On 03/10/2024 22:35, Christopher Schultz wrote:
Please reply with a +1 for release or +0/-0/-1 with an explanation.
+1
Tests pass on:
- Linux (OpenSSL 3.0.13 from Ubuntu 24.04)
- Windows (OpenSSL 3.0.14 - Native 2.0.8 binaries)
- MacOS (Intel) (OpenSSL 3.3.1)
- MacOS (M1 (OpenSSL 3.3.1)
The b
On 01/10/2024 18:55, Mark Thomas wrote:
On 01/10/2024 15:00, Christopher Schultz wrote:
Mark,
On 10/1/24 08:22, Mark Thomas wrote:
I am just finishing off some HTTP/2 clean-up then I plan to do the
usual check of dependencies, translations and SpotBugs before I tag
the October releases.
I
On 02/10/2024 12:00, Michael Osipov wrote:
On 2024/10/02 10:41:38 Mark Thomas wrote:
On 02/10/2024 11:30, Michael Osipov wrote:
On 2024/10/02 10:21:07 Mark Thomas wrote:
-1 veto
This change is not compliant with RFC 9110.
If Tomcat sends METHOD_NOT_ALLOWED it MUST also send an Allow header
On 02/10/2024 11:30, Michael Osipov wrote:
On 2024/10/02 10:21:07 Mark Thomas wrote:
-1 veto
This change is not compliant with RFC 9110.
If Tomcat sends METHOD_NOT_ALLOWED it MUST also send an Allow header.
diff --git a/java/org/apache/catalina/servlets/WebdavServlet.java
b/java/org
-1 veto
This change is not compliant with RFC 9110.
If Tomcat sends METHOD_NOT_ALLOWED it MUST also send an Allow header.
That is why the default servlet has a dedicated method for sending
METHOD_NOT_ALLOWED.
Further comments in-line.
Mark
On 02/10/2024 10:07, micha...@apache.org wrote:
T
On 01/10/2024 15:00, Christopher Schultz wrote:
Mark,
On 10/1/24 08:22, Mark Thomas wrote:
I am just finishing off some HTTP/2 clean-up then I plan to do the
usual check of dependencies, translations and SpotBugs before I tag
the October releases.
I expect to be tagging some time tomorrow
Hi all,
I am just finishing off some HTTP/2 clean-up then I plan to do the usual
check of dependencies, translations and SpotBugs before I tag the
October releases.
I expect to be tagging some time tomorrow.
Mark
-
To unsub
On 26/09/2024 15:46, Rémy Maucherat wrote:
On Thu, Sep 26, 2024 at 11:50 AM Rémy Maucherat wrote:
On Thu, Sep 26, 2024 at 11:18 AM wrote:
Build status: BUILD FAILED: failed compile (failure)
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/120/builds/81
Blamelist: remm
CVE-2024-38286 Apache Tomcat - Denial of Service
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M1 to 11.0.0-M20
Apache Tomcat 10.1.0-M1 to 10.1.24
Apache Tomcat 9.0.13 to 9.0.89
Description:
Tomcat, under certain configurations on any platfo
CVE-2024-46544 Apache mod_jk - Information Disclosure / DoS
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected:
- JK 1.2.9-1.2.49 (mod_jk on Unix like platforms only)
Description:
Incorrect default permissions for the memory mapped file configured by
the JkShmFile dir
On 23/09/2024 04:28, Igal Sapir wrote:
Hello,
The current implementation of getRequestId() is optimized for speed and
generates IDs that are unique to a running instance of Tomcat.
But most server configurations nowadays require uniqueness across the whole
system, and currently we do not offer
Hi all,
The current status is that Tomcat 11.0.x passes the Jakarta
Authentication TCK apart from tests that are currently being challenged.
Those challenges are:
1. All the SOAP tests since SOAP support was removed from Jakarta EE for
Jakarta EE 11.
