On 08/02/2024 13:45, Rick Noel wrote:
Our application uses classes in this jar xmlrpc-server3.1.3.jar .(it is the
latest version)
We are trying to migrate to Tomcat 10 but that jar uses the javax.server.
package classes instead of the needed jakarta.server. pacakage.
I have tried
On 08/02/2024 11:43, Mark Thomas wrote:
The source is OK but the convenience binary needs to be re-packaged. I
think the DLL name changed which meant the correct files weren't picked up.
Since we aren't changing the source or the tag, I don't think we need a
new release but I'll confirm
went wrong.
Mark
On 08/02/2024 09:23, Mark Thomas wrote:
The following votes were cast:
Binding:
+1: markt, schultz, remm
No other votes were cast.
The vote therefore passes.
Thanks to everyone who contributed to this release.
Mark
On 04/02/2024 20:42, Mark Thomas wrote:
The key
The following votes were cast:
Binding:
+1: markt, schultz, remm
No other votes were cast.
The vote therefore passes.
Thanks to everyone who contributed to this release.
Mark
On 04/02/2024 20:42, Mark Thomas wrote:
The key differences of version 2.0.7 compared to 2.0.6 are:
- Align
The following votes were cast:
Binding:
+1: markt, schultz, remm
No other votes were cast.
The vote therefore passes.
Thanks to everyone who contributed to this release.
Mark
-
To unsubscribe, e-mail:
On 06/02/2024 11:22, Michael Osipov wrote:
On 2024/02/04 19:54:25 Mark Thomas wrote:
Hi all,
AS you have probably noticed I am working on another round of Tomcat
Native releases.
We are overdue on switching to 1.3.x so I would like to propose the
following with this release round:
- create
On 05/02/2024 20:43, Mark Thomas wrote:
The Apache Tomcat Native 1.3.0 release is
[X] Stable, go ahead and release
[ ] Broken because of ...
Tomcat 9.0.x tests (NIO, NIO2 and APR/native) all pass with Java 22 EA
on Linux (OpenSSL 1.1.1w and 3.0.13) and Windows (OpenSSL 3.0.13).
Mark
This is the first release of the 1.3.x branch. The main differences
compared to the 1.2.x branch are
- Minimum OpenSSL version of 1.1.1
- Minimum APR version of 1.6.3
- Minimum LibreSSL version of 3.5.2
- The windows binaries in this release have been built with OpenSSL
3.0.13 and APR 1.7.4
On 05/02/2024 14:17, Mark Thomas wrote:
On 05/02/2024 14:12, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a change to branch 1.3.x
The 1.3.x might not be perfect but it builds with OpenSSL 1.1.1w and
3.0.13 on Linux and all 9.0.x
34a274f39b836c9d9766e1707018b3b8b61c5506
Author: Mark Thomas
AuthorDate: Mon Feb 5 08:27:04 2024 +
Consistent formatting. Add missing entries. Add version to title.
---
xdocs/miscellaneous/project.xml | 51 +
xdocs/news/project.xml | 10
xdocs/project.xml
On 05/02/2024 14:11, Christopher Schultz wrote:
I'm +1 to markt's suggestions for these releases, except maybe we should
leave 8.5.x with tcnative 1.2.x. I wouldn't want to break the last few
releases of 8.5.x for anybody.
I think the chances of breakage are low as:
- this is a fork from
On 05/02/2024 15:49, Jeroen Hoffman wrote:
On Mon, Feb 5, 2024 at 4:05 PM Mark Thomas wrote:
Are there plans to release the 2.0.0 version?
No plans.
Tomcat 10.1.x onwards uses the 1.2.5 taglibs release converted for
Jakarta EE using the Tomcat migration tool.
Thanks for the quick
On 05/02/2024 14:16, Jeroen Hoffman wrote:
Hi everybody,
I have a question on Tomcat taglibs, I chose this mailing list because
the taglibs-user one seems inactive.
