> 2022年10月25日 23:51,Mark Thomas <ma...@apache.org> 写道:
>
> Hi all,
>
> I've just seen the heads up from the OpenSSL project that there will be a
> 3.0.7 release on 2022-12-01 that will address a critical vulnerability. We
> won't know the details of the vulnerability until the release announcement.
> Given that it may trigger a Tomcat Native release my current thinking is:
>
> - prep for November releases as normal
> - review the OpenSSL issue once public
> - roll a Tomcat Native release if necessary
> - update to the new Tomcat Native release of there is one
> - roll the Tomcat releases
>
> Do we want to pick up an updated migration tool as well?
Sure, I have merged the PR and so far everything seems to be OK, and it’s
indeed faster.
Han
>
> Mark
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org