2. The ServletProfileSPITest#CheckMsgIn
9c916c9790 Ensure ServerAuthModule.initialize() is called with simple
registration
9c916c9790 is described below
commit 9c916c9790ed92681cb2bc2495ef37ead66218b1
Author: Mark Thomas
AuthorDate: Tue Sep 17 20:11:08 2024 +0100
Ensure ServerAuthModule.initialize() is called with simple
The following votes were cast:
Binding:
+1: schultz, markt, remm
Non-binding:
+1: dsoumis
No other votes were cast.
The vote therefore passes.
Thanks to everyone who contributed to this release.
Mark
-
To unsubscribe, e-mai
On 16/09/2024 15:53, r...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/11.0.x by this push:
new c7b
On 13/09/2024 20:18, Rémy Maucherat wrote:
The proposed 9.0.95 release is:
[ ] -1, Broken - do not release
[X] +1, Stable - go ahead and release as 9.0.95
Tests pass on:
- Linux (OpenSSL 3.0.13 from Ubuntu 24.04)
- Windows (OpenSSL 3.0.14 - Native 1.3.1 binaries)
- MacOS (M1 (OpenSSL 3.3.1)
-
On 14/09/2024 12:10, Christopher Schultz wrote:
The proposed Apache Tomcat 10.1.30 release is now available for
voting.
+1
Tests pass on:
- Linux (OpenSSL 3.0.13 from Ubuntu 24.04)
- Windows (OpenSSL 3.0.14 - Native 2.0.8 binaries)
- MacOS (Intel) (OpenSSL 3.3.1)
- MacOS (M1 (OpenSSL 3.3.1)
On 13/09/2024 19:03, Mark Thomas wrote:
The proposed 11.0.0-M26 release is:
[ ] -1 Broken - do not release
[X] +1 Beta - go ahead and release as 11.0.0-M26
Tests pass on:
- Linux (OpenSSL 3.0.13 from Ubuntu 24.04)
- Windows (OpenSSL 3.0.14 - Native 2.0.8 binaries)
- MacOS (Intel) (OpenSSL
A regression has been reported and confirmed in the latest Tomcat
releases that affects configurations using HTTP/2.
The affected versions are:
- 11.0.0-M25
- 10.1.29
- 9.0.94
The regression can be worked around by setting:
discardRequestsAndResponses="true"
on the UpgradeProtocol element for
On 12/09/2024 15:15, Rémy Maucherat wrote:
Hi,
This JEP has the potential to have a significant impact with Tomcat's
JNI use starting with Java 26.
https://openjdk.org/jeps/471
Unsafe.invokeCleaner will be removed, which will effectively prevent
using the direct ByteBuffers that are needed for
See BZ 69320. I've reproduced the issue on 10.1.x. Haven't tested other
versions yet or started to look for a root cause. That is next.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands,
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 11.0.0-M25 (beta).
Apache Tomcat 11 is an open source software implementation of the
Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language,
Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations
s
The following votes were cast:
Binding:
+1: markt, remm, rjung
Non-binding:
+1: dsoumis
No other votes were cast.
The vote therefore passes.
Thanks to everyone who contributed to this release.
Mark
-
To unsubscribe, e-mail:
On 09/09/2024 15:35, Rainer Jung wrote:
Minor nit, irrelevant vor voting: it seems the previous (M24) changelog
entry has no release date.
Sorry. Should be fixed now.
Mark
Am 09.09.24 um 16:32 schrieb Rainer Jung:
Am 05.09.24 um 15:08 schrieb Mark Thomas:
The proposed Apache Tomcat
On 06/09/2024 16:13, Felix Schumacher wrote:
Nice to see, that plantuml really works.
+1
Thanks again for your help getting it to behave the way we (OK - I) want.
We could use a few shortcuts to make the code more readable(?).
