Author: markt
Date: Mon Feb 9 08:53:51 2015
New Revision: 7969
Log:
Remove old release
Removed:
release/tomcat/tomcat-6/v6.0.41/
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail:
Author: markt
Date: Mon Feb 9 08:53:29 2015
New Revision: 7968
Log:
Remove old release
Removed:
release/tomcat/tomcat-8/v8.0.17/
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail:
Author: violetagg
Date: Mon Feb 9 09:02:45 2015
New Revision: 1658329
URL: http://svn.apache.org/r1658329
Log:
Update docs for Apache Tomcat 7.0.59 release.
[This commit notification would consist of 340 parts,
which exceeds the limit of 50 ones, so it was shortened to the summary.]
Author: markt
Date: Mon Feb 9 09:12:45 2015
New Revision: 1658333
URL: http://svn.apache.org/r1658333
Log:
Add information on CVE-2014-0227
Modified:
tomcat/site/trunk/docs/security-6.html
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/security-8.html
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2014-0227 Request Smuggling
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- - Apache Tomcat 8.0.0-RC1 to 8.0.8
- - Apache Tomcat 7.0.0 to 7.0.54
- - Apache Tomcat 6.0.0 to 6.0.41
Description:
It was possible to
Author: markt
Date: Mon Feb 9 08:54:25 2015
New Revision: 7970
Log:
Remove old release
Removed:
release/tomcat/tomcat-connectors/native/1.1.31/
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional
Author: markt
Date: Mon Feb 9 08:55:55 2015
New Revision: 7971
Log:
Remove old release
Removed:
release/tomcat/tomcat-connectors/jk/binaries/windows/tomcat-connectors-1.2.39-windows-i386-httpd-2.0.x.zip
Thanks for the reply Mark.
What is the editor that is generally used to change the code? I installed
add-on to eclipse to connect to SVN.
After installing, when tried to connect to below link from Import --
Other -- Check out project from SVN, eclipse is crashing.
Below link i used to connect to
https://issues.apache.org/bugzilla/show_bug.cgi?id=45014
--- Comment #9 from mr.oliver.hernan...@gmail.com ---
Thanks Christopher. Your classes were a very good starting point for our use
case. I have a custom valve implemented now that logs the request body like we
need. I'll share it soon
https://issues.apache.org/bugzilla/show_bug.cgi?id=45014
mr.oliver.hernan...@gmail.com changed:
What|Removed |Added
CC|
Sebb,
On 2/9/15 6:24 AM, sebb wrote:
On 9 February 2015 at 09:12, Mark Thomas ma...@apache.org wrote:
CVE-2014-0227 Request Smuggling
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- Apache Tomcat 8.0.0-RC1 to 8.0.8
- Apache Tomcat 7.0.0 to 7.0.54
-
https://issues.apache.org/bugzilla/show_bug.cgi?id=45014
--- Comment #10 from Remy Maucherat r...@apache.org ---
Good thing it it works for you, but I'll have to veto its actual inclusion in
Tomcat: it would mean wrapping is possible and supported before the filter
chain, and it is not the case
https://issues.apache.org/bugzilla/show_bug.cgi?id=45014
--- Comment #8 from Remy Maucherat r...@apache.org ---
Wrapping is not possible until the filter chain is reached, it's really quite
simple. If you want to change that, it is a big design change that you could
advocate for the servlet
https://issues.apache.org/bugzilla/show_bug.cgi?id=45014
--- Comment #11 from Christopher Schultz ch...@christopherschultz.net ---
Remy, please help me understand why one cannot wrap a Coyote request/response?
I don't see a reason why a Valve in the chain would not wrap the request or
response
https://issues.apache.org/bugzilla/show_bug.cgi?id=45014
--- Comment #12 from Remy Maucherat r...@apache.org ---
Please read again my previous comment for the veto justification.
I don't believe the classes can be wrapped without issues, usually wrapping
occurs to deal with the streams and that
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-tc7.0.x-test-bio has an issue affecting its community
Thanks Chris for the information.
Mark Chris:
I have gone through one of the issues given by Mark:
https://issues.apache.org/bugzilla/show_bug.cgi?id=57021
and found that this issue is fixed already.
