On 10.04.2014 13:50, Mladen Turk wrote:
> Version 1.1.30 is bug fixing release with added ECDH
> if supported by OpenSSL library.
> The proposed release artefacts can be found at [1],
> and the build was done using tag [2].
>
> The VOTE will remain open for at least 48 hours.
>
> The Apache Tomca
On 04/11/2014 08:10 PM, Christopher Schultz wrote:
The primary tcnative bit was in svn. Did you build 1.1/trunk, or did you
just apply certain patches?
There was a followup-comment about the 512-bit RSA key generation which
is a separate problem IMO which has not yet been addressed.
r155918
Mladen,
On 4/10/14, 10:06 AM, Mladen Turk wrote:
> On 04/10/2014 05:55 PM, Christopher Schultz wrote:
>> Mladen,
>>
>> On 4/10/14, 9:29 AM, Mladen Turk wrote:
>>> On 04/10/2014 03:15 PM, Robert Sanders wrote:
Is the TCN portion of BZ 56027 address completely or partially with
this releas
On 10/04/2014, at 11:50 pm, Mladen Turk wrote:
> Version 1.1.30 is bug fixing release with added ECDH
> if supported by OpenSSL library.
> The proposed release artefacts can be found at [1],
> and the build was done using tag [2].
>
> The VOTE will remain open for at least 48 hours.
>
> The Ap
On 04/10/2014 01:50 PM, Mladen Turk wrote:
The Apache Tomcat Native 1.1.30 is
[X] Stable, go ahead and release
[ ] Broken because of ...
My vote, FTR.
Regards
--
^TM
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apa
On 04/10/2014 05:55 PM, Christopher Schultz wrote:
Mladen,
On 4/10/14, 9:29 AM, Mladen Turk wrote:
On 04/10/2014 03:15 PM, Robert Sanders wrote:
Is the TCN portion of BZ 56027 address completely or partially with
this release?
Nope. This issue was not fixed with this release.
The primary t
I'll concur with Chris for release. WRT BZ 56027 there is no regression. The
exposure of the fipsModeGet will be useful moving forward to have the main
Tomcat code avoid a double call to initialize SSL, but some one with more
understanding of the FIPS requirements that I do should look at how
On 04/10/2014 05:55 PM, Christopher Schultz wrote:
Mladen,
On 4/10/14, 9:29 AM, Mladen Turk wrote:
On 04/10/2014 03:15 PM, Robert Sanders wrote:
Is the TCN portion of BZ 56027 address completely or partially with
this release?
Nope. This issue was not fixed with this release.
The primary t
2014-04-10 15:50 GMT+04:00 Mladen Turk :
> Version 1.1.30 is bug fixing release with added ECDH
> if supported by OpenSSL library.
> The proposed release artefacts can be found at [1],
> and the build was done using tag [2].
>
> The VOTE will remain open for at least 48 hours.
>
> The Apache Tomcat
Mladen,
On 4/10/14, 5:50 AM, Mladen Turk wrote:
> Version 1.1.30 is bug fixing release with added ECDH
> if supported by OpenSSL library.
> The proposed release artefacts can be found at [1],
> and the build was done using tag [2].
>
> The VOTE will remain open for at least 48 hours.
>
> The Apa
Mladen,
On 4/10/14, 9:29 AM, Mladen Turk wrote:
> On 04/10/2014 03:15 PM, Robert Sanders wrote:
>> Is the TCN portion of BZ 56027 address completely or partially with
>> this release?
>
> Nope. This issue was not fixed with this release.
The primary tcnative bit was in svn. Did you build 1.1/tru
On 04/10/2014 03:15 PM, Robert Sanders wrote:
Is the TCN portion of BZ 56027 address completely or partially with this
release?
Nope. This issue was not fixed with this release.
Regards
--
^TM
-
To unsubscribe, e-mail: dev-
gelog that BZ 56027 is only partially addressed, in that
the fipsModeGet() method is now available.
-Rob
From: Robert Sanders [rsand...@trustedcs.com]
Sent: Thursday, April 10, 2014 9:15 AM
To: Tomcat Developers List
Subject: RE: [VOTE] Release Apache Tom
[VOTE] Release Apache Tomcat Native 1.1.30
On 04/10/2014 02:56 PM, Ognjen Blagojevic wrote:
>
> Tested with Tomcat 8.0.5, Oracle Java 1.7.0_51 on Windows 7 64-bit.
>
> - Filippo.io [1] reports it is not vulnerable to Heartbleed bug.
>
> - SSLLabs [2] reports it is not vulnerable to Heartb
On 04/10/2014 02:56 PM, Ognjen Blagojevic wrote:
Tested with Tomcat 8.0.5, Oracle Java 1.7.0_51 on Windows 7 64-bit.
- Filippo.io [1] reports it is not vulnerable to Heartbleed bug.
- SSLLabs [2] reports it is not vulnerable to Heartbleed bug.
- SSLLabs reports that Forward secrecy is enabled
Mladen,
On 10.4.2014 13:50, Mladen Turk wrote:
The Apache Tomcat Native 1.1.30 is
[X] Stable, go ahead and release
[ ] Broken because of ...
(non-binding)
Tested with Tomcat 8.0.5, Oracle Java 1.7.0_51 on Windows 7 64-bit.
- Filippo.io [1] reports it is not vulnerable to Heartbleed bug.
2014-04-10 13:50 GMT+02:00 Mladen Turk :
> The Apache Tomcat Native 1.1.30 is
> [X] Stable, go ahead and release
> [ ] Broken because of ...
>
Rémy
17 matches
Mail list logo