The Buildbot has detected a new failure on builder tomcat-8-trunk while
building . Full details are available at:
https://ci.apache.org/builders/tomcat-8-trunk/builds/950
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchScheduler sch
Author: rjung
Date: Tue Mar 14 06:15:14 2017
New Revision: 1786847
URL: http://svn.apache.org/viewvc?rev=1786847&view=rev
Log:
Fix copy-and-paste error in changelog.
Move entry from the "Tribes" section to the
correct "Catalina" section.
The first part is a backport of r1786844 from
trunk resp r1
Author: rjung
Date: Tue Mar 14 06:07:36 2017
New Revision: 1786846
URL: http://svn.apache.org/viewvc?rev=1786846&view=rev
Log:
Fix copy-and-paste error in changelog.
Backport of r1786844 from trunk resp r1786845
from 8.5.x.
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat/tc8.0.x
Author: rjung
Date: Tue Mar 14 06:02:40 2017
New Revision: 1786845
URL: http://svn.apache.org/viewvc?rev=1786845&view=rev
Log:
Fix copy-and-paste error in changelog.
Backport of r1786844 from trunk.
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/webapps/docs/chang
Author: rjung
Date: Tue Mar 14 06:00:52 2017
New Revision: 1786844
URL: http://svn.apache.org/viewvc?rev=1786844&view=rev
Log:
Fix copy-and-paste error in changelog.
Modified:
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.or
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-tc8.0.x-test-nio2 has an issue affecting its community
integration
The Buildbot has detected a restored build on builder tomcat-trunk while
building . Full details are available at:
https://ci.apache.org/builders/tomcat-trunk/builds/2179
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchScheduler sch
Author: markt
Date: Mon Mar 13 20:37:14 2017
New Revision: 1786798
URL: http://svn.apache.org/viewvc?rev=1786798&view=rev
Log:
Add release date for 8.5.12
Modified:
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apac
Author: markt
Date: Mon Mar 13 20:36:32 2017
New Revision: 1786797
URL: http://svn.apache.org/viewvc?rev=1786797&view=rev
Log:
Add release date for M18
Modified:
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomca
Author: markt
Date: Mon Mar 13 20:35:51 2017
New Revision: 18722
Log:
Release 8.5.12
Added:
release/tomcat/tomcat-8/v8.5.12/
- copied from r18721, dev/tomcat/tomcat-8/v8.5.12/
Removed:
dev/tomcat/tomcat-8/v8.5.12/
---
On Thu, Mar 9, 2017 at 12:05 PM, Mark Thomas wrote:
> Correcting the subject.
>
> On 08/03/17 20:26, Mark Thomas wrote:
> > The proposed Apache Tomcat 8.0.42 release is now available for voting.
> >
> > The main changes since 8.0.41 are:
> >
> > - Limited relaxation of the HTTP request line valid
The following votes were cast:
Binding:
+1: markt, remm, fschumacher, mgrigorov
Non-binding:
+1: huxing, ebourg, csutherl
No other votes were cast.
The vote therefore passes.
Thanks to everyone who contributed towards this release.
Mark
---
On Thu, Mar 9, 2017 at 3:11 PM, Mark Thomas wrote:
> The proposed Apache Tomcat 7.0.76 release is now available for voting.