Steps i performed:
1) Download Tomcat 6.0 - 32 bit version and run it on 32-bit Windows
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-tc7.0.x-test-nio has an issue affecting its community
https://issues.apache.org/bugzilla/show_bug.cgi?id=45014
--- Comment #7 from Christopher Schultz ch...@christopherschultz.net ---
(In reply to mr.oliver.hernandez from comment #5)
We're actually using JBoss 7.4, which my understanding is that internally
it's using a branched version of Tomcat
Am 09.02.2015 um 20:31 schrieb Rainer Jung:
src/sslinfo.c: In function
'Java_org_apache_tomcat_jni_SSLSocket_getInfoB':
src/sslinfo.c:221:51: error: dereferencing pointer to incomplete type
array = tcn_new_arrayb(e, session-session_id[0],
Command Line: make
[Working Directory: /srv/gump/public/workspace/tomcat-native/native]
-
make[1]: Entering directory `/srv/gump/public/workspace/tomcat-native/native'
/bin/bash /srv/gump/public/workspace/apr-1/dest-20150209/build-1/libtool
--silent
Author: rjung
Date: Mon Feb 9 19:52:36 2015
New Revision: 1658557
URL: http://svn.apache.org/r1658557
Log:
Replace access to OpenSSL session internals
by accessor function. Internals are no longer
available for OpenSSL master.
Not compiled or tested, waiting for GUMP.
Modified:
Author: violetagg
Date: Mon Feb 9 08:06:58 2015
New Revision: 1658316
URL: http://svn.apache.org/r1658316
Log:
Updates (excluding docs) for 7.0.59 release
Modified:
tomcat/site/trunk/build.properties.default
tomcat/site/trunk/docs/doap_Tomcat.rdf
Author: violetagg
Date: Mon Feb 9 08:19:41 2015
New Revision: 7967
Log:
Remove 7.0.57
Removed:
release/tomcat/tomcat-7/v7.0.57/
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail:
https://issues.apache.org/bugzilla/show_bug.cgi?id=45014
--- Comment #14 from Christopher Schultz ch...@christopherschultz.net ---
Remy, whether these classes are included or not, Valve authors can write their
own wrapper classes and wrap the Coyote request and response objects in them.
The only
https://issues.apache.org/bugzilla/show_bug.cgi?id=45014
--- Comment #15 from Christopher Schultz ch...@christopherschultz.net ---
(In reply to Christopher Schultz from comment #14)
Please note that these classes do nothing -- just like HttpServletWrapper.
That should have read
]
-
make[1]: Entering directory `/srv/gump/public/workspace/tomcat-native/native'
/bin/bash /srv/gump/public/workspace/apr-1/dest-20150209/build-1/libtool
--silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX
-D_REENTRANT -D_GNU_SOURCE -g
Pravallika,
On 2/9/15 7:01 AM, Pravallika Peddi wrote:
Hi Mark,
Finally, I am able to Import the Tomcat source project to Eclipse with
minor compile errors..
I will work on one of the issues and let you know.
If you use Eclipse, after you check-out from Subversion, do this:
1. Close the
https://issues.apache.org/bugzilla/show_bug.cgi?id=45014
Christopher Schultz ch...@christopherschultz.net changed:
What|Removed |Added
Attachment #21974|0
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-native-make has an issue affecting its community integration.
This
https://issues.apache.org/bugzilla/show_bug.cgi?id=57554
Bug ID: 57554
Summary: Exception loading sessions from persistent storage
Product: Tomcat 7
Version: 7.0.59
Hardware: PC
OS: Linux
Status: NEW
2015-02-09 22:52 GMT+03:00 Rainer Jung rainer.j...@kippdata.de:
Am 09.02.2015 um 20:31 schrieb Rainer Jung:
src/sslinfo.c: In function
'Java_org_apache_tomcat_jni_SSLSocket_getInfoB':
src/sslinfo.c:221:51: error: dereferencing pointer to incomplete type
array =
https://issues.apache.org/bugzilla/show_bug.cgi?id=57148
Mark Thomas ma...@apache.org changed:
What|Removed |Added
Status|NEW |RESOLVED
Author: markt
Date: Mon Feb 9 11:29:25 2015
New Revision: 1658366
URL: http://svn.apache.org/r1658366
Log:
Fix typo
Modified:
tomcat/site/trunk/docs/index.html
tomcat/site/trunk/docs/security-6.html
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/security-8.html
Hi Mark,
Finally, I am able to Import the Tomcat source project to Eclipse with
minor compile errors..
I will work on one of the issues and let you know.
Regards,
VIN
On Mon, Feb 9, 2015 at 3:04 PM, Pravallika Peddi reachme.va...@gmail.com
wrote:
Thanks for the reply Mark.
