Hi Team,
What will be the release schedule for Tomcat 7.0.84 ?
Are there any CVE's be fixed in Tomcat 7.0.83(not released) / 7.0.84
versions ?
Thanks,
Silambarasan M
https://bz.apache.org/bugzilla/show_bug.cgi?id=61977
--- Comment #11 from Michael Osipov <1983-01...@gmx.net> ---
(In reply to Mark Thomas from comment #3)
> I can confirm that this is fixed in Java 10 (ea38).
>
> This is, clearly, a JRE bug. The fix for 8149521 looks more like addressing
> the sy
Hi,
2018-01-11 13:29 GMT+02:00 Mark Thomas :
>
> The proposed Apache Tomcat 9.0.3 release is now available for voting.
>
> The major changes compared to the 9.0.2 release are:
>
> - Modify the Default and WebDAV Servlets so that a 405 status code is
> returned for PUT and DELETE requests when di
https://bz.apache.org/bugzilla/show_bug.cgi?id=61999
Bug ID: 61999
Summary: Setting maxSavePostSize=0 won't disable saving POST
data
Product: Tomcat 8
Version: 8.5.x-trunk
Hardware: PC
OS: All
St
https://bz.apache.org/bugzilla/show_bug.cgi?id=61999
Michael changed:
What|Removed |Added
CC||bsi@gmail.com
--
You are receiving this
Hi,
2018-01-15 10:54 GMT+02:00 Silambarasan Madhappan <
silambarasan0...@gmail.com>:
>
> Hi Team,
>
> What will be the release schedule for Tomcat 7.0.84 ?
I was thinking to start preparing Tomcat 7.0.84 for voting this week or so.
Regards,
Violeta
>
> Are there any CVE's be fixed in Tomcat 7.0
FYI:
The bug was accepted:
https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8195096
On 12/01/18 13:28, Mark Thomas wrote:
> On 12/01/18 13:17, Rory O'Donnell wrote:
>> Hi Mark
>>
>> How serious is this issue ?
>
> Hi,
>
> In terms of functionality, it isn't serious. As far as I can tel
https://bz.apache.org/bugzilla/show_bug.cgi?id=61999
--- Comment #1 from Remy Maucherat ---
Ok, so the documentation isn't implemented properly when it comes to 0. Do you
have an actual need to disable the feature, or is this one of these academic
bug reports ? I'm asking since disabling the feat
https://bz.apache.org/bugzilla/show_bug.cgi?id=61999
--- Comment #2 from Michael ---
Thanks for your fast reply. Yes we have an actual need to disable the "save
post data" feature during authentication. We do not want the request to fail
(with 403) just because the POST data was more than x KB si
https://bz.apache.org/bugzilla/show_bug.cgi?id=61999
--- Comment #3 from Michael ---
BTW: We are willing to provide a patch if you agree.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscrib
https://bz.apache.org/bugzilla/show_bug.cgi?id=61999
--- Comment #4 from Remy Maucherat ---
"Furthermore the current implementation behaves as follows:
* value < 0 means no limit
* value >= 0 means limited to the value => so for value=0 every request with
any POST data will fail (403 Forbidden)"
Author: remm
Date: Mon Jan 15 14:32:20 2018
New Revision: 1821157
URL: http://svn.apache.org/viewvc?rev=1821157&view=rev
Log:
61999: Disable saving POST data when maxSavePostSize is set to 0.
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java
tomcat/trunk
Author: remm
Date: Mon Jan 15 14:36:16 2018
New Revision: 1821158
URL: http://svn.apache.org/viewvc?rev=1821158&view=rev
Log:
61999: Disable saving POST data when maxSavePostSize is set to 0.
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/catalina/
Author: remm
Date: Mon Jan 15 14:37:49 2018
New Revision: 1821159
URL: http://svn.apache.org/viewvc?rev=1821159&view=rev
Log:
Typo.
Modified:
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs
Author: remm
Date: Mon Jan 15 14:54:40 2018
New Revision: 1821160
URL: http://svn.apache.org/viewvc?rev=1821160&view=rev
Log:
61999: Disable saving POST data when maxSavePostSize is set to 0.
