dev  

Messages by Thread

• (tomcat) branch 10.1.x updated: Add unit tests for PQC features dsoumis
• (tomcat) branch 11.0.x updated: Add unit tests for PQC features dsoumis
• (tomcat) branch main updated: Add unit tests for PQC features dsoumis
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Mark Thomas
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Dimitris Soumis
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Dimitris Soumis
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Mark Thomas
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Mark Thomas
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Rémy Maucherat
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Dimitris Soumis
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Mark Thomas
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Mark Thomas
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Dimitris Soumis
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Mark Thomas
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Rémy Maucherat
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Christopher Schultz
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Rainer Jung
  • Re: (tomcat) branch main updated: Add unit tests for PQC features Rainer Jung
• (tomcat) branch 11.0.x updated: Fix potential thread safety issue markt
• (tomcat) branch 9.0.x updated: Fix potential thread safety issue markt
• (tomcat) branch 10.1.x updated: Fix potential thread safety issue markt
• (tomcat) branch main updated: Fix potential thread safety issue markt
• (tomcat) branch 10.1.x updated: Fix IDE warnings markt
• (tomcat) branch main updated: Fix IDE warnings markt
• (tomcat) branch 9.0.x updated: Fix IDE warnings markt
• (tomcat) branch 11.0.x updated: Fix IDE warnings markt
• (tomcat-maven-plugin) branch dependabot/maven/org.apache-apache-38 deleted (was a52663a) github-bot
• (tomcat-maven-plugin) branch trunk updated (51e95bf -> 1789434) remm
  • (tomcat-maven-plugin) 01/01: Merge pull request #124 from apache/dependabot/maven/org.apache-apache-38 remm
• (tomcat-maven-plugin) branch dependabot/maven/org.apache-apache-38 created (now a52663a) github-bot
• [PR] Bump org.apache:apache from 37 to 38 [tomcat-maven-plugin] via GitHub
  • Re: [PR] Bump org.apache:apache from 37 to 38 [tomcat-maven-plugin] via GitHub
• (tomcat) branch 9.0.x updated: Update StoreRegistry to dynamically load clustering classes (#1005) dsoumis
• (tomcat) branch 10.1.x updated: Update StoreRegistry to dynamically load clustering classes (#1005) dsoumis
• (tomcat) branch 11.0.x updated: Update StoreRegistry to dynamically load clustering classes (#1005) dsoumis
• How to approach security fixes Mark Thomas
  • Re: How to approach security fixes Rémy Maucherat
  • Re: How to approach security fixes Mark Thomas
  • Re: How to approach security fixes Mark Thomas
  • Re: How to approach security fixes Rémy Maucherat
  • Re: How to approach security fixes Mark Thomas
  • Re: How to approach security fixes Mark Thomas
  • Re: How to approach security fixes Christopher Schultz
  • Re: How to approach security fixes Mark Thomas
  • Re: How to approach security fixes Christopher Schultz
• (tomcat) branch main updated: Update StoreRegistry to dynamically load clustering classes (#1005) dsoumis
• Jakarta EE release cadence Mark Thomas
  • Re: Jakarta EE release cadence Rémy Maucherat
  • Re: Jakarta EE release cadence Coty Sutherland
  • Re: Jakarta EE release cadence Christopher Schultz
• [SECURITY] CVE-2026-43512 Apache Tomcat - Digest authenticator will authenticate any unknown user Mark Thomas
• [SECURITY] CVE-2026-43515 Apache Tomcat - Security constraints not correctly applied Mark Thomas
• [SECURITY] CVE-2026-43513 Apache Tomcat - LockOutRealm treats user names as case-sensitive Mark Thomas
• [SECURITY] CVE-2026-43514 Apache Tomcat - AJP secret compared in non-constant time Mark Thomas
• [SECURITY] CVE-2026-41284 Apache Tomcat - Unbounded read in WebDAV LOCK and PROPFIND handling Mark Thomas
• [SECURITY] CVE-2026-41293 Apache Tomcat - HTTP/2 request headers not validated Mark Thomas
