dev  

Messages by Date

• 2025/09/26 Re: [PR] typo: war-tracking -> war-tracker [tomcat] via GitHub
• 2025/09/26 Re: [PR] Add support for CIDR notation in RemoteIpFilter(#632) [tomcat] via GitHub
• 2025/09/26 (tomcat) branch 11.0.x updated: Add comment remm
• 2025/09/26 (tomcat) branch 9.0.x updated: Add comment remm
• 2025/09/26 (tomcat) branch 10.1.x updated: Add comment remm
• 2025/09/26 (tomcat) branch main updated: Add comment remm
• 2025/09/26 [Bug 69832] Session-timeout is not being honoured when posting to j_security_check bugzilla
• 2025/09/26 [Bug 69832] Session-timeout is not being honoured when posting to j_security_check bugzilla
• 2025/09/26 [Bug 69832] Session-timeout is not being honoured when posting to j_security_check bugzilla
• 2025/09/26 [Bug 69832] Session-timeout is not being honoured when posting to j_security_check bugzilla
• 2025/09/26 [Bug 69832] New: Session-timeout is not being honoured when posting to j_security_check bugzilla
• 2025/09/26 Re: [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/26 Re: [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/25 Re: [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/25 Re: [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/25 Buildbot success in on tomcat-9.0.x buildbot
• 2025/09/25 Re: [PR] refactor: formatter refactoring [tomcat] via GitHub
• 2025/09/25 [PR] refactor: formatter refactoring [tomcat] via GitHub
• 2025/09/25 (tomcat) branch 10.1.x updated: Make TLS 1.2 explicit for SSLHostConfigCompat remm
• 2025/09/25 (tomcat) branch 11.0.x updated: Fix merge remm
• 2025/09/25 (tomcat) branch 9.0.x updated: Improve algorithm for possible edge cases remm
• 2025/09/25 (tomcat) branch 10.1.x updated: Improve algorithm for possible edge cases remm
• 2025/09/25 (tomcat) branch 11.0.x updated: Improve algorithm for possible edge cases remm
• 2025/09/25 (tomcat) branch main updated: Improve algorithm for possible edge cases remm
• 2025/09/25 (tomcat) branch 11.0.x updated: Make TLS 1.2 explicit for SSLHostConfigCompat remm
• 2025/09/25 (tomcat) branch 9.0.x updated: Make TLS 1.2 explicit for SSLHostConfigCompat remm
• 2025/09/25 (tomcat) branch main updated: Make TLS 1.2 explicit for SSLHostConfigCompat remm
• 2025/09/25 Re: [PR] Expose clientIdentifier generation as a function [tomcat] via GitHub
• 2025/09/25 [PR] Expose clientIdentifier generation as a function [tomcat] via GitHub
• 2025/09/25 Re: [PR] Expose clientIdentifier generation as a function [tomcat] via GitHub
• 2025/09/25 Re: [PR] Expose clientIdentifier generation as a function [tomcat] via GitHub
• 2025/09/24 Re: [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/24 Re: [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/24 (tomcat) branch 9.0.x updated: Fix case sensitivity issues in trailer header allow list markt
• 2025/09/24 (tomcat) branch 10.1.x updated: Fix case sensitivity issues in trailer header allow list markt
• 2025/09/24 (tomcat) branch 11.0.x updated: Fix case sensitivity issues in trailer header allow list markt
• 2025/09/24 (tomcat) branch main updated: Fix case sensitivity issues in trailer header allow list markt
• 2025/09/24 Re: [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/24 (tomcat-tck) branch main updated: Run TCKs on Java 25 as well as Java 21. markt
• 2025/09/24 Re: [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/24 Re: [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/24 [Bug 69830] SPAM SPAM SPAM SPAM bugzilla
• 2025/09/24 [Bug 69830] New: https://techozea.com/ bugzilla
• 2025/09/24 Re: [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/24 Re: (tomcat) branch 11.0.x updated: Record the instant the request processing starts. Christopher Schultz
• 2025/09/24 Re: [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/24 [PR] Access log nanoseconds [tomcat] via GitHub
• 2025/09/24 Re: [PR] Access log nanoseconds [tomcat] Mark Thomas
• 2025/09/24 Re: (tomcat) branch 11.0.x updated: Refactor recording of request start time Mark Thomas
