dev  

Messages by Thread

• (tomcat) branch main updated: Allow changing the server string remm
• svn commit: r1929402 - in tomcat/site/trunk: docs xdocs markt
• Fwd: Inquiry Regarding End of Life (EOL) Date for Apache Tomcat 9 & 10 Brian Proffitt
  • Re: Fwd: Inquiry Regarding End of Life (EOL) Date for Apache Tomcat 9 & 10 Michael Osipov
• svn commit: r1929401 - in tomcat/site/trunk: docs xdocs markt
• svn commit: r1929395 - in tomcat/site/trunk: docs xdocs markt
• (tomcat) branch 9.0.x updated: Update to JSign 7.4 markt
• (tomcat) branch 10.1.x updated: Update to JSign 7.4 markt
• (tomcat) branch 11.0.x updated: Update to JSign 7.4 markt
• (tomcat) branch main updated: Update to JSign 7.4 markt
• (tomcat) branch 9.0.x updated: Update to Jacoco 0.8.14 markt
• (tomcat) branch 10.1.x updated: Update to Jacoco 0.8.14 markt
• (tomcat) branch 11.0.x updated: Update to Jacoco 0.8.14 markt
• (tomcat) branch main updated: Update to Jacoco 0.8.14 markt
• (tomcat) branch 10.1.x updated: Add release date for 10.1.48 markt
• (tomcat) branch 9.0.x updated: Update to Checkstyle 12.1.1 markt
• (tomcat) branch 10.1.x updated: Update to Checkstyle 12.1.1 markt
• (tomcat) branch 11.0.x updated: Update to Checkstyle 12.1.1 markt
• (tomcat) branch main updated: Update to Checkstyle 12.1.1 markt
• (tomcat) branch 9.0.x updated: Update to Byte Buddy 1.17.8 markt
• (tomcat) branch 10.1.x updated: Update to Byte Buddy 1.17.8 markt
• (tomcat) branch 11.0.x updated: Update to Byte Buddy 1.17.8 markt
• (tomcat) branch main updated: Update to Byte Buddy 1.17.8 markt
• (tomcat) branch 11.0.x updated: Fix back port markt
• (tomcat) branch 11.0.x updated: Update Eclipse JDT compiler to 4.37 (a.k.a. 3.43.0) markt
• (tomcat) branch main updated: Update Eclipse JDT compiler to 4.37 (a.k.a. 3.43.0) markt
• svn commit: r80344 - in release/tomcat: tomcat-10/v10.1.47 tomcat-11/v11.0.12 tomcat-9/v9.0.110 markt
• svn commit: r1929388 - in tomcat/site/trunk: docs xdocs markt
• [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
  • Re: [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
  • Re: [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
  • Re: [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
  • Re: [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
  • Re: [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
  • Re: [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
  • Re: [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
  • Re: [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
  • Re: [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
  • Re: [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
  • Re: [PR] Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts [tomcat] via GitHub
• [Bug 69866] New: OpenSSLContexts leak across reload through JNI global reference when using truststore bugzilla
  • [Bug 69866] OpenSSLContexts leak across reload through JNI global reference when using truststore bugzilla
  • [Bug 69866] OpenSSLContexts leak across reload through JNI global reference when using truststore bugzilla
  • [Bug 69866] OpenSSLContexts leak across reload through JNI global reference when using truststore bugzilla
• [SECURITY] CVE-2025-55752 Apache Tomcat - Directory traversal via rewrite with possible RCE if PUT is enabled Mark Thomas
• [SECURITY] CVE-2025-61795 Apache Tomcat - Delayed cleaning of multipart upload temporary files may lead to DoS Mark Thomas
• svn commit: r1929379 - in tomcat/site/trunk: docs xdocs markt
• [SECURITY] CVE-2025-55754 Apache Tomcat - Console manipulation via escape sequences in log messages Mark Thomas
• (tomcat) branch main updated (894f69c8e8 -> 9921a00d3f) remm
  • (tomcat) 01/01: Merge pull request #911 from apache/dependabot/github_actions/actions/upload-artifact-5 remm
• (tomcat) branch dependabot/github_actions/actions/upload-artifact-5 deleted (was 8294c426a6) github-bot
• (tomcat) branch dependabot/github_actions/actions/upload-artifact-5 created (now 8294c426a6) github-bot
• [PR] Bump actions/upload-artifact from 4 to 5 [tomcat] via GitHub
