> Am 14.10.2018 um 23:46 schrieb Daniel Ruggeri <drugg...@primary.net>:
>
> Hi, Helmut;
> Note that the vote may run longer than 72 hours as 72 is the minimum. As it
> stands now, we have more than 3 binding +1 votes, but I am waiting for
> closure on the conversation on-list about the tests with reported H2/TLS 1.3
> failures. Since this is one of the primary features of this release, I want
> to be sure the topic gets due attention.
See my mail on the other thread. It seems that h2 traffic triggers a call
sequence that exposes a change in OpenSSL behaviour of SSL_read() between 1.1.0
and 1.1.1. It looks as if mod_ssl interpreted the return codes of SSL_read() in
a way that no longer works and that we need to change mod_ssl handling here.
Waiting on confirmation or rebuttal of my analysis on the other thread.
Cheers,
Stefan
> --
> Daniel Ruggeri
>
> On October 14, 2018 4:44:04 PM CDT, "Helmut K. C. Tessarek"
> <tessa...@evermeet.cx> wrote:
> On 2018-10-10 15:18, Daniel Ruggeri wrote:
> Hi, all;
> Please find below the proposed release tarball and signatures:
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release this
> candidate tarball as 2.4.36:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha1: e40e7a879b84df860215b8a80f2a535534a1c4b4 *httpd-2.4.36.tar.gz
> sha256: ef788fb7c814acb2506a8b758a1a3f91f368f97bd4e6db16e98001f468e8e288
> *httpd-2.4.36.tar.gz
>
> 72h have passed, so what is the outcome of the vote?
>