• 2025/09/24 Re: (tomcat) branch 11.0.x updated: Record the instant the request processing starts. Mark Thomas
• 2025/09/24 Buildbot failure in on tomcat-9.0.x buildbot
• 2025/09/24 (tomcat) branch 9.0.x updated: Add support for recording the time to commit in nanoseconds. markt
• 2025/09/23 Re: (tomcat) branch 11.0.x updated: Refactor recording of request start time Christopher Schultz
• 2025/09/23 Re: (tomcat) branch 11.0.x updated: Record the instant the request processing starts. Christopher Schultz
• 2025/09/23 [Bug 69817] Add sub-millisecond precision capability to access log timestamps bugzilla
• 2025/09/23 Buildbot success in on tomcat-10.1.x buildbot
• 2025/09/23 (tomcat) branch 10.1.x updated: Add type to docs remm
• 2025/09/23 (tomcat) branch 11.0.x updated: Add type to docs remm
• 2025/09/23 (tomcat) branch 9.0.x updated: Add type to docs remm
• 2025/09/23 (tomcat) branch main updated: Add type to docs remm
• 2025/09/23 Re: [PR] typo: war-tracking -> war-tracker [tomcat] via GitHub
• 2025/09/23 Re: [PR] typo: war-tracking -> war-tracker [tomcat] via GitHub
• 2025/09/23 [PR] typo: war-tracking -> war-tracker [tomcat] via GitHub
• 2025/09/23 Buildbot failure in on tomcat-10.1.x buildbot
• 2025/09/23 (tomcat) branch 10.1.x updated: Correct Javadoc - time is in nanoseconds markt
• 2025/09/23 (tomcat) branch main updated: Correct Javadoc - time is in nanoseconds markt
• 2025/09/23 (tomcat) branch 11.0.x updated: Correct Javadoc - time is in nanoseconds markt
• 2025/09/23 Java 25 Released and New Leyden EA Builds David Delabassee
• 2025/09/23 (tomcat) branch 10.1.x updated: Refactor access log time stamps to be based on request.getStartInstant() markt
• 2025/09/23 (tomcat) branch 11.0.x updated: Refactor access log time stamps to be based on request.getStartInstant() markt
• 2025/09/22 Re: (tomcat) branch 9.0.x updated: Drop method Mark Thomas
• 2025/09/22 (tomcat) 13/14: Rename method remm
• 2025/09/22 (tomcat) branch main updated: Refactor access log time stamps to be based on request.getStartInstant() markt
• 2025/09/22 Buildbot success in on tomcat-11.0.x buildbot
• 2025/09/22 Re: (tomcat) branch 9.0.x updated: Drop method Rémy Maucherat
• 2025/09/22 (tomcat) branch 9.0.x updated: Drop method remm
• 2025/09/22 (tomcat) branch 10.1.x updated: Drop method remm
• 2025/09/22 (tomcat) branch 10.1.x updated: Fix changelog merges remm
• 2025/09/22 (tomcat) branch 9.0.x updated: Add release date remm
• 2025/09/22 (tomcat) branch 11.0.x updated: Drop method remm
• 2025/09/22 (tomcat) 14/14: Fix import remm
• 2025/09/22 (tomcat) branch 9.0.x updated: Use nanoseconds rather than milliseconds internally. Aligns with 10.0.x+ markt
• 2025/09/22 (tomcat) 13/14: Rename method remm
• 2025/09/22 (tomcat) branch 10.1.x updated: Fix back-port. setStartTime(long) should not be a NO-OP. markt
• 2025/09/22 (tomcat) 12/14: Avoid changing Type toString remm
• 2025/09/22 (tomcat) 06/14: Fix cut and paste abuse remm
• 2025/09/22 (tomcat) 08/14: Additional fixes remm
• 2025/09/22 (tomcat) 07/14: Add group configuration to OpenSSL FFM remm
• 2025/09/22 (tomcat) 05/14: Rename SignatureAlgorithm enum to SignatureScheme remm
• 2025/09/22 (tomcat) 09/14: Missed rename remm
• 2025/09/22 (tomcat) 11/14: Fix key type remm
• 2025/09/22 (tomcat) 03/14: Add certificate selection code specific to TLS 1.3 remm
• 2025/09/22 (tomcat) branch 9.0.x updated (50462fd6c0 -> 70c6547681) remm
• 2025/09/22 (tomcat) 01/14: Add extraction of group and signature information from client hello remm
• 2025/09/22 (tomcat) 10/14: Hack around the certificate index for tomcat-native remm
• 2025/09/22 (tomcat) 02/14: Add getters for group and signature info. remm
• 2025/09/22 (tomcat) 04/14: Cleanups remm
• 2025/09/22 (tomcat) branch 9.0.x updated: Correct back-port markt
• 2025/09/22 (tomcat) 05/14: Rename SignatureAlgorithm enum to SignatureScheme remm
• 2025/09/22 (tomcat) 09/14: Missed rename remm
