STATUS.txt

billbarker Thu, 02 Apr 2009 19:29:44 -0700

Author: billbarker
Date: Fri Apr  3 02:29:16 2009
New Revision: 761506

URL: http://svn.apache.org/viewvc?rev=761506&view=rev
Log:
remove objection and votes


Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=761506&r1=761505&r2=761506&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Fri Apr  3 02:29:16 2009
@@ -68,14 +68,7 @@
   http://svn.apache.org/viewvc?rev=721886&view=rev (original)
   http://svn.apache.org/viewvc?rev=746425&view=rev (to address Bill's concerns)
   http://svn.apache.org/viewvc?rev=757335&view=rev (to remove the Catalina dep)
-  +1: markt
-   0: billbarker: Haven't tried to break it yet, but the 4th patch potentially
-      offers access to static fields in ELContextImpl and ELResolverImpl that 
could 
-      possibly be exploited by a malicious webapp.
-  -1: billbarker: The 5th patch makes Jasper depend on Catalina, rendering 
Jasper useless
-      to any 3rd party that just wants a JSP compiler.  Removing the Catalina 
dependancy
-      can change my vote to +1 (although, it means trusting modern JVMs to 
clean up after
-      themselves efficiently).
+  +1: markt, billbarker
 
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=46351
   Build script re-factoring
@@ -96,7 +89,7 @@
 * Use some already existing constants instead of explicit
   numbers in the AJP connectors. Backport of
   http://svn.apache.org/viewvc?rev=757706&view=rev
-  +1: rjung, markt
+  +1: rjung, markt, billbarker
   -1:
 
 * Allow huge request body packets for AJP13.
@@ -144,11 +137,13 @@
     This is not for invalidation, only for displaying
     idle times and making persistance decisions.
   +1: rjung, markt
+   0: billbarker: generally agree with remm that this is too big of a change 
for the stable branch
+                 but could agree to some of it if it was split into parts
   -1: remm: no for TC 6.0
 
 * Fix typo in OPTIONS response
   http://svn.apache.org/viewvc?rev=757774&view=rev
-  +1: markt, rjung
+  +1: markt, rjung, billbarker
   -1: 
 
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=46908
@@ -167,7 +162,9 @@
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=46866
   http://svn.apache.org/viewvc?rev=758596&view=rev
   Better init of Random objects
-  +1: markt, rjung
+  +1: markt, rjung, billbarker
+      billbarker:  This is more like a +0.5, since Random isn't that secure in 
the first place.
+                   But the patch seems harmless, so I'll support 
itch-scraching.
   -1: 
 
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=46822



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

svn commit: r761506 - /tomcat/tc6.0.x/trunk/STATUS.txt

Reply via email to