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.76/
> The Maven staging repo is:
> https://repository.apache.org/content/repositor
Author: markt
Date: Mon Mar 13 20:16:43 2017
New Revision: 1786786
URL: http://svn.apache.org/viewvc?rev=1786786&view=rev
Log:
Correct year
Modified:
tomcat/site/trunk/docs/security-8.html
tomcat/site/trunk/docs/security-9.html
tomcat/site/trunk/xdocs/security-8.xml
tomcat/site/tr
Author: markt
Revision: 1774161
Modified property: svn:log
Modified: svn:log at Mon Mar 13 20:16:04 2017
--
--- svn:log (original)
+++ svn:log Mon Mar 13 20:16:04 2017
@@ -1 +1,2 @@
Fix intermittent test failure spotted d
Author: markt
Revision: 1774166
Modified property: svn:log
Modified: svn:log at Mon Mar 13 20:15:34 2017
--
--- svn:log (original)
+++ svn:log Mon Mar 13 20:15:34 2017
@@ -1 +1,2 @@
Fix intermittent test failure spotted d
CVE-2016-8747 Apache Tomcat Information Disclosure
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0.M11 to 9.0.0.M15
Apache Tomcat 8.5.7 to 8.5.9
Description
The refactoring to make wider use of ByteBuffer introduced a regression
that could cause
Author: markt
Date: Mon Mar 13 20:04:51 2017
New Revision: 1786781
URL: http://svn.apache.org/viewvc?rev=1786781&view=rev
Log:
Announce CVE-2017-8747
Modified:
tomcat/site/trunk/docs/security-8.html
tomcat/site/trunk/docs/security-9.html
tomcat/site/trunk/xdocs/security-8.xml
tomc
On Mon, Mar 13, 2017 at 4:00 PM, Mark Thomas wrote:
> On 13/03/17 19:57, Coty Sutherland wrote:
>> On Wed, Mar 8, 2017 at 1:56 PM, Mark Thomas wrote:
>>> The proposed Apache Tomcat 8.5.12 release is now available for voting.
>>>
>>> The major changes compared to the 8.5.11 release are:
>>>
>>> -
On Wed, Mar 8, 2017 at 3:26 PM, Mark Thomas wrote:
> The proposed Apache Tomcat 8.0.42 release is now available for voting.
>
> The main changes since 8.0.41 are:
>
> - Limited relaxation of the HTTP request line validation
>
> - Support for Java 9 during annotation scanning
>
> - Update Tomcat Na
On 13/03/17 19:57, Coty Sutherland wrote:
> On Wed, Mar 8, 2017 at 1:56 PM, Mark Thomas wrote:
>> The proposed Apache Tomcat 8.5.12 release is now available for voting.
>>
>> The major changes compared to the 8.5.11 release are:
>>
>> - Updates to the early access version of the Serlet 4.0 API to
On Wed, Mar 8, 2017 at 1:56 PM, Mark Thomas wrote:
> The proposed Apache Tomcat 8.5.12 release is now available for voting.
>
> The major changes compared to the 8.5.11 release are:
>
> - Updates to the early access version of the Serlet 4.0 API to align it
> with the most recent discussions in
https://bz.apache.org/bugzilla/show_bug.cgi?id=60852
--- Comment #3 from Michael Osipov <1983-01...@gmx.net> ---
(In reply to Christopher Schultz from comment #2)
> This can be done in a backward-compatible way. It's just an alias of an
> existing setting (or, rather, re-naming an existing setting
https://bz.apache.org/bugzilla/show_bug.cgi?id=60852
--- Comment #2 from Christopher Schultz ---
This can be done in a backward-compatible way. It's just an alias of an
existing setting (or, rather, re-naming an existing setting and then creating
an alias with the old name).
Would you care to su
On Mar 8, 2017 7:56 PM, "Mark Thomas" wrote:
The proposed Apache Tomcat 8.5.12 release is now available for voting.
The major changes compared to the 8.5.11 release are:
- Updates to the early access version of the Serlet 4.0 API to align it
with the most recent discussions in the Servlet EG
https://bz.apache.org/bugzilla/show_bug.cgi?id=60854
--- Comment #4 from Jan Engehausen ---
I see. I need to run this by my colleagues, hope it is okay to keep open until
tomorrow.
I would argue that in the case where authentication and session creation occur
in the same request it would not be
https://bz.apache.org/bugzilla/show_bug.cgi?id=60854
--- Comment #3 from Remy Maucherat ---
If you don't cache authentication occurs on every request.
--
You are receiving this mail because:
You are the assignee for the bug.
-
https://bz.apache.org/bugzilla/show_bug.cgi?id=60854
--- Comment #2 from Jan Engehausen ---
Hello Remy,
as far as I understand, session fixation prevention is there to change the
session ID when a session becomes authenticated. That's good.