• 2025/09/22 (tomcat) 07/14: Add group configuration to OpenSSL FFM remm
• 2025/09/22 (tomcat) 03/14: Add certificate selection code specific to TLS 1.3 remm
• 2025/09/22 (tomcat) 14/14: Merge branch '10.1.x' of [email protected]:apache/tomcat.git into 10.1.x remm
• 2025/09/22 (tomcat) 11/14: Fix key type remm
• 2025/09/22 (tomcat) 12/14: Avoid changing Type toString remm
• 2025/09/22 (tomcat) 02/14: Add getters for group and signature info. remm
• 2025/09/22 (tomcat) branch 10.1.x updated (4300f357d6 -> 8c8c46498e) remm
• 2025/09/22 (tomcat) 10/14: Hack around the certificate index for tomcat-native remm
• 2025/09/22 (tomcat) 08/14: Additional fixes remm
• 2025/09/22 (tomcat) 01/14: Add extraction of group and signature information from client hello remm
• 2025/09/22 (tomcat) 06/14: Fix cut and paste abuse remm
• 2025/09/22 (tomcat) 04/14: Cleanups remm
• 2025/09/22 (tomcat) branch 9.0.x updated: Record the instant the request processing starts. markt
• 2025/09/22 (tomcat) branch 10.1.x updated: Record the instant the request processing starts. markt
• 2025/09/22 (tomcat) branch 11.0.x updated: Record the instant the request processing starts. markt
• 2025/09/22 (tomcat) branch main updated: Record the instance the request processing starts. markt
• 2025/09/22 (tomcat) branch 11.0.x updated: Fix test-compile error dsoumis
• 2025/09/22 (tomcat) branch 9.0.x updated (6909ac966b -> b2eee41a53) dsoumis
• 2025/09/22 Buildbot failure in on tomcat-11.0.x buildbot
• 2025/09/22 (tomcat) 02/02: Add tests for juli integration dsoumis
• 2025/09/22 (tomcat) 01/02: Remove default log Level.ALL logic if level is null in TomcatBaseTest.LogCapture. dsoumis
• 2025/09/22 (tomcat) branch main updated: Remove deprecated code markt
• 2025/09/22 (tomcat) branch 9.0.x updated: Refactor recording of request start time markt
• 2025/09/22 (tomcat) 02/02: Add tests for juli integration dsoumis
• 2025/09/22 (tomcat) branch 10.1.x updated (98df9a1201 -> d5ced46369) dsoumis
• 2025/09/22 (tomcat) 01/02: Remove default log Level.ALL logic if level is null in TomcatBaseTest.LogCapture. dsoumis
• 2025/09/22 (tomcat) 01/02: Remove default log Level.ALL logic if level is null in TomcatBaseTest.LogCapture. dsoumis
• 2025/09/22 (tomcat) 02/02: Add tests for juli integration dsoumis
• 2025/09/22 (tomcat) branch 11.0.x updated (203f0a07ee -> b40a128c59) dsoumis
• 2025/09/22 Re: [PR] Add Juli integration tests [tomcat] via GitHub
• 2025/09/22 (tomcat) 01/02: Remove default log Level.ALL logic if level is null in TomcatBaseTest.LogCapture. dsoumis
• 2025/09/22 (tomcat) 02/02: Add tests for juli integration dsoumis
• 2025/09/22 (tomcat) branch main updated (285f2b6b90 -> 40e6f093de) dsoumis
• 2025/09/22 (tomcat) branch 10.1.x updated: Refactor recording of request start time markt
• 2025/09/22 (tomcat) branch 11.0.x updated: Refactor recording of request start time markt
• 2025/09/22 [Bug 69817] Add sub-millisecond precision capability to access log timestamps bugzilla
• 2025/09/22 Re: (tomcat) branch main updated: Stabilize TestSwallowAbortedUploads.testChunkedPUTLimit Mark Thomas
• 2025/09/22 [Bug 69817] Add sub-millisecond precision capability to access log timestamps bugzilla
• 2025/09/22 (tomcat) branch 11.0.x updated: Rename method remm
• 2025/09/22 (tomcat) branch main updated: Rename method remm
• 2025/09/22 [PR] Add Juli integration tests [tomcat] via GitHub
• 2025/09/22 [Bug 69817] Add sub-millisecond precision capability to access log timestamps bugzilla
• 2025/09/22 [Bug 69817] Add sub-millisecond precision capability to access log timestamps bugzilla
• 2025/09/22 [Bug 69817] Add sub-millisecond precision capability to access log timestamps bugzilla
• 2025/09/21 [Bug 69826] The compression logic only checks for "gzip" and "br" encodings but misses other compression formats, potentially causing double compression. This wastes CPU resources and may increase response size due to compression overhead. bugzilla
