rotty3000 commented on pull request #322:
URL: https://github.com/apache/tomcat/pull/322#issuecomment-658446478
@martin-g @markt-asf does this look reasonable? I do need to apply the .api
change to master separately.
This is
rotty3000 opened a new pull request #322:
URL: https://github.com/apache/tomcat/pull/322
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to g
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new e7cdb18 Ensure WebSocket connection write lock is
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 5707895 Ensure WebSocket connection write lock is
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new d8aae3a Ensure WebSocket connection write lock i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Merlin,
On 7/14/20 09:49, Merlin Beedell wrote:
> I can confirm that changing the certificate by replacing the
> file(s) with the ones with the same name & password but with an
> updated certificate inside does indeed work. The reason I thought
> o
Le mar. 14 juil. 2020 à 15:50, Merlin Beedell a
écrit :
> Thank you for the responses.
> I can confirm that changing the certificate by replacing the file(s) with
> the ones with the same name & password but with an updated certificate
> inside does indeed work. The reason I thought otherwise be
Thank you for the responses.
I can confirm that changing the certificate by replacing the file(s) with the
ones with the same name & password but with an updated certificate inside does
indeed work. The reason I thought otherwise because (I thought that) the
useful Presentation by C Schultz sai
I'll make the change today.
Thanks all,
- Ray
On Mon, Jul 13, 2020, 07:37 Martin Grigorov, wrote:
>
>
> On Mon, Jul 13, 2020 at 1:02 PM Mark Thomas wrote:
>
>> There are some Java EE / Jakarta EE issues here.
>>
>> Tomcat 10 is Jakarta EE.
>> Tomcat 9 is Java EE.
>>
>> There should not be any
CVE-2020-13935 Apache Tomcat WebSocket Denial of Service
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 10.0.0-M1 to 10.0.0-M6
Apache Tomcat 9.0.0.M1 to 9.0.36
Apache Tomcat 8.5.0 to 8.5.56
Apache Tomcat 7.0.27 to 7.0.104
Description:
The payload len
Author: markt
Date: Tue Jul 14 12:18:19 2020
New Revision: 1879856
URL: http://svn.apache.org/viewvc?rev=1879856&view=rev
Log:
Announce CVE-2020-13934 and CVE-2020-13935
Modified:
tomcat/site/trunk/docs/security-10.html
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/sec
CVE-2020-13934 Apache Tomcat HTTP/2 Denial of Service
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 10.0.0-M1 to 10.0.0-M6
Apache Tomcat 9.0.0.M5 to 9.0.36
Apache Tomcat 8.5.1 to 8.5.56
Description:
An h2c direct connection did not release the HTTP/1
Bug deleted and account locked.
The attachment looked like an attempt to do something malicious but
since all attachments are served as plain text the attempt failed.
Mark
On 14/07/2020 10:02, bugzi...@apache.org wrote:
> https://bz.apache.org/bugzilla/show_bug.cgi?id=64599
>
> Bug
https://bz.apache.org/bugzilla/show_bug.cgi?id=64599
Bug ID: 64599
Summary: wikwik
Product: Tomcat 7
Version: unspecified
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P2
14 matches
Mail list logo