  • Re: [PR] Bump actions/upload-artifact from 4 to 5 [tomcat] via GitHub
• (tomcat-jakartaee-migration) branch dependabot/github_actions/actions/upload-artifact-5 deleted (was d2bfc65) github-bot
• (tomcat-jakartaee-migration) branch main updated: Bump actions/upload-artifact from 4 to 5 remm
• Tomcat and JDK-25 and the fix of File.exists() Erwin Stadlbauer
  • Re: Tomcat and JDK-25 and the fix of File.exists() Mark Thomas
  • Re: Tomcat and JDK-25 and the fix of File.exists() Erwin Stadlbauer
  • Re: Tomcat and JDK-25 and the fix of File.exists() Mark Thomas
  • Re: Tomcat and JDK-25 and the fix of File.exists() Mark Thomas
  • Re: Tomcat and JDK-25 and the fix of File.exists() Christopher Schultz
  • Re: Tomcat and JDK-25 and the fix of File.exists() Erwin Stadlbauer
• (tomcat-jakartaee-migration) branch dependabot/github_actions/actions/upload-artifact-5 created (now d2bfc65) github-bot
• [PR] Bump actions/upload-artifact from 4 to 5 [tomcat-jakartaee-migration] via GitHub
  • Re: [PR] Bump actions/upload-artifact from 4 to 5 [tomcat-jakartaee-migration] via GitHub
• (tomcat) branch 9.0.x updated (686137dd8a -> 1b338d09b7) remm
  • (tomcat) 02/02: Java compat remm
  • (tomcat) 01/02: Avoid NPE on Servlet exception unwrap remm
• (tomcat) branch 10.1.x updated (fe5ceececf -> 060df11130) remm
  • (tomcat) 02/02: Java compat remm
  • (tomcat) 01/02: Avoid NPE on Servlet exception unwrap remm
• (tomcat) branch 11.0.x updated: Avoid NPE on Servlet exception unwrap remm
• (tomcat) branch main updated: Avoid NPE on Servlet exception unwrap remm
• [Bug 69862] New: NullPointerException in JspServletWrapper.handleJspException masks original exception when getRootCause() returns null bugzilla
  • [Bug 69862] NullPointerException in JspServletWrapper.handleJspException masks original exception when getRootCause() returns null bugzilla
• [Bug 69861] New: Google Ranking bugzilla
  • [Bug 69861] Google Ranking bugzilla
  • [Bug 69861] SPAM bugzilla
  • [Bug 69861] SPAM bugzilla
  • [Bug 69861] SPAM bugzilla
• (tomcat) branch 9.0.x updated: Add missing items remm
• (tomcat) branch 10.1.x updated: Add missing items remm
• (tomcat) branch 11.0.x updated: Add missing items remm
• (tomcat) branch main updated: Add missing items remm
• (tomcat) branch 9.0.x updated: Fix typo in changelog rjung
• (tomcat) branch 10.1.x updated: Fix typo in changelog rjung
• (tomcat) branch 11.0.x updated: Fix typo in changelog rjung
• (tomcat) branch 9.0.x updated: Add TestStartupIPv6Connectors to verify IPv6 bind dsoumis
• [PR] Add TestStartupIPv6Connectors to verify IPv6 bind [tomcat] via GitHub
  • Re: [PR] Add TestStartupIPv6Connectors to verify IPv6 bind [tomcat] via GitHub
• Re: [PR] Use a deep copy of query stats whose values won't change during sorting. [tomcat] via GitHub
  • Re: [PR] Use a deep copy of query stats whose values won't change during sorting. [tomcat] via GitHub
  • Re: [PR] Use a deep copy of query stats whose values won't change during sorting. [tomcat] via GitHub
  • Re: [PR] Use a deep copy of query stats whose values won't change during sorting. [tomcat] via GitHub
  • Re: [PR] Use a deep copy of query stats whose values won't change during sorting. [tomcat] via GitHub
  • Re: [PR] Use a deep copy of query stats whose values won't change during sorting. [tomcat] via GitHub
• [Bug 69856] New: Transform your space with Tapron’s luxury bathroom and kitchen fittings—where timeless design meets unmatched quality. bugzilla
  • [Bug 69856] Transform your space with Tapron’s luxury bathroom and kitchen fittings—where timeless design meets unmatched quality. bugzilla
  • [Bug 69856] Transform your space with Tapron’s luxury bathroom and kitchen fittings—where timeless design meets unmatched quality. bugzilla
  • [Bug 69856] SPAM SPAM SPAM SPAM bugzilla
• (tomcat) branch main updated: Fix distro line endings for new llm files markt
• (tomcat) branch 9.0.x updated: Fix race condition. markt
• (tomcat) branch main updated: Remove unnecessary @SuppressWarnings markt
