Remy Maucherat wrote:
Mark Thomas wrote:
Fair enough. My biggest concern was the lack of JspException
unwrapping. The SQLException support was a nice to have but I'm not
that bothered about it.
I never used the SQL exception nesting, so I don't have an opinion about
it, but I think it's ok
Remy Maucherat wrote:
Remy Maucherat wrote:
Hi,
I think it would be a good idea early next week (possibly late monday)
to do a new build and integrate the client cert fix I did a little bit
earlier. I have seen a possible fix to do for NIO as well (41466).
Comments ?
Ok, is it ok to
Sorry for the noise. Some muppet has been randomly editing bugs. I
believe I have corrected all their changes. I'll ping infra to let
them know in case the damage has been more wide spread.
Mark
-
To unsubscribe, e-mail: [EMAIL
Guershon Marc wrote:
Hello,
I would like to know what are the changing to do in the configuration
files (and which files are they ?) of the TOMCAT APACHE 5.5.9 to make
it enable to multi-application work,
so more than one application can use the same instance of the APACHE.
This is a
Remy Maucherat wrote:
Candidate binaries are available here:
http://people.apache.org/~remm/tomcat-6/v6.0.9/
Votes ?
alpha +1
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL
Remy Maucherat wrote:
Mladen Turk wrote:
If you think its a PITA, don't do it.
Apparently, it has to be done that way. I think it's a PITA because it
does take a lot of time (every vote needs a few days, etc).
The bit that has to be done (ie is mandated by Apache rules) is a vote
by the PMC
Yoav Shapira wrote:
Hi,
On 2/2/07, Mark Thomas [EMAIL PROTECTED] wrote:
Given that a -1 vote is not valid for a release vote, as soon as we
Umm, why is a -1 not valid for a release?
Standard Apache procedure as per
http://www.apache.org/foundation/voting.html
Mark
Yoav Shapira wrote:
Hi,
On 2/2/07, Mark Thomas [EMAIL PROTECTED] wrote:
Yoav Shapira wrote:
Hi,
On 2/2/07, Mark Thomas [EMAIL PROTECTED] wrote:
Given that a -1 vote is not valid for a release vote, as soon as we
Umm, why is a -1 not valid for a release?
Standard Apache procedure
Remy Maucherat wrote:
I am ok with changing the release process if something simpler is
possible. I am interested in speeding up the process by cutting back on
the number of votes.
The process would be:
1. create tarball and unofficial binaries, put them on
people.apache.org/~remm/tomcat-6
Remy Maucherat wrote:
Hi,
I propose the following release process for Tomcat 6.0.x:
1. create tarball and unofficial binaries, put them on
people.apache.org/~remm/tomcat-6
2. announce candidate binaries are available for testing
3. wait 2-3 days for testing
4. call for alpha/beta/stable
Filip Hanik - Dev Lists wrote:
oops, wasn't clear enough.
I don't have the bandwidth to track down this issue right now, if
someone wants to go in and fix the build dependencies so that the
AprEndpoint class indeed is in the classpath when the AJP connector gets
compiled
Looks like it could
Mark Thomas wrote:
Filip Hanik - Dev Lists wrote:
oops, wasn't clear enough.
I don't have the bandwidth to track down this issue right now, if
someone wants to go in and fix the build dependencies so that the
AprEndpoint class indeed is in the classpath when the AJP connector gets
compiled
All,
I have started to put together some additional security pages based on
httpd. I have only added text for a couple vulnerabilities but the
plan is to include all those in the CVE list plus any I can find in
the archives.
The draft is currently on people.a.o at
Remy Maucherat wrote:
According to the (slightly) updated release process, the 6.0.10 tag is:
[ ] Broken
[ ] Alpha
[ ] Beta
[X] Stable
So far, there are 3 binding votes for stable (with one from an inactive
committer), and 1 for beta. While a beta or stable release could legaly
be made,
Filip Hanik - Dev Lists wrote:
Ok folks, for those that want to see the 5.0.22, please provide some
feedback.
Without votes, I can't push out a release.
Filip
Filip Hanik - Dev Lists wrote:
Candidate binaries are available here:
Ian Darwin wrote:
Good stuff. Minor typo in the 5-x page:
If directory listings are enabled,
a diretcory listing will be shown.
Thanks. Fixed.
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail:
Remy Maucherat wrote:
Hi,
I'd like to nominate Fabian Carrion as a committer on the Apache Tomcat
project. Fabian contributed many useful patches, including helping add
support for Servlet 2.5 in Apache Tomcat 6.0.
Votes ?
+1
Mark
Looking into bug 37072 has identified a conflict in the spec.
http://issues.apache.org/bugzilla/show_bug.cgi?id=37072
Consider the following sequence of calls:
response.setCharacterEncoding(UTF-8);
response.getWriter();
response.reset();
After this the writer encoding and response encoding do
Remy Maucherat wrote:
[EMAIL PROTECTED] wrote:
Author: markt
Date: Thu Mar 1 18:38:26 2007
New Revision: 513601
URL: http://svn.apache.org/viewvc?view=revrev=513601
Log:
Port fix for bug 41739. Servlets with a load-on-startup value of zero
should be loaded first.
I am not convinced by
Remy Maucherat wrote:
Mark Thomas wrote:
Looking into bug 37072 has identified a conflict in the spec.
http://issues.apache.org/bugzilla/show_bug.cgi?id=37072
Consider the following sequence of calls:
response.setCharacterEncoding(UTF-8);
response.getWriter();
response.reset();
After
Jean-Frederic wrote:
On Thu, 2007-02-15 at 22:34 -0500, Mark Thomas wrote:
Any comments before I commit these changes to the live site?
Add a mod_jk Apache Tomcat JK
Done, with information about the recently announced issue.
Mark
Filip Hanik - Dev Lists wrote:
[ ] Broken
[ ] Alpha
[ ] Beta
[X] Stable
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Filip Hanik - Dev Lists wrote:
Due to a recent screw up, my binaries didn't match the tag in SVN. This
has been corrected.
A new build has been run from the tag, the TCK tests have all been run
and passed.
Candidate binaries are available here:
Filip Hanik - Dev Lists wrote:
Mark Thomas wrote:
Filip Hanik - Dev Lists wrote:
Tag is stable but the source distro has a few things that it shouldn't
as reported in http://issues.apache.org/bugzilla/show_bug.cgi?id=41766
- apache-tomcat-5.5.23-src/connectors/jk/jkstatus/build/*
- apache
Rainer Jung wrote:
[ ] Try to improve the header files for a 1.2.21.1
[X] Simply release 1.2.22
[ ] Don't release at all, wait for more fixes or features before releasing.
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For
Mladen Turk wrote:
[EMAIL PROTECTED] wrote:
Modified:
tomcat/connectors/trunk/jni/ (props changed)
Propchange: tomcat/connectors/trunk/jni/
--
--- svn:ignore (added)
+++ svn:ignore Sat Mar 17 09:51:13 2007
All,
Please vote on releasing Apache Tomcat 4.1.35.
Download from:
http://tomcat.apache.org/dev/dist/tomcat-4.1.35/apache-tomcat-4.1.34-src.tar.gz
The standard distributions are also available from the same directory.
The vote will run for approximately 72 hours.
Tomcat 4.1.35 is:
[ ] Stable
Mark Thomas wrote:
Tomcat 4.1.35 is:
[X] Stable
[ ] Beta
[ ] Alpha
Here's my vote to kick things off.
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Yoav Shapira wrote:
Hi,
On 3/18/07, Mark Thomas [EMAIL PROTECTED] wrote:
Please vote on releasing Apache Tomcat 4.1.35.
Download from:
http://tomcat.apache.org/dev/dist/tomcat-4.1.35/apache-tomcat-4.1.34-src.tar.gz
Surely the distro file name is wrong? Should be 4.1.35-src.tar.gz
*** Please note the corrected file name. ***
All,
Please vote on releasing Apache Tomcat 4.1.35.