* activating an actor can be done by adding "++" to the message
On 06/09/2024 16:43, Christopher Schultz wrote:
Please reply with a +1 for release or +0/-0/-1 with an explanation.
+1
Tests pass on:
- Linux (OpenSSL 3.0.2 from Ubuntu 22.04)
- Windows (OpenSSL 3.0.14 - Native 2.0.8 binaries)
- MacOS (Intel) (OpenSSL 3.3.1)
- MacOS (M1 (OpenSSL 3.3.1)
The b
On 05/09/2024 14:58, Rémy Maucherat wrote:
The proposed 9.0.94 release is:
[ ] -1, Broken - do not release
[X] +1, Stable - go ahead and release as 9.0.94
Tests pass on:
- Linux (OpenSSL 3.0.2 from Ubuntu 22.04)
- Windows (OpenSSL 3.0.14 - Native 2.0.8 binaries)
- MacOS (Intel) (OpenSSL 3.3.1)
On 06/09/2024 12:24, Rémy Maucherat wrote:
On Fri, Sep 6, 2024 at 1:19 PM Mark Thomas wrote:
On 06/09/2024 12:14, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos
c5334fb785 Add lifecycle event detail for Server
c5334fb785 is described below
commit c5334fb78580f324f58dab4848bea27934a09c86
Author: Mark Thomas
AuthorDate: Fri Sep 6 12:12:16 2024 +0100
Add lifecycle event detail for Server
Question.
Do I add this for all the components that implement
On 05/09/2024 22:25, Konstantin Kolinko wrote:
пн, 19 авг. 2024 г. в 14:27, Mark Thomas :
On 19/08/2024 12:23, ma...@apache.org wrote:
Author: markt
Date: Mon Aug 19 11:23:05 2024
New Revision: 1920023
URL: http://svn.apache.org/viewvc?rev=1920023&view=rev
Log:
Add first draft of secu
The proposed Apache Tomcat 11.0.0-M25 release is now available for
voting.
Apache Tomcat 11.0.0-M25 is a milestone release of the 11.0.x branch and
has been made to provide users with early access to the new features in
Apache Tomcat 11.0.x so that they may provide feedback. The notable
change
On 03/09/2024 18:51, Konstantin Kolinko wrote:
вт, 3 сент. 2024 г. в 19:40, Mark Thomas :
commit ab21ffadbdc2b8d8cb8db23758aa74ba786cdf4c
Author: Mark Thomas
AuthorDate: Tue Sep 3 17:08:09 2024 +0100
Add instructions to edit via POPEditor.com to all translated files
I haven't r
ab21ffadbd Add instructions to edit via POPEditor.com to all
translated files
ab21ffadbd is described below
commit ab21ffadbdc2b8d8cb8db23758aa74ba786cdf4c
Author: Mark Thomas
AuthorDate: Tue Sep 3 17:08:09 2024 +0100
Add instructions to edit via POPEditor.com to all translated files
I
Hi all,
I'm just wrapping up the fix for BZ 69302. Once that is committed, I
expect to tag 11.0.0-M25.
I also think we need to start thinking about declaring 11.0.x stable.
The specs are implemented, the TCKs are passing, 11.0.x is pretty close
to 10.1.x.
A thought that has been forming is
1 Sept 2024 09:22:03 r...@apache.org:
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 9a8848a10d
On 30/08/2024 08:01, Felix Schumacher wrote:
Am 29.08.24 um 18:29 schrieb Mark Thomas:
On 29/08/2024 15:34, Felix Schumacher wrote:
While I don't object to buying a license, I would love to know, which
diagram you looked at and what exactly did not work out. (the
activation stu
On 29/08/2024 17:29, Mark Thomas wrote:
On 29/08/2024 15:34, Felix Schumacher wrote:
Another alternative to use would be umlet (https://www.umlet.com/),
which I used way back, but haven't looked at lately.
I'll take a look.