We in the process of updating our application to use Java 17 and Tomcat
10, including javax/jakarta change. It uses Tomcat
On 05/02/2024 14:12, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a change to branch 1.3.x
The 1.3.x might not be perfect but it builds with OpenSSL 1.1.1w and
3.0.13 on Linux and all 9.0.x tests then all pass with Java 22 EA.
On 04/02/2024 20:42, Mark Thomas wrote:
The Apache Tomcat Native 2.0.7 release is
[X] Stable, go ahead and release
[ ] Broken because of ...
Tests pass with 11.0.x on Linux and Windows.
Mark
-
To unsubscribe, e-mail
The key differences of version 2.0.7 compared to 2.0.6 are:
- Align default pass phrase prompt with httpd on Windows
- The windows binaries in this release have been built with OpenSSL
3.0.13 and APR 1.7.4
The 2.0.x branch is primarily intended for use with Tomcat 10.1.x
onwards but can be
On 02/02/2024 18:48, Kaushal Shriyan wrote:
Hi,
I am running tomcat version 9.0.84 on Red Hat Enterprise Linux release 8.7
(Ootpa). Is there a way to configure the server to return a custom page in
the event of a client requesting a non-existent resource.
Yes.
Please guide me.
To do this
Hi all,
AS you have probably noticed I am working on another round of Tomcat
Native releases.
We are overdue on switching to 1.3.x so I would like to propose the
following with this release round:
- create a new 1.3.x branch from the current 1.2.x HEAD
- update minimum OpenSSL to 1.1.1
-
On 03/02/2024 11:21, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a change to tag 2.0.7
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
at ca59e88dc (commit)
This tag includes the following new commits:
On 02/02/2024 18:42, Mark Thomas wrote:
On 02/02/2024 18:19, Christopher Schultz wrote:
Mark,
On 2/2/24 10:53, Mark Thomas wrote:
The proposed Apache Tomcat migration tool for Jakarta EE 1.0.8 is now
available for voting.
The significant changes since 1.0.7 are:
- Recognize .ear files
On 02/02/2024 18:19, Christopher Schultz wrote:
Mark,
On 2/2/24 10:53, Mark Thomas wrote:
The proposed Apache Tomcat migration tool for Jakarta EE 1.0.8 is now
available for voting.
The significant changes since 1.0.7 are:
- Recognize .ear files as archives
- Include .jspf and .tagf files
On 31/01/2024 13:33, Manak Bisht wrote:
I tried tweaking all the settings that I could think of but I am unable to
sync sessions on restart even on a stock Tomcat 8.5.98 installation using
your provided war. I am unable to identify whether this is actually a bug
or something wrong with my
On 02/02/2024 15:53, Mark Thomas wrote:
The proposed 1.0.8 release is:
[ ] -1: Broken. Do not release because...
[X] +1: Acceptable. Go ahead and release.
The tests pass during the build.
When used with Tomcat 11.0.x, the 1.0.8 shaded JAR successfully converts
the 9.0.x examples web
The proposed Apache Tomcat migration tool for Jakarta EE 1.0.8 is now
available for voting.
The significant changes since 1.0.7 are:
- Recognize .ear files as archives
- Include .jspf and .tagf files in the conversion process
- Update dependencies
It can be obtained from:
On 01/02/2024 17:48, Ryanesch@yahoo wrote:
On Feb 1, 2024, at 10:34 AM, Mark Thomas wrote:
On 31/01/2024 00:15, Ryan Esch wrote:
From what I understand, the container knows if a user is authenticated by
using the session id passed to it and then looking up the user principal
On 01/02/2024 23:45, Christopher Schultz wrote:
All,
Friday seems like a good time to roll a release and call for a vote.
Does anyone want to fit anything in before this round of releases?
Yes. The update to the migration tool.
