On Mon, Jul 31, 2023 at 10:54 AM Mark Thomas wrote:
>
> There are OpenSSL releases due tomorrow with security fixes. Given the
> timing, I'm going to delay the Tomcat Native tags to pick up those releases.
Makes sense.
Rémy
> Mark
>
>
> On 31/07/2023 09:12, Mark Thomas wrote:
> > Hi all,
> >
>
There are OpenSSL releases due tomorrow with security fixes. Given the
timing, I'm going to delay the Tomcat Native tags to pick up those releases.
Mark
On 31/07/2023 09:12, Mark Thomas wrote:
Hi all,
I have been working on BZ 9 [1] and have confirmed a small memory
leak when using Tomc
Hi all,
I have been working on BZ 9 [1] and have confirmed a small memory
leak when using Tomcat Native. I have a fix and will be committing it
shortly. I plan to start the release process for Tomcat Native 1.2.x and
2.0.x shortly afterwards. I'd like to delay the August Tomcat releases
u
On 25/08/2021 09:08, Mark Thomas wrote:
Hi all,
OpenSSL have published a security announcement alongside the latest
release:
https://www.openssl.org/news/secadv/20210824.txt
I'm trying to figure out if Tomcat Native is affected by these.
For CVE-2021-3711 it isn't clear to me if the issu
Hi all,
OpenSSL have published a security announcement alongside the latest release:
https://www.openssl.org/news/secadv/20210824.txt
I'm trying to figure out if Tomcat Native is affected by these.
For CVE-2021-3711 it isn't clear to me if the issue relates to just
stand-alone decryption or i
На чт, 25.03.2021 г. в 21:42 ч. Mark Thomas написа:
>
> Hi all,
>
> Given the recent OpenSSL security announcement [1], I think we'll need a
> Tomcat Native release to provide Windows binaries based on OpenSSL 1.1.1k
>
> We can then use the updated Tomcat Native fo
Hi all,
Given the recent OpenSSL security announcement [1], I think we'll need a
Tomcat Native release to provide Windows binaries based on OpenSSL 1.1.1k
We can then use the updated Tomcat Native for the next set of releases,
including what is likely to be the final 7.0.x release.
Mark,
On 12/10/20 07:24, Mark Thomas wrote:
With the recent OpenSSL vulnerability announcement I'm intended to
produce a Tomcat Native release that picks up the latest OpenSSL version
for the Windows binaries. I'll start on this shortly.
+1 though this is a much bigger deal for cl
All,
With the recent OpenSSL vulnerability announcement I'm intended to
produce a Tomcat Native release that picks up the latest OpenSSL version
for the Windows binaries. I'll start on this shortly.
Mark
-
To unsu
Hi,
I'd like to get the crash on start with APR and CRL configured fixed in
the next round of Tomcat releases so that means we need a Tomcat Native
release fairly soon.
My current plan is to tag sometime between late tomorrow and early next
week with a view to getting the release out by th
All,
Rainer's work on SSL_CONF_cmd and adding raw CA certs both require a new
Tomcat Native release. I'm happy to act as the release manager. I plan
to start the usual checks (testing, docs, library versions etc.)
tomorrow (Monday) with a view to tagging late Monday / early Tuesday.
I
11 matches
Mail list logo