The Eclipse plug-in didn't seem to do anything
On 29/08/2024 15:34, Felix Schumacher wrote:
While I don't object to buying a license, I would love to know, which
diagram you looked at and what exactly did not work out. (the activation
stuff in mermaid is brittle, but I think I managed to get them all right)
I couldn't find a way to get
On 29/08/2024 14:02, Christopher Schultz wrote:
Felix,
On 8/29/24 05:06, Felix Schumacher wrote:
Am 25. August 2024 10:36:44 MESZ schrieb Mark Thomas :
All,
You have probably seen that I am working on updating the UML diagrams
we have in the architecture section of the Tomcat
On 29/08/2024 11:36, Mark Thomas wrote:
On 29/08/2024 10:06, Felix Schumacher wrote:
Am 25. August 2024 10:36:44 MESZ schrieb Mark Thomas :
Thoughts?
Personally, I am leaning towards spending the $99 so we can remove
the watermark from the Tomcat docs.
Have you thought about using a
On 29/08/2024 10:06, Felix Schumacher wrote:
Am 25. August 2024 10:36:44 MESZ schrieb Mark Thomas :
Thoughts?
Personally, I am leaning towards spending the $99 so we can remove the
watermark from the Tomcat docs.
Have you thought about using a tool like plantuml or mermaid-js?
I did
On 28/08/2024 22:27, Christopher Schultz wrote:
On 8/28/24 06:48, Mark Thomas wrote:
I've restructured the page. I've added the things you suggested. Any
better?
Yes, I like your work, here. I committed some minor changes. Mostly
re-wording the "giving the attacker admini
On 27/08/2024 17:34, Christopher Schultz wrote:
Mark,
On 8/27/24 11:59, Mark Thomas wrote:
On 26/08/2024 15:18, Christopher Schultz wrote:
+ Data received by an AJP connector is trusted.
Maybe clarify which data you are talking about? I'm guessing that
"request attri
On 27/08/2024 17:21, Christopher Schultz wrote:
Mark,
On 8/27/24 11:31, Mark Thomas wrote:
On 26/08/2024 15:14, Christopher Schultz wrote:
All,
On 8/16/24 11:25, Mark Thomas wrote:
On 16/08/2024 13:40, Tim Funk wrote:
How about missingEqualsCookie="allow | ignore"?
The propos
On 26/08/2024 15:41, Christopher Schultz wrote:
Personally, I am leaning towards spending the $99 so we can remove the
watermark from the Tomcat docs.
1. $99 is nothing, even if it ends up being tied to a single person.
I've been thinking about this some more and I'd prefer the floating
l
On 26/08/2024 15:18, Christopher Schultz wrote:
+ Data received by an AJP connector is trusted.
Maybe clarify which data you are talking about? I'm guessing that
"request attributes" and certain headers should be considered trusted,
but the request entity for example is not.
Thanks.
On 26/08/2024 14:58, Christopher Schultz wrote:
What good is a cookie with no name?
I'm not sure. I know we had some users that wanted a cookie without a
value (I guess it is some sort of boolean flag). That makes more sense
to me than a cookie without a name.
Is this one of those "optimiza
On 26/08/2024 15:09, Christopher Schultz wrote:
Mark,
On 8/16/24 04:32, Mark Thomas wrote:
On 14/08/2024 19:12, Konstantin Kolinko wrote:
I think that
1) We would better switch to "ignore" mode right now, in all
supported versions.
Based on past experience I am extremely h
On 26/08/2024 15:14, Christopher Schultz wrote:
All,
On 8/16/24 11:25, Mark Thomas wrote:
On 16/08/2024 13:40, Tim Funk wrote:
How about missingEqualsCookie="allow | ignore"?
The proposed options were:
- ignore
- name
- value
By using [allow | ignore] instead of yes/no, it open
26 Aug 2024 14:50:23 Christopher Schultz :
Is there anything in Jakarta EE 12 that would actually be
_inappropriate_ for us to put into Tomcat 11?
