On 01/28/2016 08:48 PM, Mark Thomas wrote:
> On 28/01/2016 15:47, Rainer Jung wrote:
>> My first thoughts:
>>
>> - DH small subgroups (CVE-2016-0701)
>>
>> Our native code sets SSL_OP_SINGLE_DH_USE in sslcontext.c (in the native
>> impl of SSLContext.make()). This is true for trunk and 1.1.x. This
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-trunk-test-nio has an issue affecting its community integration.
Th
https://bz.apache.org/bugzilla/show_bug.cgi?id=58935
--- Comment #1 from bernard ---
Sorry I should have written:
With controlled fashion we mean that we don't want to be exposed to the
complexity that comes with autoDeploy="true".
--
You are receiving this mail because:
You are the assignee f
https://bz.apache.org/bugzilla/show_bug.cgi?id=58935
Bug ID: 58935
Summary: Re-deploy from war without deleting context
Product: Tomcat 8
Version: 8.0.30
Hardware: All
OS: All
Status: NEW
Severity: normal
Author: markt
Date: Thu Jan 28 20:49:28 2016
New Revision: 1727437
URL: http://svn.apache.org/viewvc?rev=1727437&view=rev
Log:
Javadoc
Modified:
tomcat/trunk/java/org/apache/jasper/compiler/Node.java
tomcat/trunk/java/org/apache/jasper/compiler/PageDataImpl.java
tomcat/trunk/java/org/
All,
Now we believe that today's OpenSSL issues don't affect us, I plan to
tag 9.0.0.M3 fairly soon. I want to check a few things around the
Encoder caching and the other connectors first so I'll probably tag
9.0.0.M3 tomorrow morning. Once that release vote is ready to go, I'll
start on 8.0.x.
M
On 28/01/2016 15:47, Rainer Jung wrote:
> My first thoughts:
>
> - DH small subgroups (CVE-2016-0701)
>
> Our native code sets SSL_OP_SINGLE_DH_USE in sslcontext.c (in the native
> impl of SSLContext.make()). This is true for trunk and 1.1.x. This
> should suffice to not being exposed to the prob
On 28/01/2016 17:49, Konstantin Kolinko wrote:
> 2016-01-28 20:22 GMT+03:00 Mark Thomas :
>> On 28 January 2016 15:11:03 GMT+00:00, "Rémy Maucherat"
>> wrote:
>>> 2016-01-28 15:53 GMT+01:00 Mark Thomas :
>>>
On 28/01/2016 14:16, Konstantin Kolinko wrote:
>>>
>>> I have always used local enco
2016-01-28 20:22 GMT+03:00 Mark Thomas :
> On 28 January 2016 15:11:03 GMT+00:00, "Rémy Maucherat"
> wrote:
>>2016-01-28 15:53 GMT+01:00 Mark Thomas :
>>
>>> On 28/01/2016 14:16, Konstantin Kolinko wrote:
>>
>> I have always used local encoders and decoders, nobody ever
>>complained
>>about memor
On 28 January 2016 15:11:03 GMT+00:00, "Rémy Maucherat" wrote:
>2016-01-28 15:53 GMT+01:00 Mark Thomas :
>
>> On 28/01/2016 14:16, Konstantin Kolinko wrote:
>> > 2016-01-28 17:04 GMT+03:00 :
>> >> Author: markt
>> >> Date: Thu Jan 28 14:04:00 2016
>> >> New Revision: 1727355
>> >>
>> >> URL: http
On 28 January 2016 15:35:35 GMT+00:00, Konstantin Kolinko
wrote:
>2016-01-28 17:53 GMT+03:00 Mark Thomas :
>> On 28/01/2016 14:16, Konstantin Kolinko wrote:
>>> 2016-01-28 17:04 GMT+03:00 :
Author: markt
Date: Thu Jan 28 14:04:00 2016
New Revision: 1727355
URL: http://sv
My first thoughts:
- DH small subgroups (CVE-2016-0701)
Our native code sets SSL_OP_SINGLE_DH_USE in sslcontext.c (in the native
