Re: Native question (using Tomcat 8.5 and 9.0 on the same machine)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Brian, On 9/2/20 11:39, Paquin, Brian wrote: > I have a macOS device with Tomcat 8.5 and Native 1.2.23. I have > been asked to add Tomcat 9.0 which has Native 1.2.24. In my setup > documents, I copy “.libs/libtcnative-1.0.dylib” to > /Library/Java/Extensions/ after compiling Native. > > When running Tomcat 8.5 and 9.0 on the same device, are there any > issues using the newer dylib from Native 1.2.24 with the older > Tomcat instances? Usually no, and I don't think there are any issues with the combinations you list above. Sometimes the answer is "yes", so it's generally best to use the version of tcnative that comes with your version of CHADIS. There is no particular reason to require the same version of the library to be used by both Tomcat 8.5 and Tomcat 9.0 processes. You will have to build them both, of course, which may be a minor pain for you. I'm not sure I'd copy those native libraries into /Library/Java/etc... after you build them. Tomcat will already automatically add the CATALINA_HOME/lib/ directory to the java.library.path system property, so if you build your .dyibs and put them into CATALINA_HOME/lib/ for each (separate) version then you should be good. And there will be no need to "pollute" your global Java extentions directory with tcnative/APR/OpenSSL, etc. - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl9QSF0ACgkQHPApP6U8 pFgk3A//T8ClPJdUx3aV8CBkXdcd+yDJPt9QzYkgNVU+0+8N0lXifCKDUskuvmmR bhNyzZ6P0PN+5MO7Pwn++LZDEM+YDG9RnnG+kJwLSVE1GSv3MVxIVmwhYON1EEjV sAfKiq7wUA0HQETq+iERATi12gPc2H3eqx6tP/OfMk5GW2UNUyK45cPZIDREKVf6 9QeWHxOVR3DlRvyMJRRKDlB9kZ8fopyVD+L9LH8nXQCHjXZA6Myp2080p7MnqVfl chgmMkSQ5Wqp7erFjHCqH0orwSHxEAB/+sxIP+zwsXeij0DnNd0ox5CQHQ4xIf7B 8h5fzzQ5xsYcKKEbB/toatcqaA+ed1/OrKyQ5NQH52dy7hOoduysJlLMSQTyakJG FDNsrrNr8Kcmj8xNHMDWHXDKv4ATI/08JgEcTkXY5lM1Aif5QNj0wR003DhcVMPO cPtEvQJI/1iERK4k9D/cukGCSpjcpxxjDC2MBqTsyMLX9cG9CH/X69y/80zbuqNx W5CinzgVyYjZQC8NOYliRjnwpxm5LBaJeZOZuRxKAgN6JaWVCm95kEyAYXhNhy28 qnpT4y1pmFgNIoWmMc+4OKqslC/zVK/OxL3AAn8tt0GEXaP1Ph9QfHl7E6oHzI+t xx+phQoaqubD8FrqLeX68FkEL5NKyBmSVyUTPVdIPjZcNk6AdUw= =4qf0 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Release date of latest Tomcat version - 9.0.38
Hi, On Wed, Sep 2, 2020, 17:46 Arshiya Shariff wrote: > Hi , > Thank you for your response . > Is there a way I can track when the version is released for Voting (or) > will I get notified in the Users list ? > You need to subscribe to the dev@ mailing list. > Thanks and Regards > Arshiya Shariff > > -Original Message- > From: Mark Thomas > Sent: Wednesday, September 2, 2020 12:03 AM > To: users@tomcat.apache.org > Subject: Re: Release date of latest Tomcat version - 9.0.38 > > On 01/09/2020 14:01, Christopher Schultz wrote: > > Arshiya, > > > > On 9/1/20 08:13, Arshiya Shariff wrote: > >> Hi all, > > > >> The following reported issue - "HTTP/2 Stream.receivedData method > >> throwing continuous NullPointerException in the logs" has been fixed > >> in the latest tomcat. > >> https://bz.apache.org/bugzilla/show_bug.cgi?id=64671 > > > >> Can you please share us the release date of tomcat version 9.0.38 . > >> We are waiting for the release dates so we can plan accordingly. > > There are no promises about release schedule. > > > > Mark, however, has fairly consistently been rolling releases around > > the beginning of each month. If you read the developers list, you'll > > see there was a conversation started last week about the next batch of > > releases. > > I'm expecting to tag the next round of releases in a few days. I am > currently waiting for the Commons Daemon 1.2.3 release (it was delayed by > an issue with the code signing service) and the Tomcat Native 1.2.25 > release (vote should hopefully complete shortly). > > If the Commons Daemon release slips then the Tomcat release will probably > slip. > > > Once a release candidate has been announced (look for [VOTE] threads), > > you can help by testing the release: > > Big +1 > > > 1. Run the test suite (ant test) > > 2. Run the release-candidate on your own application > > > > Your vote is not binding, but if you find a problem, we will likely > > stop the release to fix it. > > Indeed. We've done that a few times. Much better to test the release > during the vote (when we can fix it and re-roll the release) rather than > once it is released (when you have to wait for the next release in ~1 > month). The number of times people have downloaded a new release and found > an issue that they could have caught if they tested during the vote... > > Mark > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Native question (using Tomcat 8.5 and 9.0 on the same machine)
