Re: FFM in Tomcat 10.1

Hi all, Sounds very good overall but would be great to not do it at the cost to break tomcat IDE support maybe - current status since it uses a single module and not all IDE support to compile supackages with different target versions? Overall stays an Apache project where we should ensure we

Re: FFM in Tomcat 10.1

On 23/02/2024 13:35, Rémy Maucherat wrote: Hi, I would like to propose backporting the OpenSSL FFM support to Tomcat 10.1. Java 22.0.0 should be released on March 19, and the next Java LTS should still have no problem targeting Java 11. As a result, there should be no negative impact to the

[Bug 68663] CVE-2024-22029 Incorrect default permissions vulnerability

https://bz.apache.org/bugzilla/show_bug.cgi?id=68663 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 68663] CVE-2024-22029 Incorrect default permissions vulnerability

https://bz.apache.org/bugzilla/show_bug.cgi?id=68663 --- Comment #1 from Mark Thomas --- *** Bug 68664 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are the assignee for the bug. -

[Bug 68664] CVE-2024-22029 Incorrect default permissions vulnerability

https://bz.apache.org/bugzilla/show_bug.cgi?id=68664 Mark Thomas changed: What|Removed |Added Resolution|--- |DUPLICATE Status|NEW

[Bug 68664] CVE-2024-22029 Incorrect default permissions vulnerability

https://bz.apache.org/bugzilla/show_bug.cgi?id=68664 Mustafa Bozdemir changed: What|Removed |Added CC||mustafa.bozdemir@fisglobal.

[Bug 68664] New: CVE-2024-22029 Incorrect default permissions vulnerability

https://bz.apache.org/bugzilla/show_bug.cgi?id=68664 Bug ID: 68664 Summary: CVE-2024-22029 Incorrect default permissions vulnerability Product: Tomcat 9 Version: 9.0.86 Hardware: All OS: All

[Bug 68663] New: CVE-2024-22029 Incorrect default permissions vulnerability

https://bz.apache.org/bugzilla/show_bug.cgi?id=68663 Bug ID: 68663 Summary: CVE-2024-22029 Incorrect default permissions vulnerability Product: Tomcat 9 Version: 9.0.86 Hardware: All OS: All

FFM in Tomcat 10.1

Hi, I would like to propose backporting the OpenSSL FFM support to Tomcat 10.1. Java 22.0.0 should be released on March 19, and the next Java LTS should still have no problem targeting Java 11. As a result, there should be no negative impact to the platform support, and users running on Java 22+

(tomcat) branch main updated: Same but avoiding the visibility hack

This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 0d51ce7ba8 Same but avoiding the visibility hack

(tomcat) branch main updated: Fix bad symbol lookup use

This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new fe073bc124 Fix bad symbol lookup use fe073bc124 is

(tomcat) branch 10.1.x updated: Update to 4.0.2

This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new 126216ffa0 Update to 4.0.2 126216ffa0 is

(tomcat) branch main updated: Update to 4.0.2

This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new ef214a3844 Update to 4.0.2 ef214a3844 is described