Download from:
http://tomcat.apache.org/dev/dist/tomcat-4.1.35/apache-tomcat-4.1.35-src.tar.gz
The standard distributions are also available from the same directory.
The vote will run for
Mark Thomas wrote:
Tomcat 4.1.35 is:
[X] Stable
[ ] Beta
[ ] Alpha
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Mark Thomas wrote:
Mark Thomas wrote:
Tomcat 4.1.35 is:
[X] Stable
[ ] Beta
[ ] Alpha
I am withdrawing my vote for this release and the release candidate as
the build appears to be bad (the wrong mx4j.jar is used).
I haven't as yet got to the bottom of why my testing didn't spot
Yoav Shapira wrote:
Hi,
The svn:externals hookup for svn.apache.org/repos/asf/tomcat/current
points to the 5.5 branch trunk, as it has been for a while.
No it doesn't. /current contains three directories one for each of
tc3, tc4, tc5. It is intended to provide a convenient single checkout
for
Yoav Shapira wrote:
On 3/25/07, Mark Thomas [EMAIL PROTECTED] wrote:
Since tc6 is a single component, there is no need to provide such a
directory.
I wonder if we should still have current/tc6 for consistency.
-0. I can see the benefit of consistency but I don't like the idea
because
[EMAIL PROTECTED] wrote:
Author: billbarker
Date: Tue Nov 27 02:54:45 2007
New Revision: 598587
URL: http://svn.apache.org/viewvc?rev=598587view=rev
Log:
Adding my objection
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
I recently created some skeleton implementations of the above packages to
stop Eclipse complaining all the time about not being able to compile the
entire TC6 source tree.
Is there any interest in adding them to trunk to join the other skeleton
classes in TC6?
Mark
nil_yadav wrote:
Hello
I am using Hyperion 9 Portal run by apache Tomcat which is set up on a unix
machine.
At times during login after authentication we get an error as shown below
This is a question for the users list. See http://tomcat.apache.org/lists.html
Mark
All,
The update to commons-pool-1.3 has caused a memory leak[1]. Further, [2]
suggests it may cause reload issues in some circumstances.
The release note [3] for commons-pool-1.3 does indicate a large number of
bugs have been fixed compared to commons-pool-1.2. That said, I do not
believe we
Peter Rossbach wrote:
+1
See you a chance the commons dbcp or pool team fix the bug and we can
use a newer version?
Looking at the history of the issue, I am guessing not in the short term.
I'll see what I can do to help out (if anything) to speed along a 1.4 release.
Mark
Ducky wrote:
Hello,
I just noticed those following messages in my apache log files, and
wasn't able to find the cause. Any documentations/insights for those
error messages?
You are more likely to get a useful response on the users list.
http://tomcat.apache.org/lists.html
Mark
Nethra Devegowda -X (ndevegow - WIPRO at Cisco) wrote:
How can we configure cactus with web application?
Please mail me the file sturctures and the contents in the required
files. And the paths .
Please don't hi-jack threads. Also, you are more likely to get a useful
response on the users
Remy Maucherat wrote:
On Mon, 2007-11-26 at 21:09 +, [EMAIL PROTECTED] wrote:
Author: markt
Date: Mon Nov 26 13:09:21 2007
New Revision: 598430
URL: http://svn.apache.org/viewvc?rev=598430view=rev
Log:
More license fixes
+
+* Fix another license issue
+
Yoav Shapira wrote:
RewriteEngine On
RewriteRule /faq/(.*) http://wiki.apache.org/tomcat/FAQ/$1 [R=301]
+1
I am not 100% the mapping will be this simple. It is is, great. If not, we
could either map each page or do:
RewriteRule /faq/(.*) http://wiki.apache.org/tomcat/FAQ [R=301]
Mark
Yoav Shapira wrote:
On Dec 7, 2007 9:36 AM, Tim Funk [EMAIL PROTECTED] wrote:
The last step is to archive or delete the existing faq pages ..
site/trunk/xdocs-faq
site/trunk/docs/faq (except for .htaccess)
I'm unsure which svn commands to run
svn delete
- or -
svn move TO_WHERE?