It is very early days for Jakarta EE 12. The release of 11 is still in
progress (but is complete for the specifications Tomcat implements).
Gene
All,
You have probably seen that I am working on updating the UML diagrams we
have in the architecture section of the Tomcat documentation.
The original diagrams were written in IBM Rational Rose. They were
donated by a contributor. I don't thnk any committer ever had access to
a license for
/heads/main by this push:
new 69eff83577 Expected behaviour has been clarified when writing
>= c-l bytes to body
69eff83577 is described below
commit 69eff83577f7c00cbaaca9384ab4b1989f516797
Author: Mark Thomas
AuthorDate: Thu Aug 22 13:33:10 2024 +0100
Expected behaviour has b
On 19/08/2024 08:38, Rémy Maucherat wrote:
On Fri, Aug 16, 2024 at 5:25 PM Mark Thomas wrote:
On 16/08/2024 13:40, Tim Funk wrote:
How about missingEqualsCookie="allow | ignore"?
The proposed options were:
- ignore
- name
- value
Ok, I think your proposed options are very go
On 19/08/2024 12:23, ma...@apache.org wrote:
Author: markt
Date: Mon Aug 19 11:23:05 2024
New Revision: 1920023
URL: http://svn.apache.org/viewvc?rev=1920023&view=rev
Log:
Add first draft of security model
All,
This is an attempt to document something I think we all instinctively
understand.
On 16/08/2024 13:40, Tim Funk wrote:
How about missingEqualsCookie="allow | ignore"?
The proposed options were:
- ignore
- name
- value
By using [allow | ignore] instead of yes/no, it opens the door to
additional behaviors. (such as reject which triggers a http error)
Agreed.
Mark
--
On 14/08/2024 19:12, Konstantin Kolinko wrote:
I think that
1) We would better switch to "ignore" mode right now, in all supported versions.
Based on past experience I am extremely hesitant to change anything
related to cookie handling behaviour unless we have to. I'd prefer to
use "name"
Hi all,
The IETF HTTP working group is working on RFC 6265bis (the RFC that will
replace RFC 6265). I have been reviewing the changes to see what impact
they might have on Tomcat and our users.
There are a few changes (e.g. SameSite) we have already implemented.
There are quite a few changes
The Apache Tomcat Connectors project is part of the Tomcat project and
provides web server plugins for httpd (mod_jk) and IIS (ISAPI) to
connect those web servers with Tomcat and other backends.
The Apache Tomcat Project is proud to announce the release of version
1.2.50 of the Apache Tomcat Co
The following votes were cast:
Binding:
+1: markt, schultz, rjung
No other votes were cast.
The vote therefore passes.
Thanks to everyone who contributed to this release.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat
All,
As I mentioned earlier, I am starting work on some new EL API features
that will be part of Jakarta EE 12 so implemented in Tomcat 12.
How do we want to handle this?
My current thinking is:
- create a 11.0.x branch from current main
- main becomes 12.0.x
I'm not expecting releases to s
On 12/08/2024 13:51, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 46f2b6bbf6cae325ec2bce2c74740c627adf169e
Author: Mark Thomas
AuthorDate
On 09/08/2024 02:08, Rainer Jung wrote:
Am 08.08.24 um 16:13 schrieb Mark Thomas:
Tag:
https://github.com/apache/tomcat-connectors/tree/JK_1_2_50
Source:
https://github.com/apache/tomcat-connectors/tree/JK_1_2_50
Dist:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/jk/
This
On 08/08/2024 15:13, Mark Thomas wrote:
The proposed JK 1.2.50 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 1.2.50
Compiles on Ubuntu 22.04 (fully patched) and passes a simple smoke test
with httpd.
