https://bz.apache.org/bugzilla/show_bug.cgi?id=59423
Ralf Hauser changed:
What|Removed |Added
Summary|amend "No LoginModules |amend "No LoginModules
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-tc8.0.x-test-apr has an issue affecting its community
integration.
Am 03.05.2016 um 16:53 schrieb Mark Thomas:
Hi,
OpenSSL have released the details of the security fixed in 1.0.2h. I've
looked through them quickly and it looks like at least CVE-2016-2107 is
applicable to Tomcat-Native.
Given that I haven't got 9.0.x to the point where it is ready to release
a
https://bz.apache.org/bugzilla/show_bug.cgi?id=56905
Réda Housni Alaoui changed:
What|Removed |Added
Status|RESOLVED|REOPENED
Resolution|FIXED
Author: markt
Date: Tue May 3 19:54:38 2016
New Revision: 1742187
URL: http://svn.apache.org/viewvc?rev=1742187&view=rev
Log:
Avoid NPEs
Modified:
tomcat/trunk/java/org/apache/tomcat/util/scan/UrlJar.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/scan/UrlJar.java
URL:
http://svn.a
Author: markt
Date: Tue May 3 19:48:47 2016
New Revision: 1742184
URL: http://svn.apache.org/viewvc?rev=1742184&view=rev
Log:
Need to reset the JarInputStream before scanning for the required resource.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/scan/UrlJar.java
Modified: tomcat/trun
Author: markt
Date: Tue May 3 18:59:05 2016
New Revision: 1742181
URL: http://svn.apache.org/viewvc?rev=1742181&view=rev
Log:
Avoid a URL.toString() call.
Replace startsWith() calls with equals().
Modified:
tomcat/trunk/java/org/apache/tomcat/util/scan/StandardJarScanner.java
Modified: tomc
The Buildbot has detected a restored build on builder tomcat-8-trunk while
building . Full details are available at:
https://ci.apache.org/builders/tomcat-8-trunk/builds/603
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchScheduler
The Buildbot has detected a restored build on builder tomcat-trunk while
building . Full details are available at:
https://ci.apache.org/builders/tomcat-trunk/builds/1334
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchScheduler sch
Author: markt
Date: Tue May 3 18:19:53 2016
New Revision: 1742168
URL: http://svn.apache.org/viewvc?rev=1742168&view=rev
Log:
Fix regression in r1742161
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat/tc8.0.x/trunk/java/org/apache/catalina/startup/ContextConfig.java
Propchange:
Author: markt
Date: Tue May 3 18:19:25 2016
New Revision: 1742167
URL: http://svn.apache.org/viewvc?rev=1742167&view=rev
Log:
Fix regression in r1742160
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/catalina/startup/ContextConfig.java
Propchange:
Author: markt
Date: Tue May 3 18:17:54 2016
New Revision: 1742166
URL: http://svn.apache.org/viewvc?rev=1742166&view=rev
Log:
Fix regression in r1742146
Modified:
tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java
Modified: tomcat/trunk/java/org/apache/catalina/startup/Context
The Buildbot has detected a new failure on builder tomcat-8-trunk while
building . Full details are available at:
https://ci.apache.org/builders/tomcat-8-trunk/builds/602
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchScheduler sch
Author: markt
Date: Tue May 3 17:49:04 2016
New Revision: 1742162
URL: http://svn.apache.org/viewvc?rev=1742162&view=rev
Log:
Drop the deprecated code.
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/jasper/servlet/TldScanner.java
tomcat/tc8.5.x
Author: markt
Date: Tue May 3 17:48:44 2016
New Revision: 1742161
URL: http://svn.apache.org/viewvc?rev=1742161&view=rev
Log:
Rather than do URL->URLConnection->URL, just pass the URL
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat/tc8.0.x/trunk/java/org/apache/jasper/servlet/Tl
Author: markt
Date: Tue May 3 17:48:01 2016
New Revision: 1742160
URL: http://svn.apache.org/viewvc?rev=1742160&view=rev
Log:
Rather than do URL->URLConnection->URL, just pass the URL
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/jasper/servlet/Tl
Author: markt
Date: Tue May 3 17:47:28 2016
New Revision: 1742159
URL: http://svn.apache.org/viewvc?rev=1742159&view=rev
Log:
Use the correct URL for the fragment when reporting errors processing a
web-fragment.xml file from a JAR located in an unpacked WAR.