• 2025/09/21 [Bug 69575] org.apache.coyote.CompressionConfig doesn't recognize "zstd" compression bugzilla
• 2025/09/21 [Bug 69823] Potential ReDoS (Regular Expression Denial of Service) Location: setNoCompressionUserAgents(String noCompressionUserAgents) method Root Cause: The method directly compiles a user-provided string into a Pattern without any validation, sanitization bugzilla
• 2025/09/21 [Bug 69825] Potential ReDoS (Regular Expression Denial of Service) Location: setNoCompressionUserAgents(String noCompressionUserAgents) method Root Cause: The method directly compiles a user-provided string into a Pattern without any validation, sanitization bugzilla
• 2025/09/21 [Bug 69827] The compression checks a possibly outdated content-length, risking race conditions where content changes before compression, causing errors. bugzilla
• 2025/09/21 [Bug 69827] New: The compression checks a possibly outdated content-length, risking race conditions where content changes before compression, causing errors. bugzilla
• 2025/09/21 [Bug 69821] `AbstractProcessor` risks `NullPointerException` crashes due to race conditions with `volatile socketWrapper`. Fix with final local references and null checks. bugzilla
• 2025/09/21 [Bug 69826] The compression logic only checks for "gzip" and "br" encodings but misses other compression formats, potentially causing double compression. This wastes CPU resources and may increase response size due to compression overhead. bugzilla
• 2025/09/21 [Bug 69822] Log injection vulnerability in AbstractProcessorLight class allows attackers to manipulate application logs by injecting malicious content through unsanitized input in trace logging statements. bugzilla
• 2025/09/21 [Bug 69824] Potential ReDoS (Regular Expression Denial of Service) Location: setNoCompressionUserAgents(String noCompressionUserAgents) method Root Cause: The method directly compiles a user-provided string into a Pattern without any validation, sanitization bugzilla
• 2025/09/21 [Bug 69823] Potential ReDoS (Regular Expression Denial of Service) Location: setNoCompressionUserAgents(String noCompressionUserAgents) method Root Cause: The method directly compiles a user-provided string into a Pattern without any validation, sanitization bugzilla
• 2025/09/21 [Bug 69822] Log injection vulnerability in AbstractProcessorLight class allows attackers to manipulate application logs by injecting malicious content through unsanitized input in trace logging statements. bugzilla
• 2025/09/21 [Bug 69826] New: The compression logic only checks for "gzip" and "br" encodings but misses other compression formats, potentially causing double compression. This wastes CPU resources and may increase response size due to compression overhead. bugzilla
• 2025/09/21 [Bug 69825] New: Potential ReDoS (Regular Expression Denial of Service) Location: setNoCompressionUserAgents(String noCompressionUserAgents) method Root Cause: The method directly compiles a user-provided string into a Pattern without any validation, sanitization bugzilla
• 2025/09/21 [Bug 69824] New: Potential ReDoS (Regular Expression Denial of Service) Location: setNoCompressionUserAgents(String noCompressionUserAgents) method Root Cause: The method directly compiles a user-provided string into a Pattern without any validation, sanitization bugzilla
• 2025/09/21 [Bug 69823] New: Potential ReDoS (Regular Expression Denial of Service) Location: setNoCompressionUserAgents(String noCompressionUserAgents) method Root Cause: The method directly compiles a user-provided string into a Pattern without any validation, sanitization bugzilla
• 2025/09/21 [Bug 69822] New: Log injection vulnerability in AbstractProcessorLight class allows attackers to manipulate application logs by injecting malicious content through unsanitized input in trace logging statements. bugzilla
• 2025/09/21 [Bug 69821] New: `AbstractProcessor` risks `NullPointerException` crashes due to race conditions with `volatile socketWrapper`. Fix with final local references and null checks. bugzilla