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat/tc8.0.x/trunk/java/org/apache/catalina/
Author: markt
Date: Mon Jan 15 15:00:33 2018
New Revision: 1821162
URL: http://svn.apache.org/viewvc?rev=1821162&view=rev
Log:
Correctly handle EOF when ServletInputStream.isReady() is called.
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/ut
Author: remm
Date: Mon Jan 15 15:01:22 2018
New Revision: 1821163
URL: http://svn.apache.org/viewvc?rev=1821163&view=rev
Log:
61999: Disable saving POST data when maxSavePostSize is set to 0.
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/catalina/
https://bz.apache.org/bugzilla/show_bug.cgi?id=61999
Remy Maucherat changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
https://bz.apache.org/bugzilla/show_bug.cgi?id=62000
Bug ID: 62000
Summary: Swallowing exception inside NamingContext lookup
Product: Tomcat 7
Version: 7.0.82
Hardware: PC
OS: All
Status: NEW
Severity: min
https://bz.apache.org/bugzilla/show_bug.cgi?id=62000
Damian Gauee changed:
What|Removed |Added
Summary|Swallowing exception inside |Avoid swallowing exception
https://bz.apache.org/bugzilla/show_bug.cgi?id=62000
--- Comment #1 from Damian Gauee ---
Created attachment 35679
--> https://bz.apache.org/bugzilla/attachment.cgi?id=35679&action=edit
Add log with an exception
--
You are receiving this mail because:
You are the assignee for the bug.
---
https://bz.apache.org/bugzilla/show_bug.cgi?id=62000
Damian Gauee changed:
What|Removed |Added
Priority|P2 |P4
--
You are receiving this mail beca
Author: markt
Date: Mon Jan 15 15:41:06 2018
New Revision: 1821166
URL: http://svn.apache.org/viewvc?rev=1821166&view=rev
Log:
Tag 8.5.25
Added:
tomcat/tc8.5.x/tags/TOMCAT_8_5_25/ (props changed)
- copied from r1821165, tomcat/tc8.5.x/trunk/
Modified:
tomcat/tc8.5.x/tags/TOMCAT_8_
Author: markt
Date: Mon Jan 15 15:47:54 2018
New Revision: 1821167
URL: http://svn.apache.org/viewvc?rev=1821167&view=rev
Log:
Use local copy now it is available
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java
Modified:
tomcat/trunk/java/org/apache/catal
Author: markt
Date: Mon Jan 15 15:48:39 2018
New Revision: 1821168
URL: http://svn.apache.org/viewvc?rev=1821168&view=rev
Log:
Use local copy now it is available
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticato
Author: markt
Date: Mon Jan 15 15:49:04 2018
New Revision: 1821169
URL: http://svn.apache.org/viewvc?rev=1821169&view=rev
Log:
Use local copy now it is available
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticato
Author: markt
Date: Mon Jan 15 15:49:42 2018
New Revision: 1821170
URL: http://svn.apache.org/viewvc?rev=1821170&view=rev
Log:
Use local copy now it is available
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticato
Author: markt
Date: Mon Jan 15 15:56:08 2018
New Revision: 1821173
URL: http://svn.apache.org/viewvc?rev=1821173&view=rev
Log:
Drop tag to address Javadoc errors
Removed:
tomcat/tc8.5.x/tags/TOMCAT_8_5_25/
-
To unsubscribe,
Author: markt
Date: Mon Jan 15 16:01:17 2018
New Revision: 1821174
URL: http://svn.apache.org/viewvc?rev=1821174&view=rev
Log:
Align with 9.0.x to fix Javadoc warning
Modified:
tomcat/tc8.5.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
Modified:
tomcat/tc8.5.x/trunk/jav
Author: markt
Date: Mon Jan 15 16:01:56 2018
New Revision: 1821175
URL: http://svn.apache.org/viewvc?rev=1821175&view=rev
Log:
Tag 8.5.25
Added:
tomcat/tc8.5.x/tags/TOMCAT_8_5_25/ (props changed)
- copied from r1821174, tomcat/tc8.5.x/trunk/
Modified:
tomcat/tc8.5.x/tags/TOMCAT_8_
Hi all,
The Javadoc failure in the first release build has triggered further
issues. The code signing service had already signed 8.5.25 and it won't
sign another file with the same version.