We might want to think about a Tomcat Native release to pick up
On 31/01/2024 00:15, Ryan Esch wrote:
From what I understand, the container knows if a user is authenticated by
using the session id passed to it and then looking up the user principal. If
this is non-null, the user is authenticated. I am using web.xml with security
constraints and
On 27/01/2024 14:38, Dan McLaughlin wrote:
Hey Mark,
If you see a bug report, then that will mean I was able to reproduce it. I
see different behaviors in our local docker environment. Still, it's
nowhere as complex as our production environment--where everything is
clustered and behind
Hi all,
There have been some fixes are there are currently no open issues so,
unless there are objections, I intend to tag and start the release tomorrow.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For
On 26/01/2024 22:22, Dan McLaughlin wrote:
Hey Konstantin,
Thanks for the reply.
I synced the source last night. I haven't had a chance to step through with
a debugger yet. But the only way I could get the Cookie Path set was to
modify the context.xml and add sessionCookiePath to every
On 26/01/2024 10:46, Manak Bisht wrote:
Hi,
I am trying to extend the AccessLogValve to modify logging behaviour for
certain URLs. However, I don't have access to the request object in the
AccessLogValve API. So, I am left with regex matching on the CharArrayWriter
message object. Is there a
On 25/01/2024 13:55, Tobias Blum (Fujitsu) wrote:
Hello together,
we have updated the Tomcat from Version 9.0.65 to Version 9.0.79.
We are running tomcat on Windows Server 2019
Our Tomcat Version is delivered with SAP BusinessObjects.
We have configured for our Web Application which runs on
On 24/01/2024 15:48, joan.balagu...@ventusproxy.com wrote:
Any help would be really appreciated.
Configuration error.
Someone has done the equivalent of
Or possibly a mis-configured RemoteIpFilter (or Valve).
Or similar.
Mark
Correcting the CVE reference in the text (the subject line is correct)
Mark
On 19/01/2024 10:17, Mark Thomas wrote:
CVE-2023-21733 Apache Tomcat - Information Disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0-M11 to 9.0.43
Apache
I have configured my standard cluster test environment for a 2-node
cluster, using DeltaManager and static membership. httpd is configured
for non-sticky load-balancing.
Each node has the Manager web application and my simple cluster-test
deployed.
og
<https://rmannibucau.metawerx.net/> | Old Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | Book
<https://www.packtpub.com/application-development/java-ee-8-high-performance>
Le lun. 22 j
On 21/01/2024 18:33, Romain Manni-Bucau wrote:
Hi,
I know websocket 1.0 methods without providing the handler type are kind of
deprecated (not recommended would be more correct) so not sure this bug
would get a fix or not.
Long story
short,
On 19/01/2024 19:06, Francisco Dellanio Leite Alencar wrote:
@Mark Thomas,
Is it possible to consider that the minimum support time of Apache Tomcat 9.0.X
is until 2027 (10 years since Released)?
I'd say 2027 is a reasonable estimate of the likely EOL date for 9.0.x
but I'm not going
CVE-2023-46589 Apache Tomcat - Information Disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0-M11 to 9.0.43
Apache Tomcat 8.5.7 to 8.5.63
Description:
Incomplete POST requests triggered an error response that could contain
data from a
Correcting the CVE reference in the text (the subject line is correct)
Mark
On 19/01/2024 10:17, Mark Thomas wrote:
CVE-2023-21733 Apache Tomcat - Information Disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0-M11 to 9.0.43
Apache
Correcting the CVE reference in the text (the subject line is correct)
Mark
On 19/01/2024 10:17, Mark Thomas wrote:
CVE-2023-21733 Apache Tomcat - Information Disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0-M11 to 9.0.43
Apache
Correcting the CVE reference in the text (the subject line is correct)
Mark
On 19/01/2024 10:17, Mark Thomas wrote:
CVE-2023-21733 Apache Tomcat - Information Disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0-M11 to 9.0.43
Apache
push up a branch.
Thanks for the offer but I have already fixed the issue.