• 2025/09/19 (tomcat) branch 9.0.x updated: Stabilize TestSwallowAbortedUploads.testChunkedPUTLimit dsoumis
• 2025/09/19 (tomcat) branch 10.1.x updated: Stabilize TestSwallowAbortedUploads.testChunkedPUTLimit dsoumis
• 2025/09/19 (tomcat) branch main updated: Stabilize TestSwallowAbortedUploads.testChunkedPUTLimit dsoumis
• 2025/09/19 (tomcat) branch 11.0.x updated: Stabilize TestSwallowAbortedUploads.testChunkedPUTLimit dsoumis
• 2025/09/19 Re: [PR] Stabilize TestSwallowAbortedUploads.testChunkedPUTLimit [tomcat] via GitHub
• 2025/09/19 [Bug 69820] Trivial performance improvement to ParameterMap.<init> bugzilla
• 2025/09/19 (tomcat) branch 9.0.x updated: Fix back-port markt
• 2025/09/19 [Bug 69820] Trivial performance improvement to ParameterMap.<init> bugzilla
• 2025/09/19 (tomcat) branch 11.0.x updated: Further performance improvements for ParameterMap. (jengebr/markt) markt
• 2025/09/19 (tomcat) branch 9.0.x updated: Further performance improvements for ParameterMap. (jengebr/markt) markt
• 2025/09/19 (tomcat) branch 10.1.x updated: Further performance improvements for ParameterMap. (jengebr/markt) markt
• 2025/09/19 (tomcat) branch main updated: Further performance improvements for ParameterMap. (jengebr/markt) markt
• 2025/09/19 (tomcat) branch 10.1.x updated: Refactor RemoteCIDRFilter to use NetMaskSet markt
• 2025/09/19 [Bug 69820] Trivial performance improvement to ParameterMap.<init> bugzilla
• 2025/09/19 (tomcat) branch 9.0.x updated: Fix back-port markt
• 2025/09/19 (tomcat) branch 10.1.x updated: Fix back-port markt
• 2025/09/19 (tomcat) branch main updated: Refactor RemoteCIDRFilter to use NetMaskSet markt
• 2025/09/19 (tomcat) branch 11.0.x updated: Refactor RemoteCIDRFilter to use NetMaskSet markt
• 2025/09/19 (tomcat) branch 9.0.x updated: Refactor RemoteCIDRFilter to use NetMaskSet markt
• 2025/09/19 [PR] Stabilize TestSwallowAbortedUploads.testChunkedPUTLimit [tomcat] via GitHub
• 2025/09/19 (tomcat) branch 9.0.x updated: Improve code coverage of tests for RemoteCIDRFilter markt
• 2025/09/19 (tomcat) branch 10.1.x updated: Improve code coverage of tests for RemoteCIDRFilter markt
• 2025/09/19 (tomcat) branch 11.0.x updated: Improve code coverage of tests for RemoteCIDRFilter markt
• 2025/09/19 (tomcat) branch main updated: Improve code coverage of tests for RemoteCIDRFilter markt
• 2025/09/19 (tomcat) branch 9.0.x updated: Store request header names using original case rather than forcing to lc markt
• 2025/09/19 Re: [PR] Move lower casing of headers from parser to valve [tomcat] via GitHub
• 2025/09/19 Re: [PR] Move lower casing of headers from parser to valve [tomcat] via GitHub
• 2025/09/19 (tomcat) branch 11.0.x updated: Store request header names using original case rather than forcing to lc markt
• 2025/09/19 (tomcat) branch 10.1.x updated: Store request header names using original case rather than forcing to lc markt
• 2025/09/19 (tomcat) branch main updated: Store request header names using original case rather than forcing to lc markt
• 2025/09/19 [Bug 69820] New: Trivial performance improvement to ParameterMap.<init> bugzilla
• 2025/09/19 (tomcat) branch 9.0.x updated: Fix BZ 69814 Ensure HttpSession.isNew() returns false once client joins markt
• 2025/09/19 [Bug 69814] HttpSession.isNew() may return true on an existing session due to a race condition bugzilla
• 2025/09/19 (tomcat) branch 10.1.x updated: Fix BZ 69814 Ensure HttpSession.isNew() returns false once client joins markt
• 2025/09/19 (tomcat) branch 11.0.x updated: Fix BZ 69814 Ensure HttpSession.isNew() returns false once client joins markt
• 2025/09/19 (tomcat) branch main updated: Fix BZ 69814 Ensure HttpSession.isNew() returns false once client joins markt
• 2025/09/19 [Bug 69819] MPS Info Services bugzilla
• 2025/09/19 [Bug 69819] New: MPS Info Services bugzilla

• Earlier messages
• Later messages