On 19/08/2015 15:49, Christopher Schultz wrote: > Mark, > > On 8/18/15 8:42 AM, Mark Thomas wrote: >> The proposed Apache Tomcat 8.0.26 release is now available for voting. >> This fixes the BOM issue with changelog.xml in the 8.0.25 tag. >> >> The main changes since 8.0.24 are: >> >> - Fix EOF handling in the AJP APR/native connector to avoid the tight >> loop that caused high CPU load >> >> - Avoid an NPE when adding POJO WEebSocket endpoints programmatically >> >> - Improved handling of async timeouts >> >> >> There is the usual collection of bug fixes, new features and >> performance improvements. For full details, see the changelog: >> http://svn.us.apache.org/repos/asf/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml >> >> It can be obtained from: >> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.26/ >> The Maven staging repo is: >> https://repository.apache.org/content/repositories/orgapachetomcat-1049/ >> The svn tag is: >> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_26/ >> >> The proposed 8.0.26 release is: >> [ ] Broken - do not release >> [X] Stable - go ahead and release as 8.0.26 > > No complaints in a semi-busy development environment. > > With a caveat: the OpenSSLParser unit tests are failing in my > environment (note the OpenSSL version from below, which actually > somewhat lies, since it's got lots of Debian-security back-ports from > later versions):
That is expected. The back-ports include the security fixes but not the new ciphers, aliases that the tests expect. The main purpose of those tests is to make sure we don't miss any new ciphers, aliases or changes to definitions of aliases. Getting the tests working with the latest versions of the supported OpenSSL branches was hard enough work. I don't fancy taking on getting them working with the popular Linux distros as well. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org