Mark
Thank you,
Volodymyr
On Fri, Jan 19, 2024 at 6:38 AM Mark Thomas wrote:
On 16/01/2024 11:44, Rémy Maucherat wrote:
On Tue, Jan 16, 2024 at 11:59 AM Mark Thomas wrote:
Hi all,
I'm not sure what is going
On 16/01/2024 11:44, Rémy Maucherat wrote:
On Tue, Jan 16, 2024 at 11:59 AM Mark Thomas wrote:
Hi all,
I'm not sure what is going on as there has been one significant change
in the announcement already but it looks to me as if the minimum Java
version for Jakarta EE 11 is changing to Java 17
On 19/01/2024 10:24, Rémy Maucherat wrote:
On Fri, Jan 19, 2024 at 11:08 AM Mark Thomas wrote:
On 19/01/2024 09:22, Rémy Maucherat wrote:
On Thu, Jan 18, 2024 at 8:18 PM wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
CVE-2023-46589 Apache Tomcat - Information Disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0-M11 to 9.0.43
Apache Tomcat 8.5.7 to 8.5.63
Description:
Incomplete POST requests triggered an error response that could contain
data from a
CVE-2023-46589 Apache Tomcat - Information Disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0-M11 to 9.0.43
Apache Tomcat 8.5.7 to 8.5.63
Description:
Incomplete POST requests triggered an error response that could contain
data from a
CVE-2023-46589 Apache Tomcat - Information Disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0-M11 to 9.0.43
Apache Tomcat 8.5.7 to 8.5.63
Description:
Incomplete POST requests triggered an error response that could contain
data from a
to refs/heads/10.1.x by this push:
new 67638c17e7 Fix backport of BZ 66508 regression fix
67638c17e7 is described below
commit 67638c17e7c19a0280ccafa340183fb179af92f5
Author: Mark Thomas
AuthorDate: Thu Jan 18 18:52:30 2024 +
Fix backport of BZ 66508 regression fix
I don't
On 18/01/2024 12:33, Rainer Jung wrote:
Hi all,
after the refactorings for the testing of the forbidden client initiated
renegotiations, these unit tests fail for me for the last tags of TC 8.5
and 9, but not for 10.1 and 11. I am using JSSE and the tests fail
consistently for all four JDK
On 18/01/2024 09:22, 2460873257 wrote:
Hi Tomcat Experts:
I'm trying to Looking for a solution to disable the tomcat *
Options request,
Why?
but upon checking the source code, it seems that it is
directly defined in the code. Is there a configuration provided to
disable it?
No.
This question belongs on the users mailing list, not the dev list.
Mark
On 18/01/2024 06:24, 2460873257 wrote:
Hi Tomcat Experts:
I'm trying to Looking for a solution to disable the tomcat *
Options request, but upon checking the source code, it seems that it is
directly defined in
On 16/01/2024 15:20, Sean Whitton wrote:
Hello Mark,
On Mon 18 Dec 2023 at 05:00pm GMT, Mark Thomas wrote:
Am I understanding this request correctly?
Freexian has sold at least one customer - probably multiple
customers - long term support for Tomcat 8.0.x and has now found that
it is unable
Hi all,
I'm not sure what is going on as there has been one significant change
in the announcement already but it looks to me as if the minimum Java
version for Jakarta EE 11 is changing to Java 17 rather than Java 21.
https://www.eclipse.org/lists/jakartaee-platform-dev/msg04371.html
It
On 15/01/2024 14:23, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-tck.git
at 4d1b1e7 Initial setup. Should work for EL and WebSocket.
It would
On 15/01/2024 09:43, Rémy Maucherat wrote:
On Mon, Jan 15, 2024 at 9:30 AM Mark Thomas wrote:
Hi all,
I have just uploaded the latest 10.1.x to Coverity scan for analysis.
