ср, 11 окт. 2023 г. в 02:31, Amit Pande <amit.pa...@veritas.com.invalid>: > > Thank you Konstantin for the quick update! > > Since this release contained multiple security fixes, it's important to > upgrade. However, there seem regressions too. > > What is the way forward here? Follow up version coming sooner? Or a version > with just security fixes and all other changes can go in subsequent release?
There are workarounds for these regressions: - Regarding this specific issue: I would just disable the compression. - Regarding the jdbc-pool issue: it is possible to use tomcat-jdbc.jar from a previous release. (Either unzipping a release, or pulling the specific jar from Maven Central). Release managers were at a conference, maybe are travelling, and voting for a new release usually takes 3 days. The vote was unusually shortened due to one of the issues going public and I guess that it might be widely discussed and (ab)used. I still do not know how this will be handled, but it may take a few days. Watch for "VOTE" threads on the dev mailing list. If one could help with testing release candidates, it would help. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