But without a session to begin with, then being authen
https://bz.apache.org/bugzilla/show_bug.cgi?id=60854
--- Comment #1 from Remy Maucherat ---
My opinion is that it's a feature. If you don't like it, you should cause the
creation of a session before authentication. Will leave it open for further
comments before closing, though.
--
You are recei
Am 8. März 2017 21:26:52 MEZ schrieb Mark Thomas :
>The proposed Apache Tomcat 8.0.42 release is now available for voting.
>
>The main changes since 8.0.41 are:
>
>- Limited relaxation of the HTTP request line validation
>
>- Support for Java 9 during annotation scanning
>
>- Update Tomcat Native
Am 8. März 2017 19:56:32 MEZ schrieb Mark Thomas :
>The proposed Apache Tomcat 8.5.12 release is now available for voting.
>
>The major changes compared to the 8.5.11 release are:
>
>- Updates to the early access version of the Serlet 4.0 API to align it
> with the most recent discussions in the
Author: markt
Date: Mon Mar 13 17:43:56 2017
New Revision: 18713
Log:
Release 9.0.0.M18
Added:
release/tomcat/tomcat-9/v9.0.0.M18/
- copied from r18712, dev/tomcat/tomcat-9/v9.0.0.M18/
Removed:
dev/tomcat/tomcat-9/v9.0.0.M18/
---
The following votes were cast:
Binding:
+1: markt, fschumacher, remm
Non-binding:
+1: huxing
No other votes were cast.
The vote therefore passes.
Thanks to everyone who contributed towards this release.
Mark
-
To unsubscribe
https://bz.apache.org/bugzilla/show_bug.cgi?id=60854
Bug ID: 60854
Summary: Unintended JSESSIONID value change
Product: Tomcat 7
Version: 7.0.75
Hardware: All
OS: All
Status: NEW
Severity: normal
https://bz.apache.org/bugzilla/show_bug.cgi?id=60853
Bug ID: 60853
Summary: MBeans require update for new TLS configuration
Product: Tomcat 8
Version: 8.5.x-trunk
Hardware: PC
OS: Linux
Status: NEW
Severit
ump/public/workspace/objenesis/main/target/objenesis-2.6-SNAPSHOT.jar
-Dexamples.sources.skip=true
-Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20170313.jar
-Dtest.openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20170313/bin/openssl
-Dex
https://bz.apache.org/bugzilla/show_bug.cgi?id=60844
--- Comment #3 from Christopher Schultz ---
The error message you are likely to receive is something along the lines of "no
such method or property found: actionListener". Do you think that's a good
place to explain how to use a particular API?
https://bz.apache.org/bugzilla/show_bug.cgi?id=60852
--- Comment #1 from Michael Osipov <1983-01...@gmx.net> ---
The correct term is "compressible", a => i
--
You are receiving this mail because:
You are the assignee for the bug.
--
https://bz.apache.org/bugzilla/show_bug.cgi?id=60852
Bug ID: 60852
Summary: Connector property compressableMimeType incorrectly
spelled
Product: Tomcat 9
Version: 9.0.0.M17
Hardware: All
OS: All
https://bz.apache.org/bugzilla/show_bug.cgi?id=60851
Bug ID: 60851
Summary: Add more default compressible MIME types
Product: Tomcat 8
Version: 8.5.11
Hardware: All
OS: All
Status: NEW
Severity: enhancemen
https://bz.apache.org/bugzilla/show_bug.cgi?id=60849
Remy Maucherat changed:
What|Removed |Added
Severity|critical|enhancement
--- Comment #1 from Remy
https://bz.apache.org/bugzilla/show_bug.cgi?id=60849
Bug ID: 60849
Summary: Tomcat NIO Connector not able to handle SSL
renegotiation handshake exception
Product: Tomcat 8
Version: 8.0.37
Hardware: Other
OS:
42 matches
Mail list logo