I've tried various ways to work around this without success.
Therefore I intend to do the following:
- rei
Author: markt
Date: Mon Jan 15 18:27:18 2018
New Revision: 1821188
URL: http://svn.apache.org/viewvc?rev=1821188&view=rev
Log:
Remove updated 8.2.25 tag to make may for original
Removed:
tomcat/tc8.5.x/tags/TOMCAT_8_5_25/
-
Author: markt
Date: Mon Jan 15 18:28:19 2018
New Revision: 1821189
URL: http://svn.apache.org/viewvc?rev=1821189&view=rev
Log:
Restore original 8.5.25 tag
Added:
tomcat/tc8.5.x/tags/TOMCAT_8_5_25/ (props changed)
- copied from r1821166, tomcat/tc8.5.x/tags/TOMCAT_8_5_25/
Propchange:
Author: markt
Date: Mon Jan 15 18:30:49 2018
New Revision: 1821190
URL: http://svn.apache.org/viewvc?rev=1821190&view=rev
Log:
Increment version
Modified:
tomcat/tc8.5.x/trunk/build.properties.default
tomcat/tc8.5.x/trunk/res/maven/mvn.properties.default
tomcat/tc8.5.x/trunk/webapps/d
Author: markt
Date: Mon Jan 15 18:31:33 2018
New Revision: 1821191
URL: http://svn.apache.org/viewvc?rev=1821191&view=rev
Log:
Update change log
Modified:
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/vie
Author: markt
Date: Mon Jan 15 18:52:48 2018
New Revision: 1821193
URL: http://svn.apache.org/viewvc?rev=1821193&view=rev
Log:
Tag 8.5.26
Added:
tomcat/tc8.5.x/TOMCAT_8_5_26/ (props changed)
- copied from r1821191, tomcat/tc8.5.x/trunk/
Modified:
tomcat/tc8.5.x/TOMCAT_8_5_26/build
Author: markt
Date: Mon Jan 15 18:53:59 2018
New Revision: 1821194
URL: http://svn.apache.org/viewvc?rev=1821194&view=rev
Log:
Tag 8.5.26
Added:
tomcat/tc8.5.x/tags/TOMCAT_8_5_26/ (props changed)
- copied from r1821193, tomcat/tc8.5.x/TOMCAT_8_5_26/
Removed:
tomcat/tc8.5.x/TOMCAT_
On 15/01/18 17:39, Mark Thomas wrote:
> Hi all,
>
> The Javadoc failure in the first release build has triggered further
> issues. The code signing service had already signed 8.5.25 and it won't
> sign another file with the same version.
>
> I've tried various ways to work around this without suc
On 11/01/18 11:29, Mark Thomas wrote:
> The proposed 9.0.3 release is:
> [ ] Broken - do not release
> [ ] Alpha - go ahead and release as 9.0.3
> [ ] Beta - go ahead and release as 9.0.3
> [X] Stable - go ahead and release as 9.0.3
Tests pass for NIO, NIO2 and APR/native on Windows, Linux a
On Thu, Jan 11, 2018 at 6:29 AM, Mark Thomas wrote:
> The proposed Apache Tomcat 9.0.3 release is now available for voting.
>
> The major changes compared to the 9.0.2 release are:
>
> - Modify the Default and WebDAV Servlets so that a 405 status code is
> returned for PUT and DELETE requests wh
2018-01-11 14:29 GMT+03:00 Mark Thomas :
> The proposed Apache Tomcat 9.0.3 release is now available for voting.
>
> The major changes compared to the 9.0.2 release are:
>
> - Modify the Default and WebDAV Servlets so that a 405 status code is
> returned for PUT and DELETE requests when disabled
https://bz.apache.org/bugzilla/show_bug.cgi?id=62000
--- Comment #2 from Mark Thomas ---
Seems perfectly reasonable to me.
