All, On 10/21/14 5:05 AM, Mark Thomas wrote: > Version 1.1.32 includes the following changes: > - Add support for TLS v1.1 and TLS v1.2 > - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j > > The proposed release artifacts can be found at [1], > and the build was done using tag [2]. > > Since this release is primarily to address security issues, I may end > the vote earlier than 72 hours to speed up the process of getting Tomcat > releases out that address CVE-2014-3566. > > The Apache Tomcat Native 1.1.31 is > [ ] Stable, go ahead and release > [ ] Broken because of ...
Note that in order to test TLSv1.1 and TLSv1.2 with tcnative, you'll have to be running Tomcat from subversion. No release version will allow you to specify "TLSv1.2" for instance in SSLProtocol. Using SSLProtocol="all" will still enable SSLv3, and using "TLSv1" also enables SSLv3, so you can't properly test protocol support unless you pull Tomcat from subversion. -chris
signature.asc
Description: OpenPGP digital signature
