Skip to main content

Time to get Apache Tomcat 7.0.x Support

Apache Tomcat 7.0.x community support ended on March 2021. What does it mean for Tomcat 7.0.x users?

  • Releases from the 7.0.x branch are highly unlikely
  • Bugs affecting only the 7.0.x branch will not be addressed
  • Security vulnerability reports will not be checked against the 7.0.x branch
  • 7.0.x download pages will be removed
  • The latest 7.0.x release will be removed from the mirror system
  • 7.0.x branch will be made read-only

Have questions about our support levels?

* These fields are required.

Tomitribe support for Tomcat 7.0.x offers coverage and peace of mind

With a collective experience of over 50 years of combined contribution to Apache Tomcat & Open Source, the Tomitribe Support includes CVE scanning, patching, regression testing, and notifications of any vulnerabilities that affect Tomcat 7.0.x. Tomitribe does this proactively with daily scans on those binaries via a partnership we have with Sonatype.

  • 24/7 support directly from Apache Committers
  • 1 hours response-time
  • Unlimited support incidents
  • Fast bug fixes & security patch turnaround
  • Production & Development support
  • And much more
Talk to our Dev Team
Subscription Level
Core Count
64 cores
120 cores
248 cores
Apache Tomcat
Apache TomEE
Apache ActiveMQ
Response Time
CVE Patching
Developer Questions
1 parallel
2 parallel
4 parallel
Admin Contacts
Phone, Email, Portal
Professional Services
3 days
5 days
10 days
2 days
3 days
5 days
Feature Development
10 days
17 days
25 days

What Our Customers Are Saying

“It is very valuable for DFS to have a reliable partner to provision patches for the Open Source products in our production environments. We trust Tomitribe to provide us with security patches at short notice.”

Manfred KempfHead of AIS & IDP Systems at DFS Deutsche Flugsicherung

“Ridango's endorsement of Tomitribe demonstrates our commitment to maintaining a robust and secure infrastructure, with Tomitribe serving as a trusted partner for handling critical security updates.”

Ziga PodgrajsekHead of IT at Ridango AS

Frequently Asked Questions

How are cores counted?

Deployment Type

Tomitribe support subscription accounts for both physical and virtual deployment type with the flexibility of selecting the support plan with the least core count as defined.

  • Virtual Deployments
  • Physical Deployments
  • Partitioned Physical Deployments

For a more detailed description and examples please visit the subscription guide page

Do you offer CVE Patches & Notification?

In 2 years Tomitribe support has patched over 80 CVEs on Apache Tomcat, TomEE & ActiveMQ. Our teams work together to make surviving the frequency of CVEs possible. For more info visit our CVE Support Page.


365 days a year we automatically scan your exact versions of Tomcat, TomEE, or ActiveMQ.

Discover & Notify

Vulnerabilities receive immediate attention from our support team & support tickets are created on your behalf in our portal.

Assess & React

We work collaboratively to help determine if your application is affected & backed by our support team, you react appropriately & own risk confidently

Patch & Rollout

The Tomitribe Support team immediately begins work on a patch for your version, new binaries are posted to your open ticket, & can be rolled out immediately.

Partnership Rewards

The Tomitribe Community Partnership Program is a rewards program designed to reduce the total cost of ownership of open source for our best customers.  Modeled after a frequent flyer program, Enterprise Subscribers are rewarded with complimentary services that include time with the Tribe.

  • Included Professional Services, Training, Feature Development days are free rewards and not redeemable for cash
  • Free rewards cannot be exchanged or traded and are non-transferable to other services or offerings
  • Unused free rewards expire at the end of the service term

For more info visit Tomitribe Community Partnership Program

Scanned for Vulnerabilities lately?

CVEs are not black & white. Knowledge of both the application & server is required to determine risk & appropriate reaction. Tomitribe works with your teams to make surviving the frequency of CVEs possible.

Check out this video where Tomitribe’s David Blevins & Jonathan Gallimore join Sonatype to discuss & explain the Top 5 Apache Tomcat security vulnerabilities.