It is going to take a while to process the Coverity build results. I'm
expecting the new results to be available
On 15/01/2024 08:45, koteswara Rao Gundapaneni wrote:
On Sun, 14 Jan 2024, 18:13 koteswara Rao Gundapaneni, <
koti.gundapan...@gmail.com> wrote:
hi
Daemon threads have identified the performance issue inorder to complete .
Thread which is set as daemon by default has performance
Hi all,
I have just uploaded the latest 10.1.x to Coverity scan for analysis.
It is going to take a while to process the Coverity build results. I'm
expecting the new results to be available in the UI in a few hours or so.
Mark
That explanation makes no sense.
If English is not your first language, try using your first language.
Someone here likely speaks it and those that don't can use Google translate.
Mark
regards,
koti
On Sun, Jan 14, 2024 at 4:13 AM Mark Thomas wrote:
You have yet to provide an explanation
/KotiSpringRepository/tree/master>
Please find my attested changes in whole file 'Bootstrap.java'.
On Fri, Jan 12, 2024 at 12:24 AM Mark Thomas mailto:ma...@apache.org>> wrote:
On 12/01/2024 08:16, koteswara Rao Gundapaneni
Hi all,
This is a heads up that I'll be requesting a new GitHub repository to
house the Tomcat TCK integration.
I have this running locally for EL and WebSocket and will hopefully be
adding Servlet and JSP support in the coming weeks.
Mark
Mark
-- Forwarded message -
From: Mark Thomas
Date: Sat, Jan 6, 2024 at 2:05 AM
Subject: Re: Supposed to provide performance at daemon thread in tomcat
To:
Please read my previous response and follow the instructions you were given.
Mark
On 06/01/2024 06:26, koteswara Rao Gundapaneni wrot
On 09/01/2024 18:16, jean-frederic clere wrote:
Hi,
While testing 10.1.18 I have the remaining failing tests:
com/sun/ts/tests/servlet/api/jakarta_servlet_http/cookie/URLClient.java#setMaxAgePositiveTest
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 11.0.0-M16 (alpha).
Apache Tomcat 11 is an open source software implementation of the
Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language,
Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 11.0.0-M16 (alpha).
Apache Tomcat 11 is an open source software implementation of the
Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language,
Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 11.0.0-M16 (alpha).
Apache Tomcat 11 is an open source software implementation of the
Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language,
Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 11.0.0-M16 (alpha).
Apache Tomcat 11 is an open source software implementation of the
Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language,
Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations
The following votes were cast:
Binding:
+1: markt, remm, schultz, isapir, lihan
No other votes were cast.
The vote therefore passes.
Thanks to everyone who contributed to this release.
Mark
-
To unsubscribe, e-mail:
onus is on you to provide the steps necessary for
someone on this list to recreate the problem you are seeing starting
from a Tomcat distribution downloaded from tomcat.apache.org
Mark
Thanks,
Omkar V.
-Original Message-
From: Mark Thomas
Sent: Friday, January 5, 2024 6:00 PM
To: users
On 05/01/2024 16:53, Christopher Schultz wrote:
The proposed 8.5.98 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 8.5.98 (stable)
The build is cross-platform repeatable apart from the fulldocs package
which is due to a known Javadoc bug.
Tests pass on Linux
On 05/01/2024 15:25, Christopher Schultz wrote:
The proposed 10.1.18 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 10.1.18
Tests pass on Linux for NIO and NIO2 with Tomcat Native 2.0.6 and
OpenSSL 3.0.2 (locally built Tomcat Native with Ubuntu provided
r$Worker.run(ThreadPoolExecutor.java:636)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:1583)
- ---
Testcase: testAsyncTiming took 26.259 sec
FAILED
.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 8fe3db67fdd69c160367982e85b23bfe01689c5c
Author: Mark Thomas
AuthorDate: Wed Jan 3 10:43:07 2024 +
This is a performance test - use correct naming
On 08/01/2024 06:47, i...@flyingfischer.ch wrote:
https://endoflife.date/tomcat
Am 08.01.24 um 07:39 schrieb Deshmukh, Kedar:
Hello,
Could you please throw some light on Tomcat versions and its EOL plan?
