LATEST VERSION: 4.0 - CHANGELOG
Pivotal tc Server v4.0

Pivotal tc Server 4.0 Release Notes

Pivotal tc Server 4.0.0 | 26 MAR 2018

Last Document Update: 26 MAR 2018

What’s in the Release Notes

These release notes cover the following topics:

What’s New in Pivotal tc Server 4.0.0

This Pivotal tc Server release includes the following new features and changes:

  • Features Highlights:
    • Introduction of our Apache Tomcat 9.0 compatible runtime
      • Updated Specifications: Servlet 4.0, JSP 2.3, EL 3.0, WebSocket 1.1, and JASPIC 1.1
      • Requires Java 8 to use
      • Add support for HTTP/2
      • Adds support for OpenSSL for TLS support with JSSE connectors
      • Add support for TLS virtual hosting, or Server Name Indication (SNI)
    • Command Consolidation
      • Simplified command line interface only requires one script, tcserver
      • All commands are available in one location
    • Added support for Java versions 9 and 10
    • On-demand access to tc Runtimes and custom templates
    • Separation of tc Server installation package from the tc Runtimes, instances, and custom templates.
    • Added a customizable central configuration file with the ability to set the runtimes, instances, templates directories, along with other configuration options.
    • Separated RPMs into a tc Server installation package and an RPM for each tc Runtime version.
    • tc Server 4.0 RPMs are available on the Pivotal download site and no longer distributed via Pivotal RPM Repository
  • tc Runtimes:
    • Our bundled tc Runtime version:
      • 9.0.6.B.RELEASE, equivalent to Apache Tomcat 9.0.6 including the following fixes:
        • Fix to ensure MBean names for TLS components are correctly formed when the connector is bound to an explicit IPv6 address
        • Fix to avoid a potential loop in the APR/Native poller
    • Optional tc Runtime versions:
      • 8.5.29.B.RELEASE, equivalent to Apache Tomcat 8.5.29 including the following fixes:
        • Fix to ensure MBean names for TLS components are correctly formed when the connector is bound to an explicit IPv6 address
        • Fix to avoid a potential loop in the APR/Native poller
      • 7.0.85.B.RELEASE, equivalent to Apache Tomcat 7.0.85 including the following fixes:
        • Fix programmatic login regression as the NonLoginAuthenticator has to be set for it to work (if no login method is specified). Bug 62104

Security and Vulnerability Information

All CVEs (Common Vulnerabilities and Exposures) are registered with cve.mitre.org. Once the CVE information is released to the public, it can take some time before this site is updated with all the details. If you do not see the updated CVE information, please visit Apache Tomcat’s Security pages for more detailed information about the CVE.

Here are the links to Apache Tomcat security and vulnerability details per release:

Known Issues

Issue Number Description
N/A The default OpenJDK build of Java 9 on Ubuntu is a non-GA version and will cause issues when running tc Server. Upgrade to a GA version of OpenJDK to resolve the issues.

tc Server Versioning

The tc Runtime version refers to the corresponding Apache Tomcat release. A letter is added to indicate whether additional patches not yet released by the Apache Software Foundation are applied.

For example:

  • tc Runtime 9.0.6.A.RELEASE is equivalent to Apache Tomcat 9.0.6.
  • tc Runtime 9.0.6.B.RELEASE is equivalent to Apache Tomcat 9.0.6 plus important bug fixes, enhancements, or security fixes. The letter could also refer to a pre-release of Apache Tomcat 9.0.7.

    The letter is incremented (9.0.6.C.RELEASE, 9.0.6.D.RELEASE, and so on) if additional patches or security fixes are applied after a release is named and released.

See the Apache Tomcat changelogs for a list of improvements introduced by release: