[Bug 63699] craigwende...@gmail.com
https://bz.apache.org/bugzilla/show_bug.cgi?id=63699 craigwende...@gmail.com changed: What|Removed |Added Version|unspecified |9.0.20 Hardware|All |SGI Target Milestone|--- |- Priority|P2 |P1 Resolution|--- |FIXED Severity|critical|minor Assignee|websh-...@tcl.apache.org|dev@tomcat.apache.org Component|WebSH |Documentation OS|All |Windows Vista Status|NEW |RESOLVED CC||craigwende...@gmail.com Product|WebSH |Tomcat 9 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] sk8k closed pull request #199: commit desi.test
sk8k closed pull request #199: commit desi.test URL: https://github.com/apache/tomcat/pull/199 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] sk8k commented on issue #199: commit desi.test
sk8k commented on issue #199: commit desi.test URL: https://github.com/apache/tomcat/pull/199#issuecomment-526319367 ccc This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] sk8k opened a new pull request #199: commit desi.test
sk8k opened a new pull request #199: commit desi.test URL: https://github.com/apache/tomcat/pull/199 c This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] sk8k closed pull request #198: commit desi.test
sk8k closed pull request #198: commit desi.test URL: https://github.com/apache/tomcat/pull/198 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] sk8k opened a new pull request #198: commit desi.test
sk8k opened a new pull request #198: commit desi.test URL: https://github.com/apache/tomcat/pull/198 adding desi test. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63695] session_cookie attribute does not work?
https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 Rainer Jung changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/4572 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch master] a47066f28d778aca8b04e5e1ebf2f92c57cf8d0b Blamelist: remm BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63706] Sending http request to https endpoint logs SEVERE in tomcat 9.0.24
https://bz.apache.org/bugzilla/show_bug.cgi?id=63706 Remy Maucherat changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #1 from Remy Maucherat --- Avoiding the NPE worked well for me, so the fix will be in 9.0.25 and 8.5.46. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: 63706: Avoid NPE accessing https port with plaintext
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new a47066f 63706: Avoid NPE accessing https port with plaintext
a47066f is described below
commit a47066f28d778aca8b04e5e1ebf2f92c57cf8d0b
Author: remm
AuthorDate: Thu Aug 29 18:26:09 2019 +0200
63706: Avoid NPE accessing https port with plaintext
---
java/org/apache/tomcat/util/net/Nio2Endpoint.java | 10 ++
java/org/apache/tomcat/util/net/NioEndpoint.java | 10 ++
webapps/docs/changelog.xml| 7 +++
3 files changed, 19 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/Nio2Endpoint.java
b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
index 4b59c9b..88c17cc 100644
--- a/java/org/apache/tomcat/util/net/Nio2Endpoint.java
+++ b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
@@ -1578,11 +1578,13 @@ public class Nio2Endpoint extends
AbstractJsseEndpoint
public SSLSupport getSslSupport(String clientCertProvider) {
if (getSocket() instanceof SecureNioChannel) {
SecureNioChannel ch = (SecureNioChannel) getSocket();
-SSLSession session = ch.getSslEngine().getSession();
-return ((NioEndpoint)
getEndpoint()).getSslImplementation().getSSLSupport(session);
-} else {
-return null;
+SSLEngine sslEngine = ch.getSslEngine();
+if (sslEngine != null) {
+SSLSession session = sslEngine.getSession();
+return ((NioEndpoint)
getEndpoint()).getSslImplementation().getSSLSupport(session);
+}
}
+return null;
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index d2abd52..18277ca 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -58,6 +58,13 @@
+
+
+
+63706: Avoid NPE accessing https port with plaintext. (remm)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: 63706: Avoid NPE accessing https port with plaintext
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new df41189 63706: Avoid NPE accessing https port with plaintext
df41189 is described below
commit df41189ee6ad84e891e62fcf84530d2d635deda2
Author: remm
AuthorDate: Thu Aug 29 18:26:09 2019 +0200
63706: Avoid NPE accessing https port with plaintext
---
java/org/apache/tomcat/util/net/Nio2Endpoint.java | 10 ++
java/org/apache/tomcat/util/net/NioEndpoint.java | 10 ++
webapps/docs/changelog.xml| 7 +++
3 files changed, 19 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/Nio2Endpoint.java
b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
index dfd2f0c..83be183 100644
--- a/java/org/apache/tomcat/util/net/Nio2Endpoint.java
+++ b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
@@ -1677,11 +1677,13 @@ public class Nio2Endpoint extends
AbstractJsseEndpoint {
public SSLSupport getSslSupport(String clientCertProvider) {
if (getSocket() instanceof SecureNio2Channel) {
SecureNio2Channel ch = (SecureNio2Channel) getSocket();
-SSLSession session = ch.getSslEngine().getSession();
-return ((Nio2Endpoint)
getEndpoint()).getSslImplementation().getSSLSupport(session);
-} else {
-return null;
+SSLEngine sslEngine = ch.getSslEngine();
+if (sslEngine != null) {
+SSLSession session = sslEngine.getSession();
+return ((Nio2Endpoint)
getEndpoint()).getSslImplementation().getSSLSupport(session);
