Re: [VOTE] Release Apache Tomcat 9.0.102

2025-03-06 Thread Christopher Schultz
Rainer, On 3/6/25 2:55 AM, Rainer Jung wrote: Am 03.03.25 um 20:52 schrieb Rémy Maucherat: The proposed Apache Tomcat 9.0.102 release is now available for voting. The notable changes compared to 9.0.100 are: - Improve the checks for exposure to and protection against     CVE-2024-56337 so tha

Re: [VOTE] Release Apache Tomcat 9.0.102

2025-03-05 Thread Rainer Jung
Am 03.03.25 um 20:52 schrieb Rémy Maucherat: The proposed Apache Tomcat 9.0.102 release is now available for voting. The notable changes compared to 9.0.100 are: - Improve the checks for exposure to and protection against CVE-2024-56337 so that reflection is not used unless required. The

Re: [VOTE] Release Apache Tomcat 9.0.102

2025-03-05 Thread Tim Funk
+1 On Mon, Mar 3, 2025 at 2:52 PM Rémy Maucherat wrote: > The proposed Apache Tomcat 9.0.102 release is now available for voting. > > The proposed 9.0.102 release is: > [ ] -1, Broken - do not release > [X] +1, Stable - go ahead and release as 9.0.102 > >

Re: [VOTE] Release Apache Tomcat 9.0.102

2025-03-05 Thread Mark Thomas
On 03/03/2025 19:52, Rémy Maucherat wrote: The proposed 9.0.102 release is: [ ] -1, Broken - do not release [X] +1, Stable - go ahead and release as 9.0.102 Build is cross platform (MacOS/Linux/Windows) reproducible. Tests pass on: - Linux (OpenSSL 3.0.13 from Ubuntu 24.04) - Windows (OpenSSL

Re: [VOTE] Release Apache Tomcat 9.0.102

2025-03-04 Thread Christopher Schultz
Rémy, Thanks for RMing. On 3/3/25 2:52 PM, Rémy Maucherat wrote: The proposed Apache Tomcat 9.0.102 release is now available for voting. The notable changes compared to 9.0.100 are: - Improve the checks for exposure to and protection against CVE-2024-56337 so that reflection is not used u

RE: [VOTE] Release Apache Tomcat 9.0.102

2025-03-04 Thread Engebretson, John
+1 -Original Message- From: Rémy Maucherat Sent: Monday, March 3, 2025 1:52 PM To: Tomcat Developers List Subject: [EXTERNAL] [VOTE] Release Apache Tomcat 9.0.102 CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can

Re: [VOTE] Release Apache Tomcat 9.0.102

2025-03-04 Thread Rémy Maucherat
On Mon, Mar 3, 2025 at 8:52 PM Rémy Maucherat wrote: > > The proposed Apache Tomcat 9.0.102 release is now available for voting. > > The notable changes compared to 9.0.100 are: > > - Improve the checks for exposure to and protection against >CVE-2024-56337 so that reflection is not used unles

[VOTE] Release Apache Tomcat 9.0.102

2025-03-03 Thread Rémy Maucherat
The proposed Apache Tomcat 9.0.102 release is now available for voting. The notable changes compared to 9.0.100 are: - Improve the checks for exposure to and protection against CVE-2024-56337 so that reflection is not used unless required. The checks for whether the file system is case sens