2014-02-07 Ognjen Blagojevic :
> On 6.2.2014 21:23, Mark Thomas wrote:
>>
>> - Update to the latest DBCP 2 snapshot
>
> (...)
>>
>> The proposed 8.0.2 release is:
>> [X] Broken - do not release
>>
>> [ ] Alpha - go ahead and release as 8.0.2 (alpha)
>> [ ] Beta - go ahead and release as 8.0.2 (b
Author: kkolinko
Date: Fri Feb 7 01:34:16 2014
New Revision: 1565512
URL: http://svn.apache.org/r1565512
Log:
Fix build of DBCP2. The project structure has changed and
the classes are now in src/main, like in Pool2.
This issue was reported in the VOTE thread for 8.0.2.
Modified:
tomcat/trun
2014-02-05 Violeta Georgieva :
> Hi,
>
> I want to start the release procedure for Tomcat 7.0.51.
> If you would like to add something to this release please respond to this
> mail.
>
Running testsuite BIO,NIO,APR on current 7.0.x (@ r1565513)
Win7, Java 6u45 (+7u51) 32-bit.
(TC Native 1.1.29).
The Buildbot has detected a restored build on builder tomcat-trunk while
building ASF Buildbot.
Full details are available at:
http://ci.apache.org/builders/tomcat-trunk/builds/5482
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: bb-vm_ubuntu
Build Reason: scheduler
Build Source
On 6.2.2014 21:23, Mark Thomas wrote:
- Update to the latest DBCP 2 snapshot
(...)
The proposed 8.0.2 release is:
[X] Broken - do not release
[ ] Alpha - go ahead and release as 8.0.2 (alpha)
[ ] Beta - go ahead and release as 8.0.2 (beta)
[ ] Stable - go ahead and release as 8.0.2 (stable)
The Buildbot has detected a restored build on builder tomcat-7-trunk while
building ASF Buildbot.
Full details are available at:
http://ci.apache.org/builders/tomcat-7-trunk/builds/1744
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: bb-vm_ubuntu
Build Reason: scheduler
Build So
https://issues.apache.org/bugzilla/show_bug.cgi?id=56115
--- Comment #2 from Anthony ---
Created attachment 31290
--> https://issues.apache.org/bugzilla/attachment.cgi?id=31290&action=edit
Additional default properties to add to build.properties.default
--
You are receiving this mail because:
https://issues.apache.org/bugzilla/show_bug.cgi?id=56115
--- Comment #1 from Anthony ---
Created attachment 31289
--> https://issues.apache.org/bugzilla/attachment.cgi?id=31289&action=edit
Change of trydownload target in build.xml
--
You are receiving this mail because:
You are the assignee f
Author: kkolinko
Date: Thu Feb 6 22:08:25 2014
New Revision: 1565458
URL: http://svn.apache.org/r1565458
Log:
Merged revisions r1562458, r1565451 from tomcat/trunk:
Provide more info if test fails in access log valve check.
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.
https://issues.apache.org/bugzilla/show_bug.cgi?id=56115
Bug ID: 56115
Summary: Need to provide parameters to Ant's get task to
reliably download behind firewall and proxy
Product: Tomcat 7
Version: 7.0.47
Hardware: Sun
Author: kkolinko
Date: Thu Feb 6 21:49:31 2014
New Revision: 1565451
URL: http://svn.apache.org/r1565451
Log:
Correct typo in message printed by validateAccessLog() when a testcase runs too
long.
Modified:
tomcat/trunk/test/org/apache/catalina/valves/TesterAccessLogValve.java
Modified: tom
The Buildbot has detected a new failure on builder tomcat-trunk while building
ASF Buildbot.
Full details are available at:
http://ci.apache.org/builders/tomcat-trunk/builds/5480
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: bb-vm_ubuntu
Build Reason: scheduler
Build Source St
The proposed Apache Tomcat 8.0.2 release is now available for voting.