+}
}
+return null;
}
diff --git a/java/org/apache/tomcat/util/net/NioEndpoint.java
b/java/org/apache/tomcat/util/net/NioEndpoint.java
index 2eb4d09..45613aa 100644
--- a/java/org/apache/tomcat/util/net/NioEndpoint.java
+++ b/java/org/apache/tomcat/util/net/NioEndpoint.java
@@ -1412,11 +1412,13 @@ public class NioEndpoint extends
AbstractJsseEndpoint {
public SSLSupport getSslSupport(String clientCertProvider) {
if (getSocket() instanceof SecureNioChannel) {
SecureNioChannel ch = (SecureNioChannel) getSocket();
-SSLSession session = ch.getSslEngine().getSession();
-return ((NioEndpoint)
getEndpoint()).getSslImplementation().getSSLSupport(session);
-} else {
-return null;
+SSLEngine sslEngine = ch.getSslEngine();
+if (sslEngine != null) {
+SSLSession session = sslEngine.getSession();
+return ((NioEndpoint)
getEndpoint()).getSslImplementation().getSSLSupport(session);
+}
}
+return null;
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 13c63a6..2b1c5db 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -54,6 +54,13 @@
+
+
+
+63706: Avoid NPE accessing https port with plaintext. (remm)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63695] session_cookie attribute does not work?
https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 --- Comment #7 from kimc@gmail.com --- Thank you Rainer, I changed my configuration as you adviced like the below. And It works as I intended finally. worker.list=worker_lb worker.worker_lb.type=lb worker.worker_lb.balance_workers=engine1,engine2 worker.worker_lb.session_cookie=LBSESSIONID worker.worker_lb.sticky_session=true worker.engine1.host=localhost worker.engine1.port=9910 worker.engine1.route=engine1 worker.engine1.reference=worker.default worker.engine2.host=localhost worker.engine2.port=9920 worker.engine2.route=engine2 worker.engine2.reference=worker.default You can close this subject. Best regards, -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63690] [HTTP/2] The socket [*] associated with this connection has been closed.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63690 --- Comment #15 from Chen Levy --- (In reply to Boris Petrov from comment #13) > Chen Levy, if you could provide a simple sample project that, as you say, > has no external dependencies and breaks with the default Tomcat > configuration on the latest Chrome/Firefox, please do so that Tomcat's team > could perhaps take a look and reevaluate the default settings. I've attached a simple project: The issue is noticeable when filling the form fields, including the file upload, in which case the form fields are not accessible from the servlet. The issue appears with Tomcat 9.0.24 but not with 9.0.21 The issue appears with HTTPS but not with HTTP The issue appears when there's an upload file, but not without it The Tomcat server has HTTP2 enabled -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63690] [HTTP/2] The socket [*] associated with this connection has been closed.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63690 --- Comment #14 from Chen Levy --- Created attachment 36744 --> https://bz.apache.org/bugzilla/attachment.cgi?id=36744=edit Simple project demonstrating multipart issue -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63705] The tomcat pool doesn't register all connection through JMX
https://bz.apache.org/bugzilla/show_bug.cgi?id=63705 Borja changed: What|Removed |Added OS||Windows 10 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63705] The tomcat pool doesn't register all connection through JMX
https://bz.apache.org/bugzilla/show_bug.cgi?id=63705 Borja changed: What|Removed |Added OS||Windows 10 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63706] New: Sending http request to https endpoint logs SEVERE in tomcat 9.0.24
https://bz.apache.org/bugzilla/show_bug.cgi?id=63706 Bug ID: 63706 Summary: Sending http request to https endpoint logs SEVERE in tomcat 9.0.24 Product: Tomcat 9 Version: 9.0.24 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Connectors Assignee: dev@tomcat.apache.org Reporter: sentha...@wso2.com Target Milestone: - When sending an http request to https endpoint logs the following SEVERE in tomcat 9.0.24, 29-Aug-2019 13:34:40.088 SEVERE [https-jsse-nio-8443-exec-10] org.apache.coyote.AbstractProtocol$ConnectionHandler.process Error reading request, ignored java.lang.NullPointerException at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.getSslSupport(NioEndpoint.java:1392) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:853) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1593) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThre Here is my connector configuration, When analysing the tomcats code, I have figured out this occurred after an improvement done to "Include failed TLS handshakes in the access log"[1]. But I could able to find out which causes the SSL engine to be null. [1] - https://github.com/apache/tomcat/commit/acf6076d7118571ebc881984b96792f861b72bb2 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56148] support (multiple) ocsp stapling
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148 --- Comment #11 from Mark Thomas --- It is on the TODO list but there are quite a few things ahead of it on the list. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Malicious bugzilla attachment? [Was: [Bug 63695] session_cookie attribute does not work?]
