svn commit: r1442360 - in /tomcat/tc6.0.x/branches/tomcat6-testing: ./ STATUS.txt webapps/docs/changelog.xml webapps/docs/config/executor.xml webapps/docs/config/http.xml

Mon, 04 Feb 2013 13:11:22 -0800 

Author: kkolinko
Date: Mon Feb  4 21:10:57 2013
New Revision: 1442360

URL: http://svn.apache.org/viewvc?rev=1442360&view=rev
Log:
Catching up with tc6.0.x/trunk
Merged revisions 1417001-1417825 from tc6.0.x/trunk.

Modified:
    tomcat/tc6.0.x/branches/tomcat6-testing/   (props changed)
    tomcat/tc6.0.x/branches/tomcat6-testing/STATUS.txt
    tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/changelog.xml
    tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/config/executor.xml
    tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/config/http.xml

Propchange: tomcat/tc6.0.x/branches/tomcat6-testing/
------------------------------------------------------------------------------
  Merged /tomcat/trunk:r1417282
  Merged /tomcat/tc6.0.x/trunk:r1417001-1417825

Modified: tomcat/tc6.0.x/branches/tomcat6-testing/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/STATUS.txt?rev=1442360&r1=1442359&r2=1442360&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/STATUS.txt (original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/STATUS.txt Mon Feb  4 21:10:57 2013
@@ -105,14 +105,14 @@ PATCHES PROPOSED TO BACKPORT:
   do the change before displaying the login form.
   http://svn.apache.org/viewvc?view=revision&revision=1408044
   (r1408043 in trunk)
-  +1: kkolinko, kfujino
+  +1: kkolinko, kfujino, schultz
   -1:
 
 * Introduce property "tomcat.output" that is used to specify location of
   the build output directory. This simplifies build configuration when the
   output directory is located outside of the source tree.
   http://svn.apache.org/viewvc?view=revision&revision=1408376
-  +1: kkolinko, kfujino
+  +1: kkolinko, kfujino, schultz
   -1:
 
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54087
@@ -120,13 +120,13 @@ PATCHES PROPOSED TO BACKPORT:
   header rather than throwing an exception.
   http://svn.apache.org/viewvc?view=revision&revision=1408254
   (r1408248 in trunk, by markt)
-  +1: kkolinko, kfujino
+  +1: kkolinko, kfujino, schultz
   -1:
 
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54220
   ErrorReportValve invoked on non-error responses
   http://svn.apache.org/viewvc?rev=1416537&view=rev (ErrorReportValve.java 
only)
-  +1: markt, kfujino
+  +1: markt, kfujino, kkolinko, schultz
   -1:
 
 

Modified: tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/changelog.xml?rev=1442360&r1=1442359&r2=1442360&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/changelog.xml 
(original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/changelog.xml Mon Feb  
4 21:10:57 2013
@@ -218,7 +218,9 @@
         handling of stale nonce values. (markt)
       </fix>
       <fix>
-        Remove unneeded handling of FORM authentication in RealmBase. 
(kkolinko)
+        CVE-2012-3546: Fix bypass of security constraint checks with FORM
+        authentication. Remove unneeded processing in <code>RealmBase</code>.
+        (kkolinko)
       </fix>
       <fix>
         <bug>53800</bug>: <code>FileDirContext.list()</code> did not provide
@@ -230,7 +232,9 @@
         default value on Windows. (kkolinko)
       </fix>
       <fix>
-        Improve session management in CsrfPreventionFilter. (kkolinko)
+        CVE-2012-4431: Fix bypass of <code>CsrfPreventionFilter</code> when
+        there is no session. Improve session management in the filter.
+        (kkolinko)
       </fix>
     </changelog>
   </subsection>
@@ -255,8 +259,9 @@
         AJP. (markt)
       </fix>
       <fix>
-        <bug>52858</bug>: Fix high CPU load with SSL, NIO and sendfile when
-        client breaks the connection before reading all the requested data.
+        <bug>52858</bug>, CVE-2012-4534: Fix high CPU load with SSL, NIO and
+        sendfile when client breaks the connection before reading all the
+        requested data.
         (fhanik/kkolinko)
       </fix>
       <fix>

Modified: 
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/config/executor.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/config/executor.xml?rev=1442360&r1=1442359&r2=1442360&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/config/executor.xml 
(original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/config/executor.xml 
Mon Feb  4 21:10:57 2013
@@ -83,7 +83,8 @@
   <attributes>
 
     <attribute name="threadPriority" required="false">
-      <p>(int) The thread priority for threads in the executor, the default is 
<code>Thread.NORM_PRIORITY</code></p>
+      <p>(int) The thread priority for threads in the executor, the default is
+      <code>5</code> (the value of the <code>Thread.NORM_PRIORITY</code> 
constant)</p>
     </attribute>
     <attribute name="daemon" required="false">
       <p>(boolean) Whether the threads should be daemon threads or not, the 
default is <code>true</code></p>

Modified: tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/config/http.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/config/http.xml?rev=1442360&r1=1442359&r2=1442360&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/config/http.xml 
(original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/config/http.xml Mon 
Feb  4 21:10:57 2013
@@ -431,9 +431,10 @@
 
     <attribute name="threadPriority" required="false">
       <p>The priority of the request processing threads within the JVM.
-      The default value is <code>java.lang.Thread#NORM_PRIORITY</code>.
-      See the JavaDoc for the java.lang.Thread class for more details on
-      what this priority means.
+      The default value is <code>5</code> (the value of the
+      <code>java.lang.Thread.NORM_PRIORITY</code> constant). See the JavaDoc
+      for the <code>java.lang.Thread</code> class for more details on what
+      this priority means.
       </p>
     </attribute>
 
@@ -482,16 +483,18 @@
       </attribute>
       <attribute name="pollerThreadPriority" required="false">
         <p>(int)The priority of the poller threads.
-          The default value is <code>java.lang.Thread#NORM_PRIORITY</code>.
-          See the JavaDoc for the java.lang.Thread class for more details on
-          what this priority means.
+        The default value is <code>5</code> (the value of the
+        <code>java.lang.Thread.NORM_PRIORITY</code> constant). See the JavaDoc
+        for the <code>java.lang.Thread</code> class for more details on what
+        this priority means.
         </p>
       </attribute>
       <attribute name="acceptorThreadPriority" required="false">
         <p>(int)The priority of the acceptor threads. The threads used to 
accept new connections.
-          The default value is <code>java.lang.Thread#NORM_PRIORITY</code>.
-          See the JavaDoc for the java.lang.Thread class for more details on
-          what this priority means.
+        The default value is <code>5</code> (the value of the
+        <code>java.lang.Thread.NORM_PRIORITY</code> constant). See the JavaDoc
+        for the <code>java.lang.Thread</code> class for more details on what
+        this priority means.
         </p>
       </attribute>
       



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to