What is the editor
Author: violetagg
Date: Mon Feb 9 12:00:04 2015
New Revision: 1658374
URL: http://svn.apache.org/r1658374
Log:
Update notable changes for 7.0.59
Modified:
tomcat/site/trunk/docs/index.html
tomcat/site/trunk/xdocs/index.xml
Modified: tomcat/site/trunk/docs/index.html
URL:
Author: markt
Date: Mon Feb 9 10:30:40 2015
New Revision: 1658351
URL: http://svn.apache.org/r1658351
Log:
Ensure only \${ and \#{ are treated as escapes for ${ and #{ rather than \$ and
\# being treated as escapes for $ and # when processing literal expressions in
expression language.
Author: kkolinko
Date: Mon Feb 9 12:06:50 2015
New Revision: 1658377
URL: http://svn.apache.org/r1658377
Log:
vote.
I assume that Mark is voting for his own patch for BZ 57544.
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
https://issues.apache.org/bugzilla/show_bug.cgi?id=57136
Mark Thomas ma...@apache.org changed:
What|Removed |Added
Status|REOPENED|RESOLVED
Author: markt
Date: Mon Feb 9 10:52:48 2015
New Revision: 1658356
URL: http://svn.apache.org/r1658356
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57148
When coercing an object to a given type and a PropertyEditor has been
registered for the type correctly coerce the empty string
https://issues.apache.org/bugzilla/show_bug.cgi?id=57148
--- Comment #4 from Mark Thomas ma...@apache.org ---
Correction. 7.0.60 onwards.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To
https://issues.apache.org/bugzilla/show_bug.cgi?id=56765
Mark Thomas ma...@apache.org changed:
What|Removed |Added
Status|NEW |RESOLVED
On 9 February 2015 at 09:12, Mark Thomas ma...@apache.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2014-0227 Request Smuggling
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- - Apache Tomcat 8.0.0-RC1 to 8.0.8
- - Apache Tomcat 7.0.0 to
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 7.0.59.
Apache Tomcat is an open source software implementation of the Java
Servlet, JavaServer Pages, Java Expression Language and Java
WebSocket technologies.
This release contains a number of bug fixes and
https://issues.apache.org/bugzilla/show_bug.cgi?id=57546
--- Comment #1 from Mark Thomas ma...@apache.org ---
release() isn't expected to be called for an HTTP upgrade connection so that
method getting called is not part of the problem.
I've tried to reproduce this with 8.0.x trunk but I can't.
Author: violetagg
Date: Mon Feb 9 12:26:03 2015
New Revision: 1658382
URL: http://svn.apache.org/r1658382
Log:
Update changelog
Modified:
tomcat/site/trunk/docs/tomcat-7.0-doc/changelog.html
Modified: tomcat/site/trunk/docs/tomcat-7.0-doc/changelog.html
URL:
On 9 February 2015 12:06:51 GMT+00:00, kkoli...@apache.org wrote:
Author: kkolinko
Date: Mon Feb 9 12:06:50 2015
New Revision: 1658377
URL: http://svn.apache.org/r1658377
Log:
vote.
I assume that Mark is voting for his own patch for BZ 57544.
Assumption confirmed. Thanks for adding my vote.
2015-02-09 22:52 GMT+03:00 rj...@apache.org:
Author: rjung
Date: Mon Feb 9 19:52:36 2015
New Revision: 1658557
URL: http://svn.apache.org/r1658557
Log:
Replace access to OpenSSL session internals
by accessor function. Internals are no longer
available for OpenSSL master.
Not compiled
Author: kkolinko
Date: Mon Feb 9 23:26:44 2015
New Revision: 1658603
URL: http://svn.apache.org/r1658603
Log:
Replace access to OpenSSL session internals
by accessor function. Internals are no longer
available for OpenSSL master.
Not compiled or tested, waiting for GUMP.
It is merge of
https://issues.apache.org/bugzilla/show_bug.cgi?id=57546
--- Comment #2 from Paul paul.gay...@gmail.com ---
Mark,
Unfortunately, killing a browser is not a good simulation because the browser
is smart enough to properly close the websocket when it gets killed.
Here is what to do: connect using
secs
Command Line: make
[Working Directory: /srv/gump/public/workspace/tomcat-native/native]
-
make[1]: Entering directory `/srv/gump/public/workspace/tomcat-native/native'
/bin/bash /srv/gump/public/workspace/apr-1/dest-20150209/build-1/libtool --silent
51 matches
Mail list logo