Not
Filip Hanik - Dev Lists wrote:
that's a good point, one would expect most names to be pooled when it
comes to implicit class loading, although as you say, not a guarantee.
in findClassInternal, we do synchronized(this), so maybe we should not
need to introduce another locking object, when we
This is a question for the users list.
http://tomcat.apache.org/lists.html
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Filip Hanik - Dev Lists wrote:
1. annotation dependency injection patch
How does this compare to
http://issues.apache.org/bugzilla/show_bug.cgi?id=43819 ?
2. cluster JMX configurations
+1
3. any NIO improvements that haven't been ported
+1
Mark
David Jencks wrote:
On Dec 18, 2007, at 1:40 PM, Mark Thomas wrote:
Filip Hanik - Dev Lists wrote:
1. annotation dependency injection patch
How does this compare to
http://issues.apache.org/bugzilla/show_bug.cgi?id=43819 ?
I don't see any relationship or overlap between EL and
annotations
jean-frederic clere wrote:
I'll tag the tcnative to 1.1.12.
+1
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
= org.apache.juli.FileHandler
org.apache.juli.FileHandler.level = FINE
org.apache.juli.FileHandler.directory = ${catalina.base}/logs
org.apache.juli.FileHandler.prefix = mylog.
Credit:
This issue was discovered by Delian Krustev.
References:
http://tomcat.apache.org/security.html
Mark Thomas
*** Patch starts
[EMAIL PROTECTED] wrote:
Author: fhanik
Date: Mon Dec 17 12:55:56 2007
New Revision: 605000
URL: http://svn.apache.org/viewvc?rev=605000view=rev
Log:
port new annotation logic from previous trunk
-1.
With this patch in place I get a whole bunch of ISEs in the logs when I
restart a
Filip Hanik - Dev Lists wrote:
Mark Thomas wrote:
[EMAIL PROTECTED] wrote:
Author: fhanik
Date: Mon Dec 17 12:55:56 2007
New Revision: 605000
URL: http://svn.apache.org/viewvc?rev=605000view=rev
Log:
port new annotation logic from previous trunk
-1.
give it some time
Filip Hanik - Dev Lists wrote:
ok, this should take care of the problem, sorry for the delay
Delay? That was pretty speedy ;)
Your change fixes the problem I was seeing. Veto withdrawn.
Mark
-
To unsubscribe, e-mail: [EMAIL
[EMAIL PROTECTED] wrote:
+ -1: fhanik - lets not do e.printStackTrace, handle the error and log it
correctly,
Fair point. I'll fix that.
also, have the diff only change lines that are actually changed. makes it
easier to review
Which lines do you mean? The diff looks normal to me.
Mark
Filip Hanik - Dev Lists wrote:
Mark Thomas wrote:
[EMAIL PROTECTED] wrote:
+ -1: fhanik - lets not do e.printStackTrace, handle the error and
log it correctly,
Fair point. I'll fix that.
also, have the diff only change lines that are actually changed. makes it
easier to review
Filip Hanik - Dev Lists wrote:
we have a lot of updates added in, I think it may be good to set a date
for our next release and work towards that
+1.
There are a stack of changes (both committed and proposed) for 5.5.x as
well. It would be good to plan a 5.5.x release as well.
I'll also do a
Remy Maucherat wrote:
On my platform [Linux + IcedTea], with the new policy in place, I get an
error initializing a timestamp used by the FileHandler (why such a class
ends up using a file like this is a mystery):
Can you turn on the debugging so we can figure out which file it is. I'd
Filip Hanik - Dev Lists wrote:
I don't think we wanna ship a file that has a default user for admin and
manager roles.
Sorry - my bad. I always change that file locally and forgot to un-select
it from the commit. I'll revert it.
