Mark, On 11/3/14 4:51 AM, Mark Thomas wrote: > The proposed Apache Tomcat 8.0.15 release is now available for voting. > > The main changes since 8.0.14 are: > - Add support for RFC6265 cookie parsing and generation. This is > currently disabled by default and may be enabled via the > CookieProcessor element of a Context. > - Add pluggable password derivation support to the Realms via the new > CredentialHandler interface. > - Add support for TLSv1.1 and TLSv1.2 for APR connector. Based upon a > patch by Marcel Šebek. This feature requires Tomcat Native library > 1.1.32 or later. > - Disable SSLv3 by default for all HTTPS connectors > > There is also a large than usual collection of bug fixes, new features > and performance improvements. For full details, see the changelog: > http://svn.us.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.15/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1025/ > The svn tag is: > http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_15/ > > The proposed 8.0.15 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 8.0.14
Details: Testing environment: Debian Linux kernel 2.6.32 x86_64 architecture, Oracle Java(TM) SE Runtime Environment (build 1.7.0_67-b01) Signatures are good Source and tarball contain the same things tcnative builds properly without warnings on GCC 4.7.2 Tomcat builds with minor warnings Unit tests build with minor warnings Unit tests pass with expected failures (clustering is known to be unsupported in my environment) Test web applications work in development environment SSL testing APR connector default (SSLProtocol="all") lacks support for SSLv3: cannot handshake APR connector respects choice of individual protocol (e.g. SSLv3, TLSv1.1, etc.) and always prefers the highest protocol choice available JSSE connectors (tested NIO in this case) default (sslProtocol="TLS") lacks support for SSLv3: cannot handshake JSSE connectors (tested NIO in this case) respect choice of individual protocol and always prefers the highest protocol choice available -chris
signature.asc
Description: OpenPGP digital signature
