All,
On 5/9/23 13:38, Christopher Schultz wrote:
The proposed Apache Tomcat 8.5.89 release is now available for voting.
The notable changes compared to 8.5.88 are:
- Many improvements to the JSON access log valve.
- Deprecate support for the HTTP Connector settings rejectIllegalHeader
and allowHostHeaderMismatch and reject HTTP headers without names.
- Add a RateLimitFilter which can be used to mitigate DoS and Brute
Force attacks.
Along with lots of other bug fixes and improvements.
For full details, see the changelog:
https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html
It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.89/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1436
The tag is:
https://github.com/apache/tomcat/tree/8.5.89/
da91bd19ef2cb34a96e4ad04749dfc97c941db87
The proposed 8.5.89 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 8.5.88 (stable)
+1 to release stable
Works on a plain servlet-based application in a development environment.
All unit-test failures are expected in this environment.
* Environment
* Java (build): openjdk version "1.8.0_292" OpenJDK Runtime
Environment (build 1.8.0_292-8u292-b10-0+deb9u1-b10) OpenJDK 64-Bit
Server VM (build 25.292-b10, mixed mode)
* Java (test): openjdk version "1.8.0_292" OpenJDK Runtime
Environment (build 1.8.0_292-8u292-b10-0+deb9u1-b10) OpenJDK 64-Bit
Server VM (build 25.292-b10, mixed mode)
* OS: Linux 5.10.0-19-amd64 x86_64
* cc: cc (Debian 10.2.1-6) 10.2.1 20210110
* make: GNU Make 4.3
* OpenSSL: OpenSSL 1.1.1 11 Sep 2018
* APR: 1.7.0
*
* Valid SHA-512 signature for apache-tomcat-8.5.89.zip
* Valid GPG signature for apache-tomcat-8.5.89.zip
* Valid SHA-512 signature for apache-tomcat-8.5.89.tar.gz
* Valid GPG signature for apache-tomcat-8.5.89.tar.gz
* Valid SHA-512 signature for apache-tomcat-8.5.89.exe
* Valid GPG signature for apache-tomcat-8.5.89.exe
* Valid Windows Digital Signature for apache-tomcat-8.5.89.exe
* Valid SHA512 signature for apache-tomcat-8.5.89-src.zip
* Valid GPG signature for apache-tomcat-8.5.89-src.zip
* Valid SHA512 signature for apache-tomcat-8.5.89-src.tar.gz
* Valid GPG signature for apache-tomcat-8.5.89-src.tar.gz
*
* Binary Zip and tarball: Same
* Source Zip and tarball: Same
*
* Building dependencies returned: 0
* tcnative builds cleanly
* Tomcat builds cleanly
* Junit Tests: FAILED
*
* Tests that failed:
* org.apache.tomcat.util.net.jsse.TestPEMFile.APR.txt
* org.apache.tomcat.util.net.jsse.TestPEMFile.NIO.txt
* org.apache.tomcat.util.net.jsse.TestPEMFile.NIO2.txt
* org.apache.tomcat.util.net.openssl.ciphers.TestCipher.APR.txt
* org.apache.tomcat.util.net.openssl.ciphers.TestCipher.NIO.txt
* org.apache.tomcat.util.net.openssl.ciphers.TestCipher.NIO2.txt
*
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.APR.txt
*
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.NIO.txt
*
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.NIO2.txt
* org.apache.tomcat.websocket.TestWsWebSocketContainerSSL.APR.txt
* org.apache.tomcat.websocket.TestWsWebSocketContainerSSL.NIO.txt
* org.apache.tomcat.websocket.TestWsWebSocketContainerSSL.NIO2.txt
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org