• (tomcat) branch 10.1.x updated (dee994384c -> c345241d1a) dsoumis
  • (tomcat) 03/07: If we set ok=0 with errnum==X509_V_OK (0), OpenSSL emits a fatal internal_error. Tolerate V_OCSP_CERTSTATUS_UNKNOWN and let the client policy (e.g. NO_FALLBACK) decide. dsoumis
  • (tomcat) 02/07: CAs may not issue CRLs. dsoumis
  • (tomcat) 05/07: Set specific error when V_OCSP_CERTSTATUS_REVOKED dsoumis
  • (tomcat) 07/07: Refactor multiple instances of same code block in TestOcspIntegration dsoumis
  • (tomcat) 01/07: If optionalNoCA is configured then OCSP should be disabled. dsoumis
  • (tomcat) 04/07: If the OCSP response is null, the error is set as X509_V_ERR_APPLICATION_VERIFICATION (50). Should not pass our verification process. dsoumis
  • (tomcat) 06/07: Ehnance tests and fix various issues in TestOcspIntegration tests dsoumis
• (tomcat) branch 10.1.x updated: Treat new test password files as text files for line-endings markt
• svn commit: r1929002 - in tomcat/site/trunk: . docs docs/tomcat-10.1-doc docs/tomcat-10.1-doc/annotationapi docs/tomcat-10.1-doc/annotationapi/jakarta/annotation docs/tomcat-10.1-doc/annotationapi/jakarta/annotation/security docs/tomcat-10.1-doc/annota... schultz
• (tomcat) branch 11.0.x updated: Deprecate RemoteAddr[Filter|Valve] in favour of RemoteCIDR[Filter|Valve] markt
• (tomcat) branch main updated: Add back OpenSSL 1.1.1 compatibility remm
• (tomcat) branch 9.0.x updated: Fix BZ 69848 - Correct copy/paste error when refactoring method names markt
• (tomcat) branch main updated: Remove deprecated code. Internal storage for method can now use String. markt
• (tomcat) branch 11.0.x updated: Update version number for next development cycle markt
• (tomcat) branch 9.0.x updated: Fix BZ 69844 - server sending masked frames is a protocol error markt
• [Bug 69852] New: {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
  • [Bug 69852] {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
  • [Bug 69852] {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
  • [Bug 69852] {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
  • [Bug 69852] {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
  • [Bug 69852] {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
  • [Bug 69852] {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
  • [Bug 69852] {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
  • [Bug 69852] {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
  • [Bug 69852] {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
  • [Bug 69852] {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
  • [Bug 69852] {MD5}, {SHA} and {SSHA} not honored with Realm/CredentialHandler bugzilla
• (tomcat) branch 11.0.x updated: Fix BZ 69839 - Ensure session ID changes are promulgated to SSO Valve markt
• (tomcat) branch main updated: Treat new test password files as text files for line-endings markt
• (tomcat) branch main updated: Fix race condition. markt
• (tomcat) branch 11.0.x updated: Add missing ASF headers schultz
• svn commit: r1929065 - in tomcat/site/trunk: docs xdocs schultz
• [Bug 64083] JDBC pool keeps closed connection as available bugzilla
• [VOTE] Release Apache Tomcat 9.0.111 Rémy Maucherat
  • Re: [VOTE] Release Apache Tomcat 9.0.111 Dimitris Soumis
  • [VOTE][RESULT] Release Apache Tomcat 9.0.111 Rémy Maucherat
  • Re: [VOTE] Release Apache Tomcat 9.0.111 Igal Sapir
  • Re: [VOTE] Release Apache Tomcat 9.0.111 Mark Thomas
  • Re: [VOTE] Release Apache Tomcat 9.0.111 Christopher Schultz
• Re: [PR] tomcat-jdbc check if returned connection is closed [tomcat] via GitHub
• (tomcat) branch 11.0.x updated: Fix OCSP responses validity by extending them to 365 days in generate-ocsp-test-artifacts.sh for use in TestOcspIntegration tests dsoumis
• (tomcat) branch 9.0.x updated: Next is 9.0.112 remm
• [ANN] Apache Tomcat 11.0.12 Available Mark Thomas
• (tomcat) branch 11.0.x updated: Fix BZ 69844 - server sending masked frames is a protocol error markt
• [Bug 69849] New: OPTIONS, DELETE does not work bugzilla
  • [Bug 69849] OPTIONS, DELETE does not work bugzilla