• [SECURITY] CVE-2026-42498 Apache Tomcat - WebSocket authentication header exposure Mark Thomas
• svn commit: r1934143 - in tomcat/site/trunk: docs xdocs markt
• [PR] Add explicit read-only permissions to CI workflows [tomcat] via GitHub
  • Re: [PR] Add explicit read-only permissions to CI workflows [tomcat] via GitHub
  • Re: [PR] Add explicit read-only permissions to CI workflows [tomcat] via GitHub
  • Re: [PR] Add explicit read-only permissions to CI workflows [tomcat] via GitHub
• svn commit: r1934139 - in tomcat/site/trunk: docs xdocs/stylesheets markt
• svn commit: r1934136 - tomcat/site/trunk/docs markt
• (tomcat) branch 9.0.x updated: Fix merge error in comment markt
• (tomcat) branch 10.1.x updated: Fix merge error in comment markt
• (tomcat) branch 10.1.x updated: Additional context path validation on deployment markt
• (tomcat) branch 9.0.x updated: Additional context path validation on deployment markt
• (tomcat) branch 11.0.x updated: Additional context path validation on deployment markt
• (tomcat) branch main updated: Additional context path validation on deployment markt
• (tomcat) branch 10.1.x updated: Fix BZ 70038 - Cookie.clone() should also clone internal attribute map markt
• (tomcat) branch 11.0.x updated: Fix BZ 70038 - Cookie.clone() should also clone internal attribute map markt
• (tomcat) branch main updated: Fix BZ 70038 - Cookie.clone() should also clone internal attribute map markt
• [Bug 70038] New: Cookie.clone() is shallow but reference implementation is deep bugzilla
  • [Bug 70038] Cookie.clone() is shallow but reference implementation is deep bugzilla
  • [Bug 70038] Cookie.clone() is shallow but reference implementation is deep bugzilla
• (tomcat) branch 9.0.x updated: Add release date remm
• svn commit: r1934125 - in tomcat/site/trunk: . docs docs/tomcat-10.1-doc docs/tomcat-10.1-doc/annotationapi docs/tomcat-10.1-doc/annotationapi/jakarta/annotation docs/tomcat-10.1-doc/annotationapi/jakarta/annotation/security docs/tomcat-10.1-doc/annota... schultz
• [ANN] Apache Tomcat 10.1.55 Available Christopher Schultz
• (tomcat) branch 10.1.x updated: Add release date schultz
• svn commit: r84470 - release/tomcat/tomcat-10/v10.1.54 schultz
• svn commit: r84469 - dev/tomcat/tomcat-10/v10.1.55 release/tomcat/tomcat-10/v10.1.55 schultz
• (tomcat) branch 10.1.x updated (27ed96937c -> 4e6141951d) remm
  • (tomcat) 02/03: Add Javadoc indicating that these classes are stubs remm
  • (tomcat) 03/03: @SupressWarnings not required if classes have Javadoc remm
• (tomcat) branch 11.0.x updated: @SupressWarnings not required if classes have Javadoc markt
• (tomcat) branch main updated: @SupressWarnings not required if classes have Javadoc markt
• (tomcat) branch 11.0.x updated: Add Javadoc indicating that these classes are stubs remm
• (tomcat) branch main updated: Add Javadoc indicating that these classes are stubs remm
• Re: (tomcat) branch 11.0.x updated: Fix Jakarta EE APIs javadoc issues Mark Thomas
• [ANN] Apache Tomcat 9.0.118 available Rémy Maucherat
• (tomcat-jakartaee-migration) branch dependabot/maven/org.apache-apache-38 deleted (was 8be4bf4) github-bot
• (tomcat-jakartaee-migration) branch main updated: Bump org.apache:apache from 37 to 38 remm
• (tomcat-jakartaee-migration) branch dependabot/maven/org.apache-apache-38 created (now 8be4bf4) github-bot
• [PR] Bump org.apache:apache from 37 to 38 [tomcat-jakartaee-migration] via GitHub
  • Re: [PR] Bump org.apache:apache from 37 to 38 [tomcat-jakartaee-migration] via GitHub
• svn commit: r1934065 - in tomcat/site/trunk/docs/tomcat-9.0-doc/api/org/apache: catalina/authenticator tomcat/util/security remm
• svn commit: r1934064 - in tomcat/site/trunk/docs/tomcat-9.0-doc: . annotationapi annotationapi/javax/annotation annotationapi/javax/annotation/security annotationapi/javax/annotation/sql api api/org/apache/catalina api/org/apache/catalina/ant api/org/a... remm
• svn commit: r1934063 - in tomcat/site/trunk: . docs xdocs remm
• svn commit: r84433 - dev/tomcat/tomcat-9/v9.0.118 release/tomcat/tomcat-9/v9.0.118 remm
• [Bug 57485] mod_jk passed the incomplete chunked transferred request body to tomcat bugzilla