Windows binary for 64-bit passes a simple smoke test on
Tag:
https://github.com/apache/tomcat-connectors/tree/JK_1_2_50
Source:
https://github.com/apache/tomcat-connectors/tree/JK_1_2_50
Dist:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/jk/
This is a maintenance release with a handful of dependency updates and
bug fixes (compar
On 07/08/2024 17:23, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
from 5aa3aaf72d Fix link
new 248827a857 Add trace logging for receipt of
On 06/08/2024 10:50, Konstantin Kolinko wrote:
вт, 6 авг. 2024 г. в 12:44, Mark Thomas :
I'll get those changes done.
+1
Looking at other usages of JarScannerCallback, e.g.
o.a.catalina.startup.ContextConfig, I see no obvious problem. There is
one message about DEBUG
On 06/08/2024 09:56, Rémy Maucherat wrote:
On Tue, Aug 6, 2024 at 10:19 AM Mark Thomas wrote:
The current TLD scanner logs the following message if JARs are scanned
but not TLDs are found:
At least one JAR was scanned for TLDs yet contained no TLDs. Enable
debug logging for this logger for
On 02/08/2024 15:15, Mark Thomas wrote:
The proposed 11.0.0-M24 release is:
[ ] -1 Broken - do not release
[ ] +1 Beta - go ahead and release as 11.0.0-M24
The following votes were cast:
Binding:
+1: isapir, rjung, remm, markt
No other votes were cast.
The vote therefore passes.
Thanks
The current TLD scanner logs the following message if JARs are scanned
but not TLDs are found:
At least one JAR was scanned for TLDs yet contained no TLDs. Enable
debug logging for this logger for a complete list of JARs that were
scanned but no TLDs were found in them. Skipping unneeded JARs
On 03/08/2024 00:02, Rémy Maucherat wrote:
The proposed 9.0.93 release is:
[ ] -1, Broken - do not release
[X] +1, Stable - go ahead and release as 9.0.93
Tests pass on:
- Windows (Tomcat Native 1.3.1 / OpenSSL 3.0.14, FFM tests skipped)
- Linux (Tomcat Native 1.3.1 / OpenSSL Ubuntu 22.04 LTS
On 02/08/2024 18:27, Christopher Schultz wrote:
Please reply with a +1 for release or +0/-0/-1 with an explanation.
+1
Tests pass on:
- Windows (Tomcat Native 2.0.8 / OpenSSL 3.0.14, FFM tests skipped)
- Linux (Tomcat Native 2.0.8 / OpenSSL Ubuntu 22.04 LTS latest)
- MacOS (Intel, Tomcat Nati
On 02/08/2024 15:15, Mark Thomas wrote:
The proposed 11.0.0-M24 release is:
[ ] -1 Broken - do not release
[ ] +1 Beta - go ahead and release as 11.0.0-M24
Tests pass on:
- Windows (Tomcat Native 2.0.8 / OpenSSL 3.0.14, FFM tests skipped)
- Linux (Tomcat Native 2.0.8 / OpenSSL Ubuntu 22.04
4 Aug 2024 08:19:37 Koteswara Rao Gundapaneni
:
Hi Team,
I am the best contributor in tomcat dev
How do we say if we run the tomcat through script not a batch file
Regards
Gundapaneni
Address unsubscribed and added to deny lists.
Mark
The proposed Apache Tomcat 11.0.0-M24 release is now available for
voting.
Apache Tomcat 11.0.0-M24 is a milestone release of the 11.0.x branch and
has been made to provide users with early access to the new features in
Apache Tomcat 11.0.x so that they may provide feedback. The notable
change
On 02/08/2024 12:06, Rainer Jung wrote:
Am 02.08.24 um 10:58 schrieb Mark Thomas:
On 02/08/2024 07:58, Mark Thomas wrote:
On 01/08/2024 23:48, Rainer Jung wrote:
I did not check each occurrence but here are examples which all also
have a NullPointer in the access log. I don't know wh
On 02/08/2024 09:58, Mark Thomas wrote:
On 02/08/2024 07:58, Mark Thomas wrote:
On 01/08/2024 23:48, Rainer Jung wrote:
I did not check each occurrence but here are examples which all also
have a NullPointer in the access log. I don't know whether that
triggers the failure or is
Hi all,
I am cancelling this release due to multiple regressions introduced by
the additional of recycling of requests and responses for HTTP/2.