The main changes since 8.0.1 are:
- Fix CVE-2014-0050, a DoS related to multi-part processing
- Enable non-blocking reads to take place on non-container threads
- Update to the latest DBCP 2 snapshot
- Fix WebDAV support broken
Added: dev/tomcat/tomcat-8/v8.0.2/src/apache-tomcat-8.0.2-src.tar.gz.md5
==
--- dev/tomcat/tomcat-8/v8.0.2/src/apache-tomcat-8.0.2-src.tar.gz.md5 (added)
+++ dev/tomcat/tomcat-8/v8.0.2/src/apache-tomcat-8.0.2-src.tar.gz.md5
Author: markt
Date: Thu Feb 6 19:59:06 2014
New Revision: 4322
Log:
Drop 8.0.1
Removed:
dev/tomcat/tomcat-8/v8.0.1/
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomc
Author: markt
Date: Thu Feb 6 19:50:34 2014
New Revision: 1565426
URL: http://svn.apache.org/r1565426
Log:
Tag 8.0.2
Added:
tomcat/tc8.0.x/tags/TOMCAT_8_0_2/
- copied from r1565424, tomcat/trunk/
Modified:
tomcat/tc8.0.x/tags/TOMCAT_8_0_2/build.properties.default
Modified: tomcat/
Author: markt
Date: Thu Feb 6 19:50:26 2014
New Revision: 1565425
URL: http://svn.apache.org/r1565425
Log:
Drop 8.0.2 tag to re-tag
Removed:
tomcat/tc8.0.x/tags/TOMCAT_8_0_2/
-
To unsubscribe, e-mail: dev-unsubscr...@tomca
On 06/02/2014 19:47, kkoli...@apache.org wrote:
> Author: kkolinko
> Date: Thu Feb 6 19:47:31 2014
> New Revision: 1565424
>
> URL: http://svn.apache.org/r1565424
> Log:
> Changelog entry for r1565300, r1565416.
I'll re-tag to pick that up.
Mark
---
Author: kkolinko
Date: Thu Feb 6 19:47:31 2014
New Revision: 1565424
URL: http://svn.apache.org/r1565424
Log:
Changelog entry for r1565300, r1565416.
Modified:
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat
Author: markt
Date: Thu Feb 6 19:46:40 2014
New Revision: 1565423
URL: http://svn.apache.org/r1565423
Log:
Tag 8.0.2
Added:
tomcat/tc8.0.x/tags/TOMCAT_8_0_2/
- copied from r1565422, tomcat/trunk/
Modified:
tomcat/tc8.0.x/tags/TOMCAT_8_0_2/build.properties.default
Modified: tomcat/
Author: markt
Date: Thu Feb 6 19:44:40 2014
New Revision: 1565422
URL: http://svn.apache.org/r1565422
Log:
Update Commons DBCP snapshot
Modified:
tomcat/trunk/build.properties.default
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/build.properties.default
URL:
http://sv
Author: kkolinko
Date: Thu Feb 6 19:42:10 2014
New Revision: 1565419
URL: http://svn.apache.org/r1565419
Log:
Merged revisions r1565300-r1565416 from tomcat/trunk:
Improve handling of file upload errors. Display a message instead of error 500
page.
Simplify parts handling code, as it is known th
Author: kkolinko
Date: Thu Feb 6 19:29:48 2014
New Revision: 1565416
URL: http://svn.apache.org/r1565416
Log:
Simplify code.
There is no need to iterate over parts and cleanup them, Tomcat takes care of
that in Request.recycle().
Modified:
tomcat/trunk/java/org/apache/catalina/manager/HTMLM
On 05/02/2014 10:10, Violeta Georgieva wrote:
> Hi,
>
> I want to start the release procedure for Tomcat 7.0.51.
> If you would like to add something to this release please respond to this
> mail.
Good to go from my point of view.
Mark
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06/02/2014 17:15, Christopher Schultz wrote:
> Mark,
>
> On 2/6/14, 6:37 AM, Mark Thomas wrote:
>> Mitigation: [...] - Limit the size of the Content-Type header to
>> less than 4091 bytes
>
> Just confirming that I've read this properly: limiting
Mark,
On 2/6/14, 6:37 AM, Mark Thomas wrote:
> Mitigation:
> [...]
> - Limit the size of the Content-Type header to less than 4091 bytes
Just confirming that I've read this properly: limiting the size of the
content-type *header* to 4901 bytes? So, don't accept "Content-Type: [4k
worth of data]"
The Buildbot has detected a restored build on builder tomcat-trunk while
building ASF Buildbot.
Full details are available at:
http://ci.apache.org/builders/tomcat-trunk/builds/5479
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: bb-vm_ubuntu
Build Reason: scheduler
Build Source
Author: kkolinko
Date: Thu Feb 6 15:11:35 2014
New Revision: 1565300
URL: http://svn.apache.org/r1565300
Log:
Followup to r1565163
Catch exceptions thrown by getParts() and report them as other upload errors
(in the message box on the HTML page).
