Re: [VOTE] Release Apache Tomcat Native 1.1.30

Ognjen Blagojevic Thu, 10 Apr 2014 05:58:28 -0700

Mladen,

On 10.4.2014 13:50, Mladen Turk wrote:

The Apache Tomcat Native 1.1.30 is
  [X] Stable, go ahead and release
  [ ] Broken because of ...


(non-binding)

Tested with Tomcat 8.0.5, Oracle Java 1.7.0_51 on Windows 7 64-bit.

- Filippo.io [1] reports it is not vulnerable to Heartbleed bug.

- SSLLabs [2] reports it is not vulnerable to Heartbleed bug.

- SSLLabs reports that Forward secrecy is enabled when proper ciphersuites (including EECDH/ECDHE) are enabled.


- Smoke tests of APR, with and without TLS, all passed.

-Ognjen

[1] http://filippo.io/Heartbleed/
[2] https://www.ssllabs.com/ssltes


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat Native 1.1.30

Reply via email to