Mark
On 29/07/2024 19:26, Mark Thomas wrote:
The proposed Apache Tomcat 11.0.0-M23 release is now available for
voting.
Apache Tomcat 11.0.0-M23
On 02/08/2024 07:58, Mark Thomas wrote:
On 01/08/2024 23:48, Rainer Jung wrote:
I did not check each occurrence but here are examples which all also
have a NullPointer in the access log. I don't know whether that
triggers the failure or is just another symptom triggered by the same
I am changing my vote for this release to -1 due to regressions caused
by the introduction of request and response recycling for HTTP/2.
Mark
On 30/07/2024 20:08, Mark Thomas wrote:
On 30/07/2024 04:32, Rémy Maucherat wrote:
The proposed 9.0.92 release is:
[ ] -1, Broken - do not release
I am changing my vote for this release to -1 due to regressions caused
by the introduction of request and response recycling for HTTP/2.
Mark
On 01/08/2024 16:02, Mark Thomas wrote:
On 30/07/2024 16:56, Christopher Schultz wrote:
Please reply with a +1 for release or +0/-0/-1 with an
I am changing my vote for this release to -1 due to regressions caused
by the introduction of request and response recycling for HTTP/2.
Mark
On 29/07/2024 19:29, Mark Thomas wrote:
On 29/07/2024 19:26, Mark Thomas wrote:
The proposed 11.0.0-M23 release is:
[ ] -1 Broken - do not release
On 01/08/2024 23:48, Rainer Jung wrote:
I did not check each occurrence but here are examples which all also
have a NullPointer in the access log. I don't know whether that triggers
the failure or is just another symptom triggered by the same root cause.
Rainer,
Thanks for the work you h
On 01/08/2024 16:02, Mark Thomas wrote:
On 30/07/2024 16:56, Christopher Schultz wrote:
Please reply with a +1 for release or +0/-0/-1 with an explanation.
+1
Tests pass on Linux with Java 22, Tomcat Native 2.0.8 and current
OpenSSL from Ubuntu.
Tests pass on Windows with Java 22, Tomcat
On 30/07/2024 16:56, Christopher Schultz wrote:
Please reply with a +1 for release or +0/-0/-1 with an explanation.
+1
Tests pass on Linux with Java 22, Tomcat Native 2.0.8 and current
OpenSSL from Ubuntu.
Tests pass on Windows with Java 22, Tomcat Native 2.0.8 and OpenSSL
3.0.14. FFM test
On 30/07/2024 04:32, Rémy Maucherat wrote:
The proposed 9.0.92 release is:
[ ] -1, Broken - do not release
[X] +1, Stable - go ahead and release as 9.0.92
Test pass on Linux with Tomcat Native 1.3.1 and OpenSSL 3.0.2 (latest
Ubuntu 22.04).
Test pass on Windows with Tomcat Native 1.3.1 and O
On 30/07/2024 04:24, Rémy Maucherat wrote:
On Mon, Jul 29, 2024 at 8:27 PM Mark Thomas wrote:
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1504
The Maven repository has not been closed so it is not accessible.
Sorry. Thanks for pointing
On 29/07/2024 19:26, Mark Thomas wrote:
The proposed 11.0.0-M23 release is:
[ ] -1 Broken - do not release
[X] +1 Beta - go ahead and release as 11.0.0-M23
Tests pass fully on Linux with Tomcat Native 2.0.8 and OpenSSL 3.0.14.
Tests pass on MacOS (Intel and M1) apart from some FFM tests
The proposed Apache Tomcat 11.0.0-M23 release is now available for
voting.