See https://tomcat.apache.org/whichversion.html
1. 8.5.X
EOL 31 March 2024
, 2024 at 12:12 AM Mark Thomas wrote:
On 05/01/2024 05:15, koteswara Rao Gundapaneni wrote:
It seems there are further permissions to be added at Github
*Error received via Github is as : **Pull request creation failed.
Validation failed: must be a collaborator*
Anyone can submit a pull request
On 05/01/2024 09:25, Rémy Maucherat wrote:
The proposed 9.0.85 release is:
[ ] -1, Broken - do not release
[X] +1, Stable - go ahead and release as 9.0.85
Tests pass on Linux for NIO, NIO2 and APR with Tomcat Native 1.2.39 and
OpenSSL 3.0.2 (locally built Tomcat Native with Ubuntu provided
You will need to provide more details.
A default Tomcat install does not create parent and child processes so
zombie processes cannot occur.
I'll also note that zombie process do not consume system resources
(apart from a process ID).
Please provide the steps you used to recreate this
On 04/01/2024 21:08, Mark Thomas wrote:
The proposed 11.0.0-M16 release is:
[ ] -1 Broken - do not release
[X] +1 Alpha - go ahead and release as 11.0.0-M16
Tests pass on Linux for NIO and NIO2 with Tomcat Native 2.0.6 and
OpenSSL 3.0.2 (locally built Tomcat Native with Ubuntu provided
On 05/01/2024 09:15, Mark Thomas wrote:
On 05/01/2024 08:59, Rémy Maucherat wrote:
On Thu, Jan 4, 2024 at 10:09 PM Mark Thomas wrote:
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1474
It is still open with a signature error. Did you use
On 05/01/2024 08:59, Rémy Maucherat wrote:
On Thu, Jan 4, 2024 at 10:09 PM Mark Thomas wrote:
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1474
It is still open with a signature error. Did you use the right key to sign ?
Odd. I saw no errors
On 05/01/2024 05:15, koteswara Rao Gundapaneni wrote:
It seems there are further permissions to be added at Github
*Error received via Github is as : **Pull request creation failed.
Validation failed: must be a collaborator*
Anyone can submit a pull request to the Tomcat repository. The only
The proposed Apache Tomcat 11.0.0-M16 release is now available for
voting.
Apache Tomcat 11.0.0-M16 is a milestone release of the 11.0.x branch and
has been made to provide users with early access to the new features in
Apache Tomcat 11.0.x so that they may provide feedback. The notable
On 03/01/2024 14:55, Christopher Schultz wrote:
Mark,
On 1/2/24 06:30, Mark Thomas wrote:
Hi all,
What do we think about a January release? The changelog is fairly
short but there is a fix for the regression in parsing keys/certs
generated by older OpenSSL versions.
I was planning
On 03/01/2024 11:29, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
from 786285c1ae Forgot the code cleanup
new 996c00741b Only need one
On 18/12/2023 17:00, Mark Thomas wrote:
On 17/12/2023 16:32, Sean Whitton wrote:
Hello,
I am working to backport the fix for CVE-2023-46589 to Tomcat version
8.0.14, which is what we have in Debian "jessie". This is under the
Extended LTS project for older Debian releases, run b
Hi all,
What do we think about a January release? The changelog is fairly short
but there is a fix for the regression in parsing keys/certs generated by
older OpenSSL versions.
I was planning on implementing a fix for BZ 68348 [1] and could tag
after that if there is general agreement to do
On 25/12/2023 04:12, Igal Sapir wrote:
Any thoughts why I get ClassNotFoundException: listeners.ContextListener
(and other listeners) when I run Tomcat in an IDE (IntelliJ IDEA)?
