I uploaded rc2 to http://xml.apache.org/axis/dist/1_0rc2/ yesterday, but did not announce it as I was having troubles verifying that the security tests pass. You see, I've been trying to debug for the past 24+ hours or so why I could not get the security tests to pass with released versions of dependencies when they so obviously passed using gump against the latest. Replacing individual jar files with newer versions didn't help.
Finally, I realized what was going on - for the past week or more, we haven't been running security tests at all. The "secure_tests" target does nothing. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13041 opened against the problem with security. Suggestions on what target I should build in order to function test security would also be welcome. - Sam Ruby P.S. Reminder... no fixes go onto the 1_0 branch without a vote.