impl of SSLContext.make()). This is true for trunk and 1.1.x. This
should suffice to not being exposed to the problem. It is a bit
unfortunate though, that the adis
2016-01-28 17:53 GMT+03:00 Mark Thomas :
> On 28/01/2016 14:16, Konstantin Kolinko wrote:
>> 2016-01-28 17:04 GMT+03:00 :
>>> Author: markt
>>> Date: Thu Jan 28 14:04:00 2016
>>> New Revision: 1727355
>>>
>>> URL: http://svn.apache.org/viewvc?rev=1727355&view=rev
>>> Log:
>>> Switch OutputBuffer t
it/target/junit-4.13-SNAPSHOT.jar
-Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar
-Dexamples.sources.skip=true
-Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20160128.jar
-Dtomcat-dbcp-src.jar=/srv/gump/public/wo
Since the advisory
https://www.openssl.org/news/secadv/20160128.txt
is currently under heavy load, here's a copy:
OpenSSL Security Advisory [28th Jan 2016]
=
NOTE: SUPPORT FOR VERSION 1.0.1 WILL BE ENDING ON 31ST DECEMBER 2016. NO
SECURITY FIXES WI
2016-01-28 15:53 GMT+01:00 Mark Thomas :
> On 28/01/2016 14:16, Konstantin Kolinko wrote:
> > 2016-01-28 17:04 GMT+03:00 :
> >> Author: markt
> >> Date: Thu Jan 28 14:04:00 2016
> >> New Revision: 1727355
> >>
> >> URL: http://svn.apache.org/viewvc?rev=1727355&view=rev
> >> Log:
> >> Switch Outpu
On 28/01/2016 14:16, Konstantin Kolinko wrote:
> 2016-01-28 17:04 GMT+03:00 :
>> Author: markt
>> Date: Thu Jan 28 14:04:00 2016
>> New Revision: 1727355
>>
>> URL: http://svn.apache.org/viewvc?rev=1727355&view=rev
>> Log:
>> Switch OutputBuffer to a local Map of C2BConvertors. Loading testing wit
2016-01-28 17:04 GMT+03:00 :
> Author: markt
> Date: Thu Jan 28 14:04:00 2016
> New Revision: 1727355
>
> URL: http://svn.apache.org/viewvc?rev=1727355&view=rev
> Log:
> Switch OutputBuffer to a local Map of C2BConvertors. Loading testing with
> HTTP/2 and default Tomcat home page suggests an imp
Author: markt
Date: Thu Jan 28 14:04:00 2016
New Revision: 1727355
URL: http://svn.apache.org/viewvc?rev=1727355&view=rev
Log:
Switch OutputBuffer to a local Map of C2BConvertors. Loading testing with
HTTP/2 and default Tomcat home page suggests an improvement of a few percent in
throughput.
Mo
it/target/junit-4.13-SNAPSHOT.jar
-Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar
-Dexamples.sources.skip=true
-Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20160128.jar
-Dtomcat-dbcp-src.jar=/srv/gump/public/wo
Author: markt
Date: Thu Jan 28 09:44:00 2016
New Revision: 1727294
URL: http://svn.apache.org/viewvc?rev=1727294&view=rev
Log:
Reduce scope of sync blocks
Modified:
tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java
Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Upg
Author: jfclere
Date: Thu Jan 28 09:07:57 2016
New Revision: 1727282
URL: http://svn.apache.org/viewvc?rev=1727282&view=rev
Log:
remove Itanium support we don't have native for it.
Modified:
tomcat/tc6.0.x/trunk/build.properties.default
tomcat/tc6.0.x/trunk/dist.xml
tomcat/tc6.0.x/tru
https://bz.apache.org/bugzilla/show_bug.cgi?id=58900
Mark Thomas changed:
What|Removed |Added
Resolution|--- |FIXED
Status|NEW
23 matches
Mail list logo
