With 6 binding (Remy, Chris, Konstantin, Tim, Rainer and I) and one non-binding
(Ognjen) votes
I declare this vote as passed. I'll copy the artefacts to dist site and create
ANN message
after mirror sync
Version 1.1.30 is bug fixing release with added ECDH
if supported by OpenSSL library.
The
On 10.04.2014 13:50, Mladen Turk wrote:
Version 1.1.30 is bug fixing release with added ECDH
if supported by OpenSSL library.
The proposed release artefacts can be found at [1],
and the build was done using tag [2].
The VOTE will remain open for at least 48 hours.
The Apache Tomcat
On 10/04/2014, at 11:50 pm, Mladen Turk mt...@apache.org wrote:
Version 1.1.30 is bug fixing release with added ECDH
if supported by OpenSSL library.
The proposed release artefacts can be found at [1],
and the build was done using tag [2].
The VOTE will remain open for at least 48 hours.
Mladen,
On 4/10/14, 10:06 AM, Mladen Turk wrote:
On 04/10/2014 05:55 PM, Christopher Schultz wrote:
Mladen,
On 4/10/14, 9:29 AM, Mladen Turk wrote:
On 04/10/2014 03:15 PM, Robert Sanders wrote:
Is the TCN portion of BZ 56027 address completely or partially with
this release?
Nope. This
On 04/11/2014 08:10 PM, Christopher Schultz wrote:
The primary tcnative bit was in svn. Did you build 1.1/trunk, or did you
just apply certain patches?
There was a followup-comment about the 512-bit RSA key generation which
is a separate problem IMO which has not yet been addressed.
Version 1.1.30 is bug fixing release with added ECDH
if supported by OpenSSL library.
The proposed release artefacts can be found at [1],
and the build was done using tag [2].
The VOTE will remain open for at least 48 hours.
The Apache Tomcat Native 1.1.30 is
[ ] Stable, go ahead and release
2014-04-10 13:50 GMT+02:00 Mladen Turk mt...@apache.org:
The Apache Tomcat Native 1.1.30 is
[X] Stable, go ahead and release
[ ] Broken because of ...
Rémy
Mladen,
On 10.4.2014 13:50, Mladen Turk wrote:
The Apache Tomcat Native 1.1.30 is
[X] Stable, go ahead and release
[ ] Broken because of ...
(non-binding)
Tested with Tomcat 8.0.5, Oracle Java 1.7.0_51 on Windows 7 64-bit.
- Filippo.io [1] reports it is not vulnerable to Heartbleed bug.
On 04/10/2014 02:56 PM, Ognjen Blagojevic wrote:
Tested with Tomcat 8.0.5, Oracle Java 1.7.0_51 on Windows 7 64-bit.
- Filippo.io [1] reports it is not vulnerable to Heartbleed bug.
- SSLLabs [2] reports it is not vulnerable to Heartbleed bug.
- SSLLabs reports that Forward secrecy is
] Release Apache Tomcat Native 1.1.30
On 04/10/2014 02:56 PM, Ognjen Blagojevic wrote:
Tested with Tomcat 8.0.5, Oracle Java 1.7.0_51 on Windows 7 64-bit.
- Filippo.io [1] reports it is not vulnerable to Heartbleed bug.
- SSLLabs [2] reports it is not vulnerable to Heartbleed bug.
- SSLLabs reports
that BZ 56027 is only partially addressed, in that
the fipsModeGet() method is now available.
-Rob
From: Robert Sanders [rsand...@trustedcs.com]
Sent: Thursday, April 10, 2014 9:15 AM
To: Tomcat Developers List
Subject: RE: [VOTE] Release Apache Tomcat Native
On 04/10/2014 03:15 PM, Robert Sanders wrote:
Is the TCN portion of BZ 56027 address completely or partially with this
release?
Nope. This issue was not fixed with this release.
Regards
--
^TM
-
To unsubscribe, e-mail:
Mladen,
On 4/10/14, 9:29 AM, Mladen Turk wrote:
On 04/10/2014 03:15 PM, Robert Sanders wrote:
Is the TCN portion of BZ 56027 address completely or partially with
this release?
Nope. This issue was not fixed with this release.
The primary tcnative bit was in svn. Did you build 1.1/trunk, or
Mladen,
On 4/10/14, 5:50 AM, Mladen Turk wrote:
Version 1.1.30 is bug fixing release with added ECDH
if supported by OpenSSL library.
The proposed release artefacts can be found at [1],
and the build was done using tag [2].
The VOTE will remain open for at least 48 hours.
The Apache
2014-04-10 15:50 GMT+04:00 Mladen Turk mt...@apache.org:
Version 1.1.30 is bug fixing release with added ECDH
if supported by OpenSSL library.
The proposed release artefacts can be found at [1],
and the build was done using tag [2].
The VOTE will remain open for at least 48 hours.
The
On 04/10/2014 05:55 PM, Christopher Schultz wrote:
Mladen,
On 4/10/14, 9:29 AM, Mladen Turk wrote:
On 04/10/2014 03:15 PM, Robert Sanders wrote:
Is the TCN portion of BZ 56027 address completely or partially with
this release?
Nope. This issue was not fixed with this release.
The primary
I'll concur with Chris for release. WRT BZ 56027 there is no regression. The
exposure of the fipsModeGet will be useful moving forward to have the main
Tomcat code avoid a double call to initialize SSL, but some one with more
understanding of the FIPS requirements that I do should look at how
On 04/10/2014 05:55 PM, Christopher Schultz wrote:
Mladen,
On 4/10/14, 9:29 AM, Mladen Turk wrote:
On 04/10/2014 03:15 PM, Robert Sanders wrote:
Is the TCN portion of BZ 56027 address completely or partially with
this release?
Nope. This issue was not fixed with this release.
The primary
On 04/10/2014 01:50 PM, Mladen Turk wrote:
The Apache Tomcat Native 1.1.30 is
[X] Stable, go ahead and release
[ ] Broken because of ...
My vote, FTR.
Regards
--
^TM
-
To unsubscribe, e-mail:
19 matches
Mail list logo