Without this an uncaught exception resulted in E
On 02/05/2014 05:12 PM, Christopher Schultz wrote:
Gabriel,
On 2/4/14, 3:29 PM, "Gabriel E. Sánchez Martínez" wrote:
On 02/04/2014 12:20 PM, Christopher Schultz wrote:
Nick,
On 2/2/14, 2:51 AM, Nick Williams wrote:
On Feb 2, 2014, at 1:23 AM, Gabriel E. Sánchez Martínez wrote:
I am very ne
Ognjen,
On 2/5/14, 6:36 AM, Ognjen Blagojevic wrote:
> On 4.2.2014 21:29, "Gabriel E. Sánchez Martínez" wrote:
>>> I've been tossing-around some upgrades in my mind for the realm
>>> implementations that would allow for better pluggability for things like
>>> this. Right now, the only way to imple
Author: kkolinko
Date: Thu Feb 6 13:10:11 2014
New Revision: 1565221
URL: http://svn.apache.org/r1565221
Log:
Followup to r1565181
Correct version numbers on Tomcat 7 page
Modified:
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/xdocs/security-7.xml
Modified: tomcat/site/trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building
ASF Buildbot.
Full details are available at:
http://ci.apache.org/builders/tomcat-trunk/builds/5478
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: bb-vm_ubuntu
Build Reason: scheduler
Build Source St
https://issues.apache.org/bugzilla/show_bug.cgi?id=51147
--- Comment #11 from Konstantin Kolinko ---
(In reply to Madhiyalagan from comment #10)
Not here.
See Comment 1 above.
http://tomcat.apache.org/bugreport.html#Bugzilla_is_not_a_support_forum
--
You are receiving this mail because:
You ar
The Buildbot has detected a new failure on builder tomcat-7-trunk while
building ASF Buildbot.
Full details are available at:
http://ci.apache.org/builders/tomcat-7-trunk/builds/1742
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: bb-vm_ubuntu
Build Reason: scheduler
Build Sourc
https://issues.apache.org/bugzilla/show_bug.cgi?id=51147
Madhiyalagan changed:
What|Removed |Added
CC||ma...@smartrx.in
--- Comment #10 fr
Author: markt
Date: Thu Feb 6 11:52:14 2014
New Revision: 1565187
URL: http://svn.apache.org/r1565187
Log:
Remove my local hack
Modified:
tomcat/site/trunk/build.xml
Modified: tomcat/site/trunk/build.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/build.xml?rev=1565187&r1=1565186&r
On 06/02/2014 11:50, Konstantin Kolinko wrote:
> 2014-02-06 :
>> Author: markt
>> Date: Thu Feb 6 11:32:14 2014
>> New Revision: 1565181
>>
>> URL: http://svn.apache.org/r1565181
>> Log:
>> Add details for CVE-2014-0050
>>
>> Modified:
>> tomcat/site/trunk/build.xml
>> tomcat/site/trunk/d
2014-02-06 :
> Author: markt
> Date: Thu Feb 6 11:32:14 2014
> New Revision: 1565181
>
> URL: http://svn.apache.org/r1565181
> Log:
> Add details for CVE-2014-0050
>
> Modified:
> tomcat/site/trunk/build.xml
> tomcat/site/trunk/docs/security-7.html
> tomcat/site/trunk/docs/security-8.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- - Commons FileUpload 1.0 to 1.3
- - Apache Tomcat 8.0.0-RC1 to 8.0.1
- - Apache Tomcat 7.0.0 to 7.0.50
- -
Author: markt
Date: Thu Feb 6 11:32:14 2014
New Revision: 1565181
URL: http://svn.apache.org/r1565181
Log:
Add details for CVE-2014-0050
Modified:
tomcat/site/trunk/build.xml
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/security-8.html
tomcat/site/trunk/xdocs/sec
Author: markt
Date: Thu Feb 6 11:21:07 2014
New Revision: 1565169
URL: http://svn.apache.org/r1565169
Log:
Fix CVE-2014-0050 DoS with malformed Content-Type header and multipart request
processing.
Update to latest code (r1565163) from Commons FileUpload
Modified:
tomcat/tc7.0.x/trunk/java/
Author: markt
Date: Thu Feb 6 11:08:00 2014
New Revision: 1565163
URL: http://svn.apache.org/r1565163
Log:
Fix CVE-2014-0050 DoS with malformed Content-Type header and multipart request
processing.
Update to latest code (r1565159) from Commons FileUpload
Modified:
tomcat/trunk/java/org/apac
https://issues.apache.org/bugzilla/show_bug.cgi?id=51966
--- Comment #21 from S ---
In order to illustrate how I understood possibilities and their use in Tomcat,
I made a list of authentication mechanisms:
0) Compare the sent PW to the stored PW
1) Hashing the sent PW on the server, compare it
43 matches
Mail list logo