Modified:
tomcat/tc8.0.x/trunk/
The Buildbot has detected a new failure on builder tomcat-trunk while building
. Full details are available at:
https://ci.apache.org/builders/tomcat-trunk/builds/1333
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchScheduler schedu
Author: markt
Date: Tue May 3 17:46:21 2016
New Revision: 1742158
URL: http://svn.apache.org/viewvc?rev=1742158&view=rev
Log:
Use the correct URL for the fragment when reporting errors processing a
web-fragment.xml file from a JAR located in an unpacked WAR.
Modified:
tomcat/tc8.5.x/trunk/
Author: markt
Date: Tue May 3 17:41:40 2016
New Revision: 1742157
URL: http://svn.apache.org/viewvc?rev=1742157&view=rev
Log:
Fix regression
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat/tc8.0.x/trunk/java/org/apache/jasper/servlet/TldScanner.java
Propchange: tomcat/tc8.0.x/t
Author: markt
Date: Tue May 3 17:41:32 2016
New Revision: 1742156
URL: http://svn.apache.org/viewvc?rev=1742156&view=rev
Log:
Fix regression
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/jasper/servlet/TldScanner.java
Propchange: tomcat/tc8.5.x/t
Author: markt
Date: Tue May 3 17:41:02 2016
New Revision: 1742155
URL: http://svn.apache.org/viewvc?rev=1742155&view=rev
Log:
Javadoc for scanWebInfClasses() explicitly states that access should only be
via the ServletContext so access the files that way.
Modified:
tomcat/tc8.0.x/trunk/ (
Author: markt
Date: Tue May 3 17:40:52 2016
New Revision: 1742154
URL: http://svn.apache.org/viewvc?rev=1742154&view=rev
Log:
Javadoc for scanWebInfClasses() explicitly states that access should only be
via the ServletContext so access the files that way.
Modified:
tomcat/tc8.5.x/trunk/ (
Author: markt
Date: Tue May 3 17:39:59 2016
New Revision: 1742153
URL: http://svn.apache.org/viewvc?rev=1742153&view=rev
Log:
Ensure that JarScanner only uses the explicit call-back to process
WEB-INF/classes and only when configured to treat the contents of
WEB-INF/classes as a possible explod
Author: markt
Date: Tue May 3 17:39:49 2016
New Revision: 1742152
URL: http://svn.apache.org/viewvc?rev=1742152&view=rev
Log:
Ensure that JarScanner only uses the explicit call-back to process
WEB-INF/classes and only when configured to treat the contents of
WEB-INF/classes as a possible explod
Author: markt
Date: Tue May 3 17:36:14 2016
New Revision: 1742151
URL: http://svn.apache.org/viewvc?rev=1742151&view=rev
Log:
Skip web-fragment.xml scan in WEB-INF/classes when scanning an unpacked WAR.
Move the test earlier:
- one test covers packed and unpacked WARs
- testing earlier is (margin
Author: markt
Date: Tue May 3 17:36:03 2016
New Revision: 1742150
URL: http://svn.apache.org/viewvc?rev=1742150&view=rev
Log:
Skip web-fragment.xml scan in WEB-INF/classes when scanning an unpacked WAR.
Move the test earlier:
- one test covers packed and unpacked WARs
- testing earlier is (margin
Author: markt
Date: Tue May 3 17:33:05 2016
New Revision: 1742148
URL: http://svn.apache.org/viewvc?rev=1742148&view=rev
Log:
Drop the deprecated code.
Modified:
tomcat/trunk/java/org/apache/jasper/servlet/TldScanner.java
tomcat/trunk/java/org/apache/tomcat/JarScannerCallback.java
t
Author: markt
Date: Tue May 3 17:31:45 2016
New Revision: 1742146
URL: http://svn.apache.org/viewvc?rev=1742146&view=rev
Log:
Rather than do URL->URLConnection->URL, just pass the URL
Modified:
tomcat/trunk/java/org/apache/jasper/servlet/TldScanner.java
tomcat/trunk/java/org/apache/tomca
2016-05-03 16:53 GMT+02:00 Mark Thomas :
> Hi,
>
> OpenSSL have released the details of the security fixed in 1.0.2h. I've
> looked through them quickly and it looks like at least CVE-2016-2107 is
> applicable to Tomcat-Native.
>
> Given that I haven't got 9.0.x to the point where it is ready to r
Author: remm
Date: Tue May 3 16:32:26 2016
New Revision: 1742141
URL: http://svn.apache.org/viewvc?rev=1742141&view=rev
Log:
59421: Allow direct (plain text most likely) connection to HTTP/2.
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/coyote/Ab
Author: remm
Date: Tue May 3 16:23:04 2016
New Revision: 1742139
URL: http://svn.apache.org/viewvc?rev=1742139&view=rev
Log:
Use a single read for the HTTP/2 preface (calling fill otherwise won't work).