• (tomcat) branch 11.0.x updated: Add release dates for 11.0.21, 11.0.22. kkolinko
• (tomcat) branch main updated: Update Javadoc checkstyle with current figures remm
• (tomcat) branch 9.0.x updated: Javadoc fixes and improvements remm
• (tomcat) branch 10.1.x updated: Javadoc fixes and improvements remm
• (tomcat) branch 11.0.x updated: Javadoc fixes and improvements remm
• (tomcat) branch 9.0.x updated: Prevent accidental directory traversal markt
• (tomcat) branch 10.1.x updated: Prevent accidental directory traversal markt
• (tomcat) branch 11.0.x updated: Prevent accidental directory traversal markt
• (tomcat) branch main updated: Final review of manager upload protections markt
• (tomcat) branch main updated: Update versioned path check after CoPilot review markt
• (tomcat) branch main updated: Prevent accidental directory traversal markt
  • Re: (tomcat) branch main updated: Prevent accidental directory traversal Mark Thomas
  • Re: (tomcat) branch main updated: Prevent accidental directory traversal Coty Sutherland
  • Re: (tomcat) branch main updated: Prevent accidental directory traversal Coty Sutherland
  • Re: (tomcat) branch main updated: Prevent accidental directory traversal Mark Thomas
  • Re: (tomcat) branch main updated: Prevent accidental directory traversal Coty Sutherland
• (tomcat) branch 10.1.x updated: Prevent duplicate cluster unavailability log message csutherl
• (tomcat) branch 9.0.x updated: Prevent duplicate cluster unavailability log message csutherl
• (tomcat) branch main updated: Prevent duplicate cluster unavailability log message csutherl
• (tomcat) branch 11.0.x updated: Avoid potential NPEs. Identified by Coverity. markt
• (tomcat) branch 9.0.x updated: Avoid potential NPEs. Identified by Coverity. markt
• [PR] Fix StoreRegistry to dynamically load clustering classes [tomcat] via GitHub
  • Re: [PR] Update StoreRegistry to dynamically load clustering classes [tomcat] via GitHub
  • Re: [PR] Update StoreRegistry to dynamically load clustering classes [tomcat] via GitHub
  • Re: [PR] Update StoreRegistry to dynamically load clustering classes [tomcat] via GitHub
  • Re: [PR] Update StoreRegistry to dynamically load clustering classes [tomcat] via GitHub
  • Re: [PR] Update StoreRegistry to dynamically load clustering classes [tomcat] via GitHub
  • Re: [PR] Update StoreRegistry to dynamically load clustering classes [tomcat] via GitHub
  • Re: [PR] Update StoreRegistry to dynamically load clustering classes [tomcat] via GitHub
• (tomcat) branch 10.1.x updated: Avoid potential NPEs. Identified by Coverity. markt
• (tomcat) branch main updated: Avoid potential NPEs. Identified by Coverity. markt
• (tomcat) branch 9.0.x updated (0f869d035e -> dccaf44b29) markt
  • (tomcat) 01/02: Work around an Eclipse bug markt
  • (tomcat) 02/02: Remove unnecessary warning suppression after Javadoc updates markt
• (tomcat) branch 10.1.x updated (d26c89b413 -> 2549ba1f5a) markt
  • (tomcat) 02/02: Remove unnecessary warning suppression after Javadoc updates markt
  • (tomcat) 01/02: Work around an Eclipse bug markt
• (tomcat) branch 11.0.x updated (4c2aa34d3a -> 098bf2b610) markt
  • (tomcat) 02/02: Remove unnecessary warning suppression after Javadoc updates markt
  • (tomcat) 01/02: Work around an Eclipse bug markt
• (tomcat) branch main updated: Remove unnecessary warning suppression after Javadoc updates markt
• (tomcat) branch main updated: Work around an Eclipse bug markt
• (tomcat) branch main updated: Remove incorrect throw statements markt
• (tomcat) branch main updated: Remove extra space markt
• (tomcat) branch 10.1.x updated: Drop useless javadoc on override remm
• (tomcat) branch 11.0.x updated: Drop useless javadoc on override remm
• (tomcat) branch 9.0.x updated: Drop useless javadoc on override remm
• (tomcat) branch main updated: Drop useless javadoc on override remm
• (tomcat-maven-plugin) branch trunk updated: Fixes remm
• Re: (tomcat) branch main updated: Javadoc fixes and improvements Mark Thomas
  • Re: (tomcat) branch main updated: Javadoc fixes and improvements Rémy Maucherat
