svn commit: r1836400 - in /tomcat/site/trunk: docs/security-native.html xdocs/security-native.xml

Author: jfclere Date: Sat Jul 21 09:04:53 2018 New Revision: 1836400 URL: http://svn.apache.org/viewvc?rev=1836400&view=rev Log: Add the CVE fixed in 1.2.17 Modified: tomcat/site/trunk/docs/security-native.html tomcat/site/trunk/xdocs/security-native.xml Modified: tomcat/site/trunk/docs/

[SECURITY] CVE-2018-8019 Apache Tomcat Native Connector - Mishandled OCSP invalid response

CVE-2018-8019 Apache Tomcat Native Connector - Mishandled OCSP invalid response Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat Native 1.2.0 to 1.2.16 Apache Tomcat Native 1.1.23 to 1.1.34 Description: When using an OCSP responder Tomcat Native did not

[SECURITY] CVE-2018-8020 Apache Tomcat Native Connector - Mishandled OCSP responses can allow clients to authenticate with revoked certificates

CVE-2018-8020 Apache Tomcat Native Connector - Mishandled OCSP responses can allow clients to authenticate with revoked certificates Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat Native 1.2.0 to 1.2.16 Apache Tomcat Native 1.1.23 to 1.1.34 Descript

[Bug 60762] Enhancement: Add support for runtime SNI changes in tomcat-embed

https://bz.apache.org/bugzilla/show_bug.cgi?id=60762 --- Comment #19 from Mark Thomas --- The Tomcat community does not use Bugzilla as a user support forum. Questions relating to the usage of Apache Tomcat are very unlikely to receive an answer here and should be directed to the Apache Tomcat us

Re: JDK 11 is now in Rampdown Phase one

Hi Chris, Please do let us know how your testing goes, if you find bugs we want to know about them as early as possible. I'm out next week but Muneer will be glad to help. Rgds,Rory On 20/07/2018 22:22, Christopher Schultz wrote: Rory, On 7/2/18 5:33 AM, Rory O'Donnell wrote: Since our l

[Bug 62559] New: Add "jaxb-*.jar" to tomcat.util.scan.StandardJarScanFilter.jarsToSkip

https://bz.apache.org/bugzilla/show_bug.cgi?id=62559 Bug ID: 62559 Summary: Add "jaxb-*.jar" to tomcat.util.scan.StandardJarScanFilter.jarsToSkip Product: Tomcat 8 Version: 8.5.x-trunk Hardware: All OS: All

[Bug 62560] New: Add "oraclepki.jar" to tomcat.util.scan.StandardJarScanFilter.jarsToSkip

https://bz.apache.org/bugzilla/show_bug.cgi?id=62560 Bug ID: 62560 Summary: Add "oraclepki.jar" to tomcat.util.scan.StandardJarScanFilter.jarsToSkip Product: Tomcat 8 Version: 8.5.x-trunk Hardware: All OS: A

[Bug 62560] Add "oraclepki.jar" to tomcat.util.scan.StandardJarScanFilter.jarsToSkip

https://bz.apache.org/bugzilla/show_bug.cgi?id=62560 --- Comment #1 from Michael Osipov <1983-01...@gmx.net> --- A typical usecase is: > > > >resource="${oracle.home}/jdbc/lib/ojdbc6.jar" /> >resource="${oracle.home}/jlib/oraclepki.jar" /> >resource="${oracl

[Bug 62561] New: class-loader-howto.html does not mention server.loader and shared.loader from catalina.properties

https://bz.apache.org/bugzilla/show_bug.cgi?id=62561 Bug ID: 62561 Summary: class-loader-howto.html does not mention server.loader and shared.loader from catalina.properties Product: Tomcat 8 Version: 8.5.x-trunk Hardware:

svn commit: r1836420 - in /tomcat/site/trunk: docs/security-9.html xdocs/security-9.xml

Author: jfclere Date: Sun Jul 22 06:51:36 2018 New Revision: 1836420 URL: http://svn.apache.org/viewvc?rev=1836420&view=rev Log: Add the missing fixed CVE. Modified: tomcat/site/trunk/docs/security-9.html tomcat/site/trunk/xdocs/security-9.xml Modified: tomcat/site/trunk/docs/security-9.