 includes fixes and other enhancements and changes.

  • Fix:  62263: Avoid a NullPointerException when the RemoteIpValve processes a request for which no Context can be found. (markt)
  • Add:  62258: Don’t trigger the standard error page mechanism when the error has caused the connection to the client to be closed as no-one will ever see the error page. (markt)
  • Fix:  Register MBean when DataSource Resource type="javax.sql.XADataSource". Patch provided by Masafumi Miura. (csutherl)
  • Fix:  Fix a rare edge case that is unlikely to occur in real usage. This edge case meant that writing long streams of UTF-8 characters to the HTTP response that consisted almost entirely of surrogate pairs could result in one surrogate pair being dropped. (markt)
  • Add:  Update the internal fork of Apache Commons BCEL to r1829827 to add early access Java 11 support to the annotation scanning code. (markt)
  • Fix:  62297: Enable the CrawlerSessionManagerValve to correctly handle bots that crawl multiple hosts and/or web applications when the Valve is configured on a Host or an Engine. (fschumacher)
  • Fix:  62309: Fix a SecurityException when using JASPIC under a SecurityManager when authentication is not mandatory. (markt)
  • Fix:  62329: Correctly list resources in JAR files when directories do not have dedicated entries. Patch provided by Meelis Müür. (markt)
  • Add:  Collapse multiple leading / characters to a single / in the return value of HttpServletRequest#getContextPath() to avoid issues if the value is used with HttpServletResponse#sendRedirect(). This behaviour is enabled by default and configurable via the new Context attribute allowMultipleLeadingForwardSlashInPath. (markt)
  • Fix:  Improve handing of overflow in the UTF-8 decoder with supplementary characters. (markt)
  • More

Download

Apache Tomcat 8.5.31 includes fixes and other enhancements and changes.

  • Fix:  62263: Avoid a NullPointerException when the RemoteIpValve processes a request for which no Context can be found. (markt)
  • Fix:  Fix a rare edge case that is unlikely to occur in real usage. This edge case meant that writing long streams of UTF-8 characters to the HTTP response that consisted almost entirely of surrogate pairs could result in one surrogate pair being dropped. (markt)
  • Fix:  Register MBean when DataSource Resource type="javax.sql.XADataSource". Patch provided by Masafumi Miura. (csutherl)
  • Add:  Update the internal fork of Apache Commons BCEL to r1829827 to add early access Java 11 support to the annotation scanning code. (markt)
  • Fix:  62297: Enable the CrawlerSessionManagerValve to correctly handle bots that crawl multiple hosts and/or web applications when the Valve is configured on a Host or an Engine. (fschumacher)
  • Fix:  62309: Fix a SecurityException when using JASPIC under a SecurityManager when authentication is not mandatory. (markt)
  • Fix:  62329: Correctly list resources in JAR files when directories do not have dedicated entries. Patch provided by Meelis Müür. (markt)
  • Add:  Collapse multiple leading / characters to a single / in the return value of HttpServletRequest#getContextPath() to avoid issues if the value is used with HttpServletResponse#sendRedirect(). This behaviour is enabled by default and configurable via the new Context attribute allowMultipleLeadingForwardSlashInPath. (markt)
  • Fix:  Improve handing of overflow in the UTF-8 decoder with supplementary characters. (markt)
  • More

Download

Leave a Reply

Your email address will not be published. Required fields are marked *