[GitHub] [tomcat] jfclere commented on a change in pull request #334: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614

jfclere commented on a change in pull request #334: URL: https://github.com/apache/tomcat/pull/334#discussion_r477077159 ## File path: java/org/apache/tomcat/util/net/LocalStrings.properties ## @@ -176,3 +176,4 @@ sslUtilBase.ssl3=SSLv3 has been explicitly enabled. This protoc

Re: Security concern about Tomcat's default value for HSTS MaxAge

Hi, On Tue, Aug 25, 2020 at 9:05 PM Dave Wichers wrote: > Per: > https://tomcat.apache.org/tomcat-9.0-doc/config/filter.html#HTTP_Header_Security_Filter > and > https://tomcat.apache.org/tomcat-8.5-doc/config/filter.html#HTTP_Header_Security_Filter > > they both say: > > hstsMaxAgeSeconds - The

[GitHub] [tomcat] malaysf commented on a change in pull request #332: Support sending the 100 continue response when the servlet reads the …

malaysf commented on a change in pull request #332: URL: https://github.com/apache/tomcat/pull/332#discussion_r477099224 ## File path: test/org/apache/catalina/core/TestStandardContextValve.java ## @@ -182,4 +186,123 @@ public void requestDestroyed(ServletRequestEvent sre) {

[tomcat] branch master updated: Update Commons FileUpload to latest

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 38cc914 Update Commons FileUpload to latest 38cc

[tomcat] branch 8.5.x updated: Update Commons FileUpload to latest

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 73507d4 Update Commons FileUpload to latest 73507d

[tomcat] branch 9.0.x updated: Update Commons FileUpload to latest

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 6657f91 Update Commons FileUpload to latest 6657f9

[tomcat] branch 7.0.x updated: Update Commons FileUpload to latest

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/7.0.x by this push: new 49204dc Update Commons FileUpload to latest 49204d

buildbot success in on tomcat-trunk

The Buildbot has detected a restored build on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/5378 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler

[tomcat] branch 9.0.x updated: Update Commons Pool to 2.8.1

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new c4e35de Update Commons Pool to 2.8.1 c4e35de is de

[tomcat] branch master updated: Update Commons Pool to 2.8.1

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 253283a Update Commons Pool to 2.8.1 253283a is

[tomcat] branch 8.5.x updated: Update Commons Pool to 2.8.1

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 82ef275 Update Commons Pool to 2.8.1 82ef275 is de

buildbot failure in on tomcat-9-trunk

The Buildbot has detected a new failure on builder tomcat-9-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-9-trunk/builds/394 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler

[tomcat] 02/02: Update Commons DBCP to latest

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit f1c4210470a268ec6830a95ab219f418a7e775fb Author: Mark Thomas AuthorDate: Wed Aug 26 16:15:50 2020 +0100 Update Commo

[tomcat] 01/02: Update changelog

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 8e745f8f24e9825e22c0f2529fc5514f9172bf78 Author: Mark Thomas AuthorDate: Wed Aug 26 15:54:49 2020 +0100 Update chang

[tomcat] branch master updated (253283a -> f1c4210)

This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from 253283a Update Commons Pool to 2.8.1 new 8e745f8 Update changelog new f1c4210 Update Commons DBCP to late

[tomcat] 01/02: Update changelog

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 0c98f85816a8e210a88f3b3ef78fa7a0293395f9 Author: Mark Thomas AuthorDate: Wed Aug 26 15:54:49 2020 +0100 Update change

[tomcat] branch 9.0.x updated (c4e35de -> 6c17d91)

This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git. from c4e35de Update Commons Pool to 2.8.1 new 0c98f85 Update changelog new 6c17d91 Update Commons DBCP to lates

[tomcat] 02/02: Update Commons DBCP to latest

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 6c17d912913502eb4f92461e24e31dda80086aaa Author: Mark Thomas AuthorDate: Wed Aug 26 16:15:50 2020 +0100 Update Common

[tomcat] 01/02: Update changelog

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit b545a630766eb9cbccee26601b5b54bfff764fc0 Author: Mark Thomas AuthorDate: Wed Aug 26 15:54:49 2020 +0100 Update change

[tomcat] 02/02: Update Commons DBCP to latest

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 27f81e4fe98725c85a9d0b8411a056b95dca9cd9 Author: Mark Thomas AuthorDate: Wed Aug 26 16:15:50 2020 +0100 Update Common

[tomcat] branch 8.5.x updated (82ef275 -> 27f81e4)

This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git. from 82ef275 Update Commons Pool to 2.8.1 new b545a63 Update changelog new 27f81e4 Update Commons DBCP to lates