Mark
All,
Have I missed the 1.1.12 native release vote?
http://archive.apache.org/dist/tomcat/tomcat-connectors/native/ shows a
1.1.12 but neither my recollection nor a check of the archives shows a
release vote for these files. The files are also on the mirrors.
Without a vote, these files need
Remy Maucherat wrote:
On Fri, 2008-01-11 at 13:27 -0500, Larry Isaacs wrote:
I used java.security.debug=failure. The NPE isn't visible without it
(and nothing gets logged). I also did try adding various file
permissions, without much success.
Rémy
If I recall correctly, the failure option
Mladen Turk wrote:
Henri Gomez wrote:
No, like said, Tomcat Native is voted *together*
with Tomcat version that contains it.
May be but the version numbers are different.
It seems very similar to mod_jk in my opinion, since it's a part of
Tomcat but not mandatory.
But it's not. We don't
The source distributions are here:
http://www.apache.org/dist/tomcat/tomcat-connectors/native/tomcat-native-1.1.12-src.tar.gz
http://www.apache.org/dist/tomcat/tomcat-connectors/native/tomcat-native-1.1.12-win32-src.zip
According to the release process, the 1.1.12 tarball is:
[ ] Broken
[ ]
Filip Hanik - Dev Lists wrote:
you're other option is to just vote on tcnative separately, and that way
utilize all the ASF mirrors and release sites
A vote seems to be the quickest and best solution along with standard
releases (like mod_jk) going forward.
It isn't like there is a lack of
Mladen Turk wrote:
It would mean that you will need *nix for building
the Tomcat release, but that's fine with me.
If the Tomcat RM's are fine with that, it's a very
simple task.
That means we require the release to be built on Windows so we can built
the installer and on *nix for native.
Mladen Turk wrote:
Mark Thomas wrote:
Mladen Turk wrote:
-1 (or if you wish veto)
Releases can't be voted. The 3 more +1s than -1s rule still applies
though.
OK, it seems we have problem here.
Did you read what I said? There is no such thing
as *tomcat-native release*, period, so
Mladen Turk wrote:
-1 (or if you wish veto)
Releases can't be voted. The 3 more +1s than -1s rule still applies though.
There is no such thing as tomcat-native product that
we can vote for.
What are all these then?
http://tomcat.heanet.ie/native/
Tomcat-native is integral part of Tomcat,
Mark Thomas wrote:
Mladen Turk wrote:
-1 (or if you wish veto)
Releases can't be voted. The 3 more +1s than -1s rule still applies though.
Opps. Make that Releases can't be vetoed. It's getting late here ;)
Mark
Guenter Knauf wrote:
just an idea / suggestion:
isnt it usable for the release process that you create a place in SVN where you
commit the tarballs, and then download them via http from there instead from a
directory location?
That would work. We use the same process for the windows service
This may end up as moot when the to release or not to release thread
concludes but if not, here is my vote
Mark Thomas wrote:
The source distributions are here:
http://www.apache.org/dist/tomcat/tomcat-connectors/native/tomcat-native-1.1.12-src.tar.gz
http://www.apache.org/dist/tomcat
Mladen Turk wrote:
Did you read what I said? There is no such thing
as *tomcat-native release*, period, so
there is no thing we can vote for.
If we make a src tarball available for download, then it is a release. It
doesn't matter that it is useless on it's own nor that similar
functionality
Mladen Turk wrote:
Guenter Knauf wrote:
just an idea / suggestion:
isnt it usable for the release process that you create a place in SVN
where you commit the tarballs, and then download them via http from
there instead from a directory location?
Finally, an interesting idea.
You are
Mladen Turk wrote:
Mark Thomas wrote:
We have been making the src available for download since the first
version, so why not continue to do so but do so within the ASF rules
and have a release vote? The overhead of a vote is pretty small and it
isn't like it is going to be struggling
jean-frederic clere wrote:
I think that is all working around the fact that tcnative is not
mandatory module for Tomcat and it is somehow independent from tomcat.
tcnative builds contain cryptosoftware (openssl) and that means they may
not be available for download in the ASF site. But that
Peter Rossbach wrote:
Hi Mark,
it isn't true that we don't use commons-logging. Please check extra.xml
ant build file!