On August 29, 2019 8:52:57 AM UTC, Rainer Jung wrote: >Am 29.08.2019 um 09:55 schrieb Mark Thomas: >> That looks suspicious on multiple levels. >> >> I'll block the user account and delete the attachment. I'm also >tempted >> to resolve the issue as invalid. Any objections? > >Thanks for taking actions. I have replied in the ticket, because I >think >it's a misconfiguration. I would give the user a chance to report back, > >because apart from the broken attachment he provided reasonable info, >so >I think the ticket is not fake. If it turns out to be a >misconfiguration, then of course it is invalid. If we would have >responded sooner as we did now, we would have pointed him to the users >list. But since he actually tried to dig into it, I would find it more >friendly to give him a final chance to check my hint how to fix the >config. Ack. I'll need to unblock the account. Should be done is 5 to 10 mins. Mark >Regards, > >Rainer > >> Mark >> >> >> On 29/08/2019 10:47, Rainer Jung wrote: >>> I don't know whether this attachment is just broken or some kind of >>> attack. We might want to delete it if possible. >>> >>> It has suffix .pptx but neither Ooo, nor LibreOffice or Powerpoint >show >>> correct content. The file starts with a magic header "NASCA DRM FILE >- >>> VER1.00". >>> >>> Regards, >>> >>> Rainer >>> >>> Am 29.08.2019 um 09:23 schrieb bugzi...@apache.org: https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 --- Comment #3 from kimc@gmail.com --- Created attachment 36741 --> >https://bz.apache.org/bugzilla/attachment.cgi?id=36741=edit jk_lb_worker.c modification Showing how I modified the source code > >- >To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Malicious bugzilla attachment? [Was: [Bug 63695] session_cookie attribute does not work?]
Am 29.08.2019 um 09:55 schrieb Mark Thomas: That looks suspicious on multiple levels. I'll block the user account and delete the attachment. I'm also tempted to resolve the issue as invalid. Any objections? Thanks for taking actions. I have replied in the ticket, because I think it's a misconfiguration. I would give the user a chance to report back, because apart from the broken attachment he provided reasonable info, so I think the ticket is not fake. If it turns out to be a misconfiguration, then of course it is invalid. If we would have responded sooner as we did now, we would have pointed him to the users list. But since he actually tried to dig into it, I would find it more friendly to give him a final chance to check my hint how to fix the config. Regards, Rainer Mark On 29/08/2019 10:47, Rainer Jung wrote: I don't know whether this attachment is just broken or some kind of attack. We might want to delete it if possible. It has suffix .pptx but neither Ooo, nor LibreOffice or Powerpoint show correct content. The file starts with a magic header "NASCA DRM FILE - VER1.00". Regards, Rainer Am 29.08.2019 um 09:23 schrieb bugzi...@apache.org: https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 --- Comment #3 from kimc@gmail.com --- Created attachment 36741 --> https://bz.apache.org/bugzilla/attachment.cgi?id=36741=edit jk_lb_worker.c modification Showing how I modified the source code - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63695] session_cookie attribute does not work?