[GitHub] [tomcat] tomchiverton opened a new pull request #345: Clarify where wildcards are allowed in Host and Alias directives

tomchiverton opened a new pull request #345: URL: https://github.com/apache/tomcat/pull/345 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above t

Next release

Our cadence seems fairly predictable. Any thoughts on the timeline of the on the next batch of releases? Filip

Re: Next release

On 26/08/2020 17:12, Filip Hanik wrote: > Our cadence seems fairly predictable.  > > Any thoughts on the timeline of the  on the next batch of releases? I skipped the August releases as I was away. I'm planning on the September releases as usual. I'd like to get Tomcat Native and Commons Daemon u

Re: Next release

On Wed, Aug 26, 2020 at 09:15 Mark Thomas wrote: > On 26/08/2020 17:12, Filip Hanik wrote: > > > Our cadence seems fairly predictable. > > > > > > Any thoughts on the timeline of the on the next batch of releases? > > > > I skipped the August releases as I was away. I'm planning on the > > Septe

buildbot success in on tomcat-9-trunk

The Buildbot has detected a restored build on builder tomcat-9-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-9-trunk/builds/395 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchSchedu

Re: [tomcat] 02/02: Update Commons DBCP to latest

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 8/26/20 11:19, ma...@apache.org wrote: > This is an automated email from the ASF dual-hosted git > repository. > > markt pushed a commit to branch master in repository > https://gitbox.apache.org/repos/asf/tomcat.git > > commit f1c4210470a2

Re: Fwd: Security concern about Tomcat's default value for HSTS MaxAge

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Dave, On 8/25/20 14:05, Dave Wichers wrote: > Per: > https://tomcat.apache.org/tomcat-9.0-doc/config/filter.html#HTTP_Heade r_Security_Filter > > and https://tomcat.apache.org/tomcat-8.5-doc/config/filter.html#HTTP_Header_ Security_Filter > > they b

Re: Security concern about Tomcat's default value for HSTS MaxAge

On 26/08/2020 08:20, Martin Grigorov wrote: > Hi, > > On Tue, Aug 25, 2020 at 9:05 PM Dave Wichers > wrote: > > Per:  > > https://tomcat.apache.org/tomcat-9.0-doc/config/filter.html#HTTP_Header_Security_Filter > and  > https://tomcat.apache.org/tomcat-

Re: [tomcat] 02/02: Update Commons DBCP to latest

On 26/08/2020 17:56, Christopher Schultz wrote: > Mark, > > On 8/26/20 11:19, ma...@apache.org wrote: >> This is an automated email from the ASF dual-hosted git >> repository. > >> markt pushed a commit to branch master in repository >> https://gitbox.apache.org/repos/asf/tomcat.git > >> commit

Re: Fwd: Security concern about Tomcat's default value for HSTS MaxAge

OK. Fair point. If you believe it is dangerous to just turn it on for real, as someone might do that in prod without knowing what they are doing, then I think Tomcat should generate a WARNING during startup that explains that HSTS is ON, but not yet doing anything, and maybe point them to an articl

Re: [tomcat] 02/02: Update Commons DBCP to latest

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 8/26/20 13:36, Mark Thomas wrote: > On 26/08/2020 17:56, Christopher Schultz wrote: >> Mark, >> >> On 8/26/20 11:19, ma...@apache.org wrote: >>> This is an automated email from the ASF dual-hosted git >>> repository. >> >>> markt pushed a c

Re: [tomcat] 02/02: Update Commons DBCP to latest

On 26/08/2020 18:43, Christopher Schultz wrote: > Is there a particular reason we don't just shade the commons-dbcp and > commons-pool code at build-time rather than manually merging-in > patches to our private copy? The short answer is greater flexibility. The longer answer is that there are

Re: Next release

On Wed, Aug 26, 2020 at 6:25 PM Filip Hanik wrote: > > > On Wed, Aug 26, 2020 at 09:15 Mark Thomas wrote: > >> On 26/08/2020 17:12, Filip Hanik wrote: >> >> > Our cadence seems fairly predictable. >> >> > >> >> > Any thoughts on the timeline of the on the next batch of releases? >> >> >> >> I s

Re: Next release

On Wed, Aug 26, 2020 at 12:12 Rémy Maucherat wrote: > On Wed, Aug 26, 2020 at 6:25 PM Filip Hanik wrote: > >> >> >> On Wed, Aug 26, 2020 at 09:15 Mark Thomas wrote: >> >>> On 26/08/2020 17:12, Filip Hanik wrote: >>> >>> > Our cadence seems fairly predictable. >>> >>> > >>> >>> > Any thoughts on