-1
True, but that isn't what this section of the release nores is talking
about. If you look at the entire RELEASE-NOTES file the section I removed
commons-logging from
[EMAIL PROTECTED] wrote:
Author: fhanik
Date: Tue Jan 15 11:34:10 2008
New Revision: 612192
URL: http://svn.apache.org/viewvc?rev=612192view=rev
Log:
Add in the ability to turn off reverse DNS lookups for membership on a global
scale.
alot of system aren't configured for this, so simple
Filip Hanik - Dev Lists wrote:
cause I'm likely to discover elsewhere in the tribes module where
reverse DNS lookups are taking place, and at that point can take
advantage of the global flag rather than creating duplicate configs or
creating component dependencies that are not supposed to be
Filip Hanik - Dev Lists wrote:
Remy Maucherat wrote:
On Thu, 2008-01-17 at 07:56 -0700, Filip Hanik - Dev Lists wrote:
Remy Maucherat wrote:
On Wed, 2008-01-16 at 15:26 -0700, Filip Hanik - Dev Lists wrote:
could we get a target date for this? I believe there is enough
Peter Rossbach wrote:
Hi Mark,
I have a problem with a fresh tomcat 55 trunk build. The admin build.xml
missing the new digester 1.8.
Yep - I broke it. I was a bit too enthusiastic with my clean-up. Your fix
looks good. I'll revert that part of the fix.
Also I can't find the new 1.1
[EMAIL PROTECTED] wrote:
Is there another solution to this problem?
The fix for bug 43839 should have fixed this.
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
nayabinghi wrote:
The problem was jdk 1.6. I downgraded to 1.5 and it went well.
That is a known issue with DBCP:
http://issues.apache.org/bugzilla/show_bug.cgi?id=43147
However I am
having some challenges building Tomcat 6 with the admin tool.
There is no admin tool in tomcat 6.
Mark
Michal Vyskocil wrote:
I'm unable to locate a patch to fix the CVE-2005-2090. I cannot found any hint
from svn commit log or bugzilla.
Maybe is this commit
r513079 | markt | 2007-03-01 01:26:12 +0100 (Čt, 01 bře 2007) | 1
Filip Hanik - Dev Lists wrote:
Mark Thomas wrote:
Michal Vyskocil wrote:
I'm unable to locate a patch to fix the CVE-2005-2090. I cannot found
any hint from svn commit log or bugzilla.
Maybe is this commit
r513079
[EMAIL PROTECTED] wrote:
Author: markt
Date: Tue Jan 29 13:18:25 2008
New Revision: 616522
URL: http://svn.apache.org/viewvc?rev=616522view=rev
Log:
Tab police. No function change
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/puretls/PureTLSImplementation.java
Filip Hanik - Dev Lists wrote:
Bill Barker wrote:
I'm for removing support for PureTLS, since it is largely unmaintained
at the moment. But the abstraction is usefull to be able to support
SSL providers (e.g. Mozilla meantioned above) that don't implement
JSSE. It wasn't about getting
Emmanuel Milou wrote:
it used to work well with the same config on Tomcat5.5.
Could the problem occurs because of the changelog? or a bug in the
connector mod_jk?
appBase and docBase settings for the relevant host and webapp?