https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 --- Comment #6 from Rainer Jung --- Note that the docs under http://tomcat.apache.org/connectors-doc/reference/workers.html show that the attribute session_cookie is an LB attribute. You have set it for the two ajp13 workers, but you need to set it for the lb worker named "worker_lb" like: worker.worker_lb.session_cookie=TESTSESSIONID You can remove it from angine1 and engine2. Please report back, if that works for you so we could close this ticket. Regards, Rainer -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63705] New: The tomcat pool doesn't register all connection through JMX
https://bz.apache.org/bugzilla/show_bug.cgi?id=63705 Bug ID: 63705 Summary: The tomcat pool doesn't register all connection through JMX Product: Tomcat Modules Version: unspecified Hardware: PC Status: NEW Severity: normal Priority: P2 Component: jdbc-pool Assignee: dev@tomcat.apache.org Reporter: borjaf...@gmail.com Target Milestone: --- Created attachment 36742 --> https://bz.apache.org/bugzilla/attachment.cgi?id=36742=edit Screenshot of the pool in JConsole I used the "JConsole" tool to monitor a tomcat connection pool through JMX. The pool indicated that there were four idle connections, but only two of them were visible in the monitoring tool. In addition, the initial size of the pool was six and six connections were created (I checked it by debugging the code), but for some reason two of them were closed, and the pool was left with the minimum number of idle connections (four connections). I guess it's the normal behavior of the pool. However, if there are four connections, all of them should be registered through JMX, not just two. Tomcat pool: - Initial size: 6 - Min idle: 4 - Max idle: 30 - Max active: 40 Tomcat version: 9.0.22 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63695] session_cookie attribute does not work?
https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 --- Comment #5 from Mark Thomas --- The content of attachment 36741 has been deleted for the following reason: Suspected malicious attachment - file type not readable as pptx -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Malicious bugzilla attachment? [Was: [Bug 63695] session_cookie attribute does not work?]
That looks suspicious on multiple levels. I'll block the user account and delete the attachment. I'm also tempted to resolve the issue as invalid. Any objections? Mark On 29/08/2019 10:47, Rainer Jung wrote: > I don't know whether this attachment is just broken or some kind of > attack. We might want to delete it if possible. > > It has suffix .pptx but neither Ooo, nor LibreOffice or Powerpoint show > correct content. The file starts with a magic header "NASCA DRM FILE - > VER1.00". > > Regards, > > Rainer > > Am 29.08.2019 um 09:23 schrieb bugzi...@apache.org: >> https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 >> >> --- Comment #3 from kimc@gmail.com --- >> Created attachment 36741 >> --> https://bz.apache.org/bugzilla/attachment.cgi?id=36741=edit >> jk_lb_worker.c modification >> >> Showing how I modified the source code > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63695] session_cookie attribute does not work?
https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 --- Comment #4 from kimc@gmail.com --- Comment on attachment 36741 --> https://bz.apache.org/bugzilla/attachment.cgi?id=36741 jk_lb_worker.c modification I have tried to debug 1.2.46 version of tomcat connector and finally I found some wrong parts of source codes for session-related configs. - session_cookie - session_path - set_session_cookie - session_cookie_path The code that handles those attributes also missed a loop part for more than 2 workers. I attached a pptx file and you can see what is the problem and how we can handle . And I would like to you to modify the source and release the patch officially. Regards, -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Malicious bugzilla attachment? [Was: [Bug 63695] session_cookie attribute does not work?]
I don't know whether this attachment is just broken or some kind of attack. We might want to delete it if possible. It has suffix .pptx but neither Ooo, nor LibreOffice or Powerpoint show correct content. The file starts with a magic header "NASCA DRM FILE - VER1.00". Regards, Rainer Am 29.08.2019 um 09:23 schrieb bugzi...@apache.org: https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 --- Comment #3 from kimc@gmail.com --- Created attachment 36741 --> https://bz.apache.org/bugzilla/attachment.cgi?id=36741=edit jk_lb_worker.c modification Showing how I modified the source code - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Add properties bundles from the webapp classes
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new fb63c77 Add properties bundles from the webapp classes fb63c77 is described below commit fb63c77116f0797d8a623710754f025e3be58d5f Author: remm AuthorDate: Thu Aug 29 09:28:17 2019 +0200 Add properties bundles from the webapp classes --- res/tomcat-maven/graal-webapp.ant.xml | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/res/tomcat-maven/graal-webapp.ant.xml b/res/tomcat-maven/graal-webapp.ant.xml index 559b046..41c4f70 100644 --- a/res/tomcat-maven/graal-webapp.ant.xml +++ b/res/tomcat-maven/graal-webapp.ant.xml @@ -29,10 +29,11 @@ - - + + + + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63695] session_cookie attribute does not work?
https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 --- Comment #3 from kimc@gmail.com --- Created attachment 36741 --> https://bz.apache.org/bugzilla/attachment.cgi?id=36741=edit jk_lb_worker.c modification Showing how I modified the source code -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