Modified:
tomcat/trunk/java/org/apache/coyote/http11/Http11InputBuffer.java
Modified: to
Author: markt
Date: Tue May 3 16:10:27 2016
New Revision: 1742136
URL: http://svn.apache.org/viewvc?rev=1742136&view=rev
Log:
Update minimum recommended OpenSSL version to 1.0.2h
Modified:
tomcat/native/trunk/native/srclib/VERSIONS
tomcat/native/trunk/xdocs/miscellaneous/changelog.xml
M
On 03/05/2016 16:27, Rémy Maucherat wrote:
> 2016-05-03 16:53 GMT+02:00 Mark Thomas :
>
>> Hi,
>>
>> OpenSSL have released the details of the security fixed in 1.0.2h. I've
>> looked through them quickly and it looks like at least CVE-2016-2107 is
>> applicable to Tomcat-Native.
>>
>> Given that I
2016-05-03 17:53 GMT+03:00 Mark Thomas :
> Hi,
>
> OpenSSL have released the details of the security fixed in 1.0.2h. I've
> looked through them quickly and it looks like at least CVE-2016-2107 is
> applicable to Tomcat-Native.
>
> Given that I haven't got 9.0.x to the point where it is ready to re
2016-05-03 16:53 GMT+02:00 Mark Thomas :
> Hi,
>
> OpenSSL have released the details of the security fixed in 1.0.2h. I've
> looked through them quickly and it looks like at least CVE-2016-2107 is
> applicable to Tomcat-Native.
>
> Given that I haven't got 9.0.x to the point where it is ready to r
2016-05-03 17:56 GMT+03:00 Konstantin Kolinko :
>
> 2016-05-03 17:07 GMT+03:00 Violeta Georgieva :
> > Hi,
> >
> > 2016-04-27 14:27 GMT+03:00 Konstantin Kolinko :
> >>
> >> 2016-04-27 14:00 GMT+03:00 Violeta Georgieva :
> >> > Hi,
> >> >
> >> > I have a question about difference in the behaviour of
2016-05-03 17:07 GMT+03:00 Violeta Georgieva :
> Hi,
>
> 2016-04-27 14:27 GMT+03:00 Konstantin Kolinko :
>>
>> 2016-04-27 14:00 GMT+03:00 Violeta Georgieva :
>> > Hi,
>> >
>> > I have a question about difference in the behaviour of
>> > org.apache.catalina.loader.WebappClassLoaderBase.getResource(S
Hi,
OpenSSL have released the details of the security fixed in 1.0.2h. I've
looked through them quickly and it looks like at least CVE-2016-2107 is
applicable to Tomcat-Native.
Given that I haven't got 9.0.x to the point where it is ready to release
and that it is likely to take a couple more day
Hi,
2016-04-27 14:27 GMT+03:00 Konstantin Kolinko :
>
> 2016-04-27 14:00 GMT+03:00 Violeta Georgieva :
> > Hi,
> >
> > I have a question about difference in the behaviour of
> > org.apache.catalina.loader.WebappClassLoaderBase.getResource(String).
> > I'm investigating the issue reported here [1].
2016-04-27 14:25 GMT+03:00 Mark Thomas :
>
> On 27/04/2016 12:00, Violeta Georgieva wrote:
> > Hi,
> >
> > I have a question about difference in the behaviour of
> > org.apache.catalina.loader.WebappClassLoaderBase.getResource(String).
> > I'm investigating the issue reported here [1].
> >
> > In T
The Buildbot has detected a restored build on builder tomcat-trunk while
building . Full details are available at:
https://ci.apache.org/builders/tomcat-trunk/builds/1331
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchScheduler sch
Author: markt
Date: Tue May 3 13:21:21 2016
New Revision: 1742111
URL: http://svn.apache.org/viewvc?rev=1742111&view=rev
Log:
Correct regression in r1742105.
Modified:
tomcat/trunk/java/org/apache/jasper/servlet/TldScanner.java
Modified: tomcat/trunk/java/org/apache/jasper/servlet/TldScanne
The Buildbot has detected a new failure on builder tomcat-trunk while building
. Full details are available at:
https://ci.apache.org/builders/tomcat-trunk/builds/1330
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchScheduler schedu
Author: markt
Date: Tue May 3 11:51:02 2016
New Revision: 1742105
URL: http://svn.apache.org/viewvc?rev=1742105&view=rev
Log:
Javadoc for scanWebInfClasses() explicitly states that access should only be
via the ServletContext so access the files that way.