Apache Tomcat 11.0.0-M23 is a milestone release of the 11.0.x branch and
has been made to provide users with early access to the new features in
Apache Tomcat 11.0.x so that they may provide feedback. The notable
change
Hi all,
I have a couple of things to finish off (testing Tomcat Native 1.3.1,
back-porting the translations) but hope to be in a position to tag
11.0.x later today.
The TCK run seems to be failing consistently for Java 17 and Windows. I
need to look into why. I haven't been able to reproduce
Request denied.
You have yet to make any meaningful contribution to the Tomcat community.
You are remain very, very close to receiving a permanent ban from the
Tomcat community as a result of multiple nonsense posts.
Mark
On 27/07/2024 04:21, Koteswararao Gundapaneni wrote:
Hi Team,
I go
On 25/07/2024 23:41, Koteswararao Gundapaneni wrote:
I am not sure whether this question is relevant
What is this JreCompat
https://github.com/apache/tomcat/tree/main/java/org/apache/tomcat/util/compat
On Fri, 26 Jul 2024, 02:04 Mark Thomas, wrote:
As per Rémy's suggestion, I
On 25/07/2024 22:49, Rémy Maucherat wrote:
On Thu, Jul 25, 2024 at 10:34 PM Mark Thomas wrote:
As per Rémy's suggestion, I've been looking simplifying JreCompat to
only support LTS versions and anything more recent than the newest LTS.
That would mean:
- Tomcat 9 only
- Jre
As per Rémy's suggestion, I've been looking simplifying JreCompat to
only support LTS versions and anything more recent than the newest LTS.
That would mean:
- Tomcat 9 only
- Jre9Compat is renamed to Jre11Compat
- Tomcat 9 and 10
- Jre16Compat is renamed to Jre17Compat
- All versions
- Jr
a2384804c527c64290cfae1fa988f1f394890e91
Author: Mark Thomas
AuthorDate: Wed Jul 24 17:51:24 2024 +0100
Add JreCompat support for Subject.callAs()
With the changes coming in Java 23 we need to move away from
Subject.doAs() but the replacement isn't available in Java 17. Hence use
JreC
a2384804c527c64290cfae1fa988f1f394890e91
Author: Mark Thomas
AuthorDate: Wed Jul 24 17:51:24 2024 +0100
Add JreCompat support for Subject.callAs()
With the changes coming in Java 23 we need to move away from
Subject.doAs() but the replacement isn't available in Java 17. Hence use
JreCompat.
---
.../org/a
The Apache Tomcat team announces the immediate availability of Apache
Tomcat Native 2.0.8 stable.
The key features of this release are:
- Fix a crash on Windows when SSLContext.setCACertificate() is invoked
with a null value for caCertificateFile and a non-null value for
caCertificatePath
-
The following votes were cast:
Binding:
+1: remm, markt, schultz
No other votes were cast. The vote therefore passes.
Thanks to everyone who contributed to this release.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.
The following votes were cast:
Binding:
+1: remm, markt, schultz
No other votes were cast. The vote therefore passes.
Thanks to everyone who contributed to this release.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.a
On 23/07/2024 21:30, Christopher Schultz wrote:
Mark,
On 7/23/24 13:13, Mark Thomas wrote:
Prompted by some folks at $dayjob, I have been looking at the
performance of Tomcat's HTTP/2 implementation using [1]
Initially, I was seeing ~79k req/s.
Restoring lazy init for the StreamInputB
On 23/07/2024 23:38, Christopher Schultz wrote:
On 7/23/24 03:05, Mark Thomas wrote:
Given that we are free to make factual statements such as "Tomcat
11.0.x passes the latest Annotations, EL, Pages, Servlet and WebSocket
TCKs" or "Tomcat 11.0.0-M20 is a compatible implem
1 - 100 of 5326 matches
Mail list logo