It looks like the docBase is set to the source dir for the webapps. That
probably means there aren't any compiled
On 30/12/2023 06:03, bugzi...@apache.org wrote:
asd123235 changed:
Bug deleted and the idiot's account has been disabled.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail:
On 26/12/2023 12:00, koteswara Rao Gundapaneni wrote:
HTTP Patch option should be deprecated as the option is doing partial
changes to an existing resource.
PATCH is a method, not an option. Using the correct terminology is
important to avoid confusion. Especially when OPTIONS is also a
On 22/12/2023 14:36, jean-frederic clere wrote:
On 12/22/23 15:20, jean-frederic clere wrote:
On 12/22/23 11:21, Mark Thomas wrote:
On 22/12/2023 10:01, jean-frederic clere wrote:
Yep, is there an "easy" way to configure the
CharsetMapperDefault.properties used by the map
On 22/12/2023 10:01, jean-frederic clere wrote:
Yep, is there an "easy" way to configure the
CharsetMapperDefault.properties used by the mapper?
Add the following to the global web.xml
ja
Shift_JIS
Mark
On 19/12/2023 13:05, jean-frederic clere wrote:
Hi,
I have tried to run the TCK against Tomcat-10.1.17 I have 12 failed
tests. Before investigating I have questions:
Did someone run the servlet TCK recently?
Not recently but I have run it.
Are some tests expected to fail (well for sure
On 19/12/2023 12:32, Kaluva S wrote:
Hi,
We are planning to migrate from tomcat 9.0.x to Tomcat 10.1.x but want to
know about EOL for both the releases. On the official tomcat website, we
couldn't find any information about this.
If anyone knows, please share so that we will plan accordingly.
On 17/12/2023 16:32, Sean Whitton wrote:
Hello,
I am working to backport the fix for CVE-2023-46589 to Tomcat version
8.0.14, which is what we have in Debian "jessie". This is under the
Extended LTS project for older Debian releases, run by Freexian SARL.
On 18/12/2023 09:50, purtrator wrote:
There are many types of things one can do with HTTP Request Smuggling,
is this an attack where header theft, cache poisoning or even response
queue poisoning is possible?
What are the possible damage scenarios?
Assume that any attack enabled by request
17 Dec 2023 21:31:10 Chuck Caldarale :
On Dec 16, 2023, at 23:05, Arbol One wrote:
Hello.
In my NetBeans IDE, I have a ANT web project, to which I have added
under Libraries the JSTL 1.2.7 - jstl-impl.jar and the JSTL 1.2.7 -
jstl-api.jar libraries. However, when adding this code :
17 Dec 2023 21:31:10 Chuck Caldarale :
On Dec 16, 2023, at 23:05, Arbol One wrote:
Hello.
In my NetBeans IDE, I have a ANT web project, to which I have added
under Libraries the JSTL 1.2.7 - jstl-impl.jar and the JSTL 1.2.7 -
jstl-api.jar libraries. However, when adding this code :
18 Dec 2023 05:31:24 Mohammed Ramadan Ghallab
:
Hello
I’m using tomcat and I want to create a virtual directory but I can’t
do that
if it isn’t possible can you please tell me how to integrate tomcat
with IIS
https://tomcat.apache.org/connectors-doc/webserver_howto/iis.html
Tested and
On 15/12/2023 14:48, Christopher Schultz wrote:
Do we need to argue over encoding and/or rules of
case-insensitive-matching?
Could we? Probably. Do we need to? Unlikely.
My expectation is that most clients aren't even including the host in
the request line these days.
Non-ASCII hostnames
On 15/12/2023 14:51, Christopher Schultz wrote:
I replied on users@ about this. Is ASCII-comparison sufficient?
I believe so, yes.
Could we speed things up dramatically by performing a byte-wise
comparison first, and only fall-back to (slower) case-insensitive
comparison if that fails?
201 - 300 of 22396 matches
Mail list logo