I have a macOS device with Tomcat 8.5 and Native 1.2.23. I have been asked to add Tomcat 9.0 which has Native 1.2.24. In my setup documents, I copy “.libs/libtcnative-1.0.dylib” to /Library/Java/Extensions/ after compiling Native. When running Tomcat 8.5 and 9.0 on the same device, are there any issues using the newer dylib from Native 1.2.24 with the older Tomcat instances? Brian
RE: Release date of latest Tomcat version - 9.0.38
Hi , Thank you for your response . Is there a way I can track when the version is released for Voting (or) will I get notified in the Users list ? Thanks and Regards Arshiya Shariff -Original Message- From: Mark Thomas Sent: Wednesday, September 2, 2020 12:03 AM To: users@tomcat.apache.org Subject: Re: Release date of latest Tomcat version - 9.0.38 On 01/09/2020 14:01, Christopher Schultz wrote: > Arshiya, > > On 9/1/20 08:13, Arshiya Shariff wrote: >> Hi all, > >> The following reported issue - "HTTP/2 Stream.receivedData method >> throwing continuous NullPointerException in the logs" has been fixed >> in the latest tomcat. >> https://bz.apache.org/bugzilla/show_bug.cgi?id=64671 > >> Can you please share us the release date of tomcat version 9.0.38 . >> We are waiting for the release dates so we can plan accordingly. > There are no promises about release schedule. > > Mark, however, has fairly consistently been rolling releases around > the beginning of each month. If you read the developers list, you'll > see there was a conversation started last week about the next batch of > releases. I'm expecting to tag the next round of releases in a few days. I am currently waiting for the Commons Daemon 1.2.3 release (it was delayed by an issue with the code signing service) and the Tomcat Native 1.2.25 release (vote should hopefully complete shortly). If the Commons Daemon release slips then the Tomcat release will probably slip. > Once a release candidate has been announced (look for [VOTE] threads), > you can help by testing the release: Big +1 > 1. Run the test suite (ant test) > 2. Run the release-candidate on your own application > > Your vote is not binding, but if you find a problem, we will likely > stop the release to fix it. Indeed. We've done that a few times. Much better to test the release during the vote (when we can fix it and re-roll the release) rather than once it is released (when you have to wait for the next release in ~1 month). The number of times people have downloaded a new release and found an issue that they could have caught if they tested during the vote... Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: regarding CVE-2020-8022 applicable to tomcat 8.5.57
On 02/09/2020 09:28, Olaf Kock wrote: > > On 02.09.20 10:16, Rathore, Rajendra wrote: >> Please let me know whether CVE-2020-8022 applicable to tomcat 8.5.57 or not, >> if yes please let me know which release we fixing it. > > > The CVE states: > > "A Incorrect Default Permissions vulnerability in the *packaging of > tomcat* on SUSE Enterprise Storage 5" > > i.e. it's rather SUSE's packaging than tomcat itself. Correct me if I'm > wrong. > > If you're running any SUSE system, here are the releases that *they* > fixed it: https://www.suse.com/de-de/security/cve/CVE-2020-8022/ > > I don't expect any update from the generic Apache distribution of Tomcat > for this CVE, unless I've missed some information that was well hidden > in the multitude of mentioned SUSE products in that report. Correct. This is a SUSE issue, not a Tomcat issue. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: regarding CVE-2020-8022 applicable to tomcat 8.5.57
On 02.09.20 10:16, Rathore, Rajendra wrote: > Please let me know whether CVE-2020-8022 applicable to tomcat 8.5.57 or not, > if yes please let me know which release we fixing it. The CVE states: "A Incorrect Default Permissions vulnerability in the *packaging of tomcat* on SUSE Enterprise Storage 5" i.e. it's rather SUSE's packaging than tomcat itself. Correct me if I'm wrong. If you're running any SUSE system, here are the releases that *they* fixed it: https://www.suse.com/de-de/security/cve/CVE-2020-8022/ I don't expect any update from the generic Apache distribution of Tomcat for this CVE, unless I've missed some information that was well hidden in the multitude of mentioned SUSE products in that report. Olaf - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
regarding CVE-2020-8022 applicable to tomcat 8.5.57
Hi Team, Please let me know whether CVE-2020-8022 applicable to tomcat 8.5.57 or not, if yes please let me know which release we fixing it. Thanks and Regards, Rajendra Rathore 9922701491