  • Re: (tomcat) branch main updated: Javadoc fixes and improvements Mark Thomas
  • Re: (tomcat) branch main updated: Javadoc fixes and improvements Rémy Maucherat
  • (tomcat) branch main updated: Javadoc fixes and improvements remm
• (tomcat) branch 10.1.x updated: Reduce duplication markt
• (tomcat) branch 11.0.x updated: Reduce duplication markt
• (tomcat-maven-plugin) branch trunk updated: Javadoc warning fixes remm
• (tomcat) branch main updated: Work-around bug in Checkstyle parser markt
• (tomcat) branch main updated: Reduce duplication markt
• (tomcat) branch 11.0.x updated: Fix formatting remm
• (tomcat) branch main updated: Fix formatting remm
• (tomcat) branch 9.0.x updated: Fix Jakarta references remm
• (tomcat) branch 9.0.x updated: Fix typo... csutherl
• (tomcat) branch main updated: Fix typo... csutherl
• (tomcat) branch 10.1.x updated: Fix typo... csutherl
• (tomcat) branch 11.0.x updated: Fix typo... csutherl
• (tomcat) branch 10.1.x updated: Lower the log level to debug when OpenSSL initialization fails to avoid nasty stack traces and gracefully fail when natives aren't present csutherl
• (tomcat) branch main updated: Lower the log level to debug when OpenSSL initialization fails to avoid nasty stack traces and gracefully fail when natives aren't present csutherl
• (tomcat) branch 11.0.x updated: Lower the log level to debug when OpenSSL initialization fails to avoid nasty stack traces and gracefully fail when natives aren't present csutherl
• (tomcat) branch 9.0.x updated: Lower the log level to debug when OpenSSL initialization fails to avoid nasty stack traces and gracefully fail when natives aren't present csutherl
• (tomcat) branch 9.0.x updated: Add support for '%%' to represent a literal '%' in the access log markt
• (tomcat) branch 10.1.x updated: Add support for '%%' to represent a literal '%' in the access log markt
• (tomcat) branch 11.0.x updated: Add support for '%%' to represent a literal '%' in the access log markt
• (tomcat) branch main updated: Add support for '%%' to represent a literal '%' in the access log markt
• (tomcat-maven-plugin) branch dependabot/maven/tomcatVersion-11.0.22 deleted (was 4df69c9) github-bot
• (tomcat-maven-plugin) branch dependabot/maven/tomcatVersion-11.0.22 created (now 4df69c9) github-bot
• [PR] Bump tomcatVersion from 9.0.117 to 11.0.22 [tomcat-maven-plugin] via GitHub
  • Re: [PR] Bump tomcatVersion from 9.0.117 to 11.0.22 [tomcat-maven-plugin] via GitHub
  • Re: [PR] Bump tomcatVersion from 9.0.117 to 11.0.22 [tomcat-maven-plugin] via GitHub
  • Re: [PR] Bump tomcatVersion from 9.0.117 to 11.0.22 [tomcat-maven-plugin] via GitHub
• Hackathon at Community Over Code Glasgow — is Tomcat interested? rbowen
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? Mark Thomas
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? Rich Bowen
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? Mark Thomas
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? 박종하
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? Mark Thomas
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? Fatima Qaisar
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? Mark Thomas
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? Coty Sutherland
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? Jonathan Gallimore
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? Mark Thomas
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? Mark Thomas
  • Re: Hackathon at Community Over Code Glasgow — is Tomcat interested? Rich Bowen
• [ANN] Apache Tomcat 11.0.22 Available Mark Thomas
• svn commit: r84336 - release/tomcat/tomcat-11/v11.0.21 markt
• svn commit: r1933848 - in tomcat/site/trunk/docs/tomcat-11.0-doc: . annotationapi annotationapi/jakarta/annotation annotationapi/jakarta/annotation/security annotationapi/jakarta/annotation/sql api api/org/apache/catalina api/org/apache/catalina/ant ap... markt
• svn commit: r1933849 - in tomcat/site/trunk: . docs xdocs markt
• [VOTE] Release Apache Tomcat 10.1.55 Christopher Schultz
  • Re: [VOTE] Release Apache Tomcat 10.1.55 Mark Thomas

• Earlier messages
• Later messages