Mark
Emmanuel Milou wrote:
here is the part of my server.xml you wanted to check:
Host name=myapp debug=0 appBase=/var/www/myapp unpackWARs=true
Aliasmyapp/Alias
Context path= docBase= debug=5 reloadable=false
swallowOutput=true /
Context path=/manager
Remy Maucherat wrote:
On Thu, 2008-01-31 at 19:21 +, Mark Thomas wrote:
[EMAIL PROTECTED] wrote:
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=616973r1=616972r2=616973view=diff
Remy Maucherat wrote:
The candidates binaries are available here:
http://people.apache.org/~remm/tomcat-6/v6.0.16/
According to the release process, the 6.0.16 tag is:
[ ] Broken
[ ] Alpha
[ ] Beta
[ ] Stable
I currently see a small number TCK failures. As this is the first time I
have run
Mark Thomas wrote:
Remy Maucherat wrote:
The candidates binaries are available here:
http://people.apache.org/~remm/tomcat-6/v6.0.16/
According to the release process, the 6.0.16 tag is:
[ ] Broken
[ ] Alpha
[ ] Beta
[X] Stable
I currently see a small number TCK failures
Filip Hanik - Dev Lists wrote:
The candidates binaries are available here:
http://people.apache.org/~fhanik/tomcat/tomcat-5.5/v5.5.26/
According to the release process, the 5.5.26 tag is:
[ ] Broken
[ ] Alpha
[ ] Beta
[X] Stable
Mark
Rainer Jung wrote:
Remy Maucherat wrote:
Rainer Jung wrote:
Remy Maucherat schrieb:
The candidates binaries are available here:
http://people.apache.org/~remm/tomcat-6/v6.0.16/
According to the release process, the 6.0.16 tag is:
[ ] Broken
[ ] Alpha
[ ] Beta
[X] Stable
Rémy
One small
Moayad Abu Jaber wrote:
Greeting,
When i try to put the field have Arabic name and handle it in servlet I give
null value. Though when handle all parameters name I see the parameter name
as garbage.
This is a question for the users list.
Mark
[EMAIL PROTECTED] wrote:
Author: jim
Date: Thu Feb 7 07:39:21 2008
New Revision: 619460
URL: http://svn.apache.org/viewvc?rev=619460view=rev
Log:
Cast some votes... mulling over:
http://people.apache.org/~markt/patches/2008-01-17-tc4-lib-updates.patch
Any queries, let me know. I am
Thanks for the votes.
I am working my way through the patches but it is taking longer than
planned since I am currently on my third room in this hotel trying to get a
broadband connection that works. I'm back home tonight with (hopefully)
reliable connectivity and will finish off the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2008-0002: Tomcat information disclosure vulnerability
Severity: important
Vendor:
The Apache Software Foundation
Versions Affected:
Tomcat 6.0.5 to 6.0.15
Description:
If an exception occurs during the processing of parameters (eg if the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2007-5333: Tomcat Cookie handling vulnerabilities
Severity: low - Session hi-jacking
Vendor:
The Apache Software Foundation
Versions Affected:
Tomcat 4.1.0 to 4.1.36
Tomcat 5.5.0 to 5.5.25
Tomcat 6.0.0 to 6.0.14
Description:
The previous fix
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2007-6286: Tomcat duplicate request processing vulnerability
Severity: Important
Vendor:
The Apache Software Foundation
Versions Affected:
Tomcat 5.5.11 to 5.5.25
Tomcat 6.0.0 to 6.0.15
Description:
When using the native (APR based)
Maik Jablonski wrote:
Hi,
I've just encountered that Cookies seem to be a little bit broken in
6.0.16. If you want to read a cookie which ends on one or more
equals-sign (=), the equals-signs are removed by Tomcat when the
cookie is read.
Is it a bug or a undocumented change?
It is neither.
Remy Maucherat wrote:
Filip Hanik - Dev Lists wrote:
Jim Manico wrote:
I guess we could throw a run time exception if the value contained
any of those. other than that, I'm not sure how to behave
I think this is the best case scenario for v0 cookies. Perhaps, if
you really want to get
[EMAIL PROTECTED] wrote:
Author: markt
Date: Sun Feb 10 13:33:35 2008
New Revision: 620335
URL: http://svn.apache.org/viewvc?rev=620335view=rev
Log:
Add a page to the config docs detailing the various system properties that are
available.
The recent discussion on configuration options
101 - 200 of 9028 matches
Mail list logo