Modified:
tomcat/trunk/java/org/apa
Author: markt
Date: Tue May 3 11:36:52 2016
New Revision: 1742101
URL: http://svn.apache.org/viewvc?rev=1742101&view=rev
Log: (empty)
Modified:
tomcat/trunk/java/org/apache/tomcat/util/scan/StandardJarScanner.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/a
Author: violetagg
Date: Tue May 3 11:22:23 2016
New Revision: 1742096
URL: http://svn.apache.org/viewvc?rev=1742096&view=rev
Log:
Merged revision 1742090 from tomcat/trunk:
Correct a typo in SSL/TLS Configuration How-To. Issue reported via
comments.apache.org.
Modified:
tomcat/tc6.0.x/trunk
Author: violetagg
Date: Tue May 3 11:13:45 2016
New Revision: 1742095
URL: http://svn.apache.org/viewvc?rev=1742095&view=rev
Log:
Merged revision 1742090 from tomcat/trunk:
Correct a typo in SSL/TLS Configuration How-To. Issue reported via
comments.apache.org.
Modified:
tomcat/tc7.0.x/trunk
Author: violetagg
Date: Tue May 3 11:04:13 2016
New Revision: 1742094
URL: http://svn.apache.org/viewvc?rev=1742094&view=rev
Log:
Merged revision 1742090 from tomcat/trunk:
Correct a typo in SSL/TLS Configuration How-To. Issue reported via
comments.apache.org.
Modified:
tomcat/tc8.0.x/trunk
Author: markt
Revision: 1742093
Modified property: svn:log
Modified: svn:log at Tue May 3 11:03:54 2016
--
--- svn:log (original)
+++ svn:log Tue May 3 11:03:54 2016
@@ -1,4 +1,4 @@
-Skip web-fragment.xml scan in WEB-INF
Author: markt
Date: Tue May 3 11:02:55 2016
New Revision: 1742093
URL: http://svn.apache.org/viewvc?rev=1742093&view=rev
Log:
Skip web-fragment.xml scan in WEB-INF/classes when scanning an unpacked WAR.
Move the test earlier:
- one test covers packed and unpacked WARs
- testing earlier is (margin
Author: violetagg
Date: Tue May 3 11:02:08 2016
New Revision: 1742091
URL: http://svn.apache.org/viewvc?rev=1742091&view=rev
Log:
Merged revision 1742090 from tomcat/trunk:
Correct a typo in SSL/TLS Configuration How-To. Issue reported via
comments.apache.org.
Modified:
tomcat/tc8.5.x/trunk
Author: violetagg
Date: Tue May 3 10:59:33 2016
New Revision: 1742090
URL: http://svn.apache.org/viewvc?rev=1742090&view=rev
Log:
Correct a typo in SSL/TLS Configuration How-To. Issue reported via
comments.apache.org.
Modified:
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapp
https://bz.apache.org/bugzilla/show_bug.cgi?id=59423
Bug ID: 59423
Summary: amend "No LoginModules configured for ..."
Product: Tomcat 8
Version: 8.5.x-trunk
Hardware: All
OS: All
Status: NEW
Severity: enh
Author: markt
Date: Tue May 3 10:28:00 2016
New Revision: 1742082
URL: http://svn.apache.org/viewvc?rev=1742082&view=rev
Log:
Traverse StandardJarScanner's class loader hierarchy once rather than once per
scan. Marginally improves start times.
Javadoc fixes
Line length
Modified:
tomcat/tc8.
Author: markt
Date: Tue May 3 10:26:47 2016
New Revision: 1742081
URL: http://svn.apache.org/viewvc?rev=1742081&view=rev
Log:
Traverse StandardJarScanner's class loader hierarchy once rather than once per
scan. Marginally improves start times.
Javadoc fixes
Line length
Modified:
tomcat/tc8.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59226
--- Comment #9 from Ignacio del Valle Alles ---
I see. I'll think about it to too.
Can you give more details on these minor bugs?
--
You are receiving this mail because:
You are the assignee for the bug.
-
Author: markt
Date: Tue May 3 08:47:00 2016
New Revision: 1742071
URL: http://svn.apache.org/viewvc?rev=1742071&view=rev
Log:
Use the correct URL for the fragment when reporting errors processing a
web-fragment.xml file from a JAR located in an unpacked WAR.
Modified:
tomcat/trunk/java/org
https://bz.apache.org/bugzilla/show_bug.cgi?id=59226
--- Comment #8 from Mark Thomas ---
Update.
I've spent a fair amount of time looking at the proposed patch to see if there
is a way to avoid processing a JAR once to look at the class path and again to
scan it. I think it is possible but it is
59 matches
Mail list logo