• [PR] Panama tweaks [tomcat] via GitHub
  • Re: [PR] Panama tweaks [tomcat] via GitHub
• svn commit: r1929121 - in tomcat/site/trunk: docs xdocs markt
• (tomcat) branch 11.0.x updated: Fix BZ 68947 - remove remaining references to removed package markt
• [PR] Correctly handle optionalNoCA verification [tomcat-native] via GitHub
  • Re: [PR] Correctly handle optionalNoCA verification [tomcat-native] via GitHub
• (tomcat) branch 11.0.x updated: Use constant remm
• (tomcat) branch main updated: Remove the deprecated RemoteAddrFilter and RemoteAddrValve markt
• svn commit: r1929119 - in tomcat/site/trunk: . docs xdocs markt
• (tomcat) branch 9.0.x updated: Re-order checks to avoid NPE. Identified by Coverity Scan. markt
• [PR] Parse the pem to skip the seed, like using: [tomcat] via GitHub
• svn commit: r79964 - in dev/tomcat/tomcat-10/v10.1.48: . bin bin/embed src schultz
• svn commit: r1929122 - in tomcat/site/trunk: docs xdocs markt
• (tomcat) branch 10.1.x updated: Add missing changelog on OCSP remm
• (tomcat) branch 9.0.x updated (2893a36945 -> 12a260a0d2) dsoumis
  • (tomcat) 02/07: CAs may not issue CRLs. dsoumis
  • (tomcat) 01/07: If optionalNoCA is configured then OCSP should be disabled. dsoumis
  • (tomcat) 07/07: Refactor multiple instances of same code block in TestOcspIntegration dsoumis
  • (tomcat) 06/07: Ehnance tests and fix various issues in TestOcspIntegration tests dsoumis
  • (tomcat) 04/07: If the OCSP response is null, the error is set as X509_V_ERR_APPLICATION_VERIFICATION (50). Should not pass our verification process. dsoumis
  • (tomcat) 05/07: Set specific error when V_OCSP_CERTSTATUS_REVOKED dsoumis
  • (tomcat) 03/07: If we set ok=0 with errnum==X509_V_OK (0), OpenSSL emits a fatal internal_error. Tolerate V_OCSP_CERTSTATUS_UNKNOWN and let the client policy (e.g. NO_FALLBACK) decide. dsoumis
• (tomcat) branch 10.1.x updated: Use constant remm
• (tomcat) branch 9.0.x updated: Fix source distro line endings for new test script markt
• (tomcat) branch 11.0.x updated: Avoid OpenSSL X509_STORE_CTX_get0_current_issuer function remm
• (tomcat) branch 9.0.x updated: Fix BZ 69845 - Inflater/Deflater throw ISE rather than NPE from Java 25 markt
• (tomcat) branch main updated: Deprecate RemoteAddr[Filter|Valve] in favour of RemoteCIDR[Filter|Valve] markt
• (tomcat) branch 11.0.x updated: Add missing entries to list of output files markt
• (tomcat) branch 9.0.x updated: Add GPG signature verification to verify-release schultz
• (tomcat) branch 10.1.x updated: Add test remm
• (tomcat) branch 11.0.x updated: Fix BZ 69848 - Correct copy/paste error when refactoring method names markt
• [Bug 69850] New: Http Delete Method is resolved as Options bugzilla
  • [Bug 69850] Http Delete Method is resolved as Options bugzilla
• (tomcat) branch 10.1.x updated: Remove unnecessary @SuppressWarnings markt
• (tomcat) branch 10.1.x updated: Reject requests that map to invalid Windows file names earlier. markt
• (tomcat) branch 9.0.x updated: Use constant remm
• (tomcat) branch 9.0.x updated: Relax file name check since input can include paths markt
• svn commit: r79963 - in dev/tomcat/tomcat-9/v9.0.111: . bin bin/embed src remm
• (tomcat) branch main updated: Remove deprecated code scheduled for removal in Tomcat 12. markt
• (tomcat) branch main updated: Align with the other TLS tests remm
• (tomcat) branch 10.1.x updated: Re-order checks to avoid NPE. Identified by Coverity Scan. markt
• (tomcat) branch 9.0.x updated: Retrieve correct principal markt
• (tomcat) branch 10.1.x updated: Formatting remm
• Missing ASF headers in generated documentation Christopher Schultz
  • Re: Missing ASF headers in generated documentation Mark Thomas
  • Re: Missing ASF headers in generated documentation Christopher Schultz
  • Re: Missing ASF headers in generated documentation Mark Thomas
• (tomcat) branch main updated: Modify fix for BZ69836 remm
• svn commit: r80031 - dev/tomcat/tomcat-9/v9.0.111 release/tomcat/tomcat-9/v9.0.111 remm

• Earlier messages
• Later messages