Konstantin, On 4/15/14, 3:06 AM, kkoli...@apache.org wrote: > Author: kkolinko > Date: Tue Apr 15 07:06:47 2014 > New Revision: 1587456 > > URL: http://svn.apache.org/r1587456 > Log: > vote > > Modified: > tomcat/tc6.0.x/trunk/STATUS.txt > > Modified: tomcat/tc6.0.x/trunk/STATUS.txt > URL: > http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1587456&r1=1587455&r2=1587456&view=diff > ============================================================================== > --- tomcat/tc6.0.x/trunk/STATUS.txt (original) > +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Apr 15 07:06:47 2014 > @@ -102,7 +102,13 @@ PATCHES PROPOSED TO BACKPORT: > * Update required tcnative version to 1.1.30 > http://people.apache.org/~schultz/patches/tcnative.heartbleed.tomcat6.diff > +1: schultz > - -1: > + -0: kkolinko: > + -0 for changing TCN_REQUIRED_PATCH in AprLifecycleListener.java > + +1 for changing TCN_RECOMMENDED_PV in AprLifecycleListener.java > + +1 for build.properties.default > + There is nothing in Tomcat 6 that requires TCNative 1.1.30 APIs. > + I think that there are TCNative builds on Linux that use safe version > + of OpenSSL while being an older version of TCNative.
That's a very good point. What would you think about making the RECOMMENDED version 1.1.30? (This is 1/2 of a patch that *will* require 1.1.30. I decided to split-out the version requirements due to Heartbleed, but it seems it's really not appropriate.) I can back-out these patches in Tomcat 8 and Tomcat 7 but the same code will go right back in with a subsequent patch (http://svn.apache.org/viewvc?view=revision&revision=r1587379). Comments? -chris
signature.asc
Description: OpenPGP digital signature