If you provide a patch or pull-request against trunk (9.0.x) it will get
back-ported to the other versions as well.
--
You are receiving this mail because:
You are the ass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61993
--- Comment #3 from Mark Thomas ---
Typically, we add tests like that with the @Ignore annotation so we can run
them easily from the IDE but they aren't run by the CI systems.
I've looked at this further over the weekend and there are subtle d
Author: markt
Date: Mon Jan 15 21:49:15 2018
New Revision: 1821197
URL: http://svn.apache.org/viewvc?rev=1821197&view=rev
Log:
Add a base class with a view to aligning and pulling up the common code where
possible.
Added:
tomcat/trunk/java/org/apache/tomcat/util/buf/AbstractChunk.java (wit
Author: markt
Date: Mon Jan 15 22:06:01 2018
New Revision: 1821198
URL: http://svn.apache.org/viewvc?rev=1821198&view=rev
Log:
Pull up and align start (a.k.a. offset), end and hashcode
Modified:
tomcat/trunk/java/org/apache/tomcat/util/buf/AbstractChunk.java
tomcat/trunk/java/org/apache/t
Author: markt
Date: Mon Jan 15 22:16:09 2018
New Revision: 1821199
URL: http://svn.apache.org/viewvc?rev=1821199&view=rev
Log:
Pull up and align isNull and recycle
Modified:
tomcat/trunk/java/org/apache/tomcat/util/buf/AbstractChunk.java
tomcat/trunk/java/org/apache/tomcat/util/buf/ByteCh
Author: markt
Date: Mon Jan 15 22:20:19 2018
New Revision: 1821200
URL: http://svn.apache.org/viewvc?rev=1821200&view=rev
Log:
Reduce diff between ByteChunk and CharChunk
No functional change
Modified:
tomcat/trunk/java/org/apache/tomcat/util/buf/ByteChunk.java
tomcat/trunk/java/org/apach
Author: markt
Date: Mon Jan 15 22:25:02 2018
New Revision: 1821201
URL: http://svn.apache.org/viewvc?rev=1821201&view=rev
Log:
Formatting / comment alignment
Modified:
tomcat/trunk/java/org/apache/tomcat/util/buf/ByteChunk.java
tomcat/trunk/java/org/apache/tomcat/util/buf/CharChunk.java
Author: markt
Date: Mon Jan 15 22:26:51 2018
New Revision: 1821202
URL: http://svn.apache.org/viewvc?rev=1821202&view=rev
Log:
Handle case where start != 0 and buffer is not empty when makeSpace() is called.
Aligns CharChunk with ByteChunk
Modified:
tomcat/trunk/java/org/apache/tomcat/util/bu
Author: markt
Date: Mon Jan 15 22:43:13 2018
New Revision: 1821203
URL: http://svn.apache.org/viewvc?rev=1821203&view=rev
Log:
Align ByteChunk and CharChunk
Modified:
tomcat/trunk/java/org/apache/tomcat/util/buf/CharChunk.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/buf/CharChunk.
The Buildbot has detected a new failure on builder tomcat-trunk while building
. Full details are available at:
https://ci.apache.org/builders/tomcat-trunk/builds/2966
Buildbot URL: https://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchScheduler schedu
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-trunk-test-nio has an issue affecting its community integration.
Th
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-trunk-test-nio2 has an issue affecting its community integration.
T
Hi ,
Thanks for the quick response.
Can you please clarify below,
1. If voting happens this week, by when we can expect the release ?
2. Are there any Security CVE's will be fixed in Tomcat 7.0.83 (not
released) / 7.0.84 ?
Thanks and Regards,
Silambarasan M
On Mon, Jan 15, 2018 at 2:24 PM, Si
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-trunk-test-apr has an issue affecting its community integration.
Th
https://bz.apache.org/bugzilla/show_bug.cgi?id=62002
Bug ID: 62002
Summary: UT failure when running on Java 9
Product: Tomcat 9
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: minor
56 matches
Mail list logo
