The 3.2.7 release is our latest release representing a significant amount of work on new features, enhancements, code cleanups, etc... For a complete list of new features, API changes, etc... please see the release notes and migration guide for more details.
The 3.1.17 release is our latest patch release for 3.1.x. For a complete list of new features, API changes, etc... please see the release notes and migration guide.
The 3.0.16 release is our latest patch release for 3.0.x. For a complete list of new features, API changes, etc... please see the release notes and the migration guide.
This is the last planned release of the 3.0.x versions of CXF. Users are strongly encouraged to migrate to 3.2.x as soon as possible.
When downloading from a mirror it is recommended to verify the integrity of the downloads. This should preferably be done by verifying the OpenPGP compatible signature available from the main Apache site. The KEYS file contains the public keys used for signing the release. It is recommended that a web of trust is used to confirm the identity of these keys.
You can check the OpenPGP signature with GnuPG via:
gpg --import KEYS
gpg --verify apache-cxf-*.tar.gz.asc
It is also possible to verify the integrity of the downloads using the SHA1 checksum with:
sha1sum --check apache-cxf-*.tar.gz.sha1
Previous releases are all archived in the apache archive:
Non-incubator releases: http://archive.apache.org/dist/cxf/
Incubator releases: http://archive.apache.org/dist/incubator/cxf/
If you use Maven for building your applications, all supported CXF releases are synced into the maven central repository: http://repo1.maven.org/maven2/
For information on where to retrieve Apache CXF SNAPSHOT maven artifacts, please refer to the page on building CXF.