Re: [VOTE] Release Apache Tomcat 9.0.62
On 31/03/2022 16:56, Rémy Maucherat wrote: [X] Stable - go ahead and release as 9.0.62 (stable) -- Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 9.0.62
On Thu, Mar 31, 2022 at 10:56 AM Rémy Maucherat wrote: > > The proposed 9.0.62 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 9.0.62 (stable) > >
Re: [VOTE] Release Apache Tomcat 9.0.62
On Thu, Mar 31, 2022 at 7:56 AM Rémy Maucherat wrote: > The proposed Apache Tomcat 9.0.62 release is now available for voting. > > The notable changes compared to 9.0.60 are: > > - Update the packaged version of the Tomcat Native Library to 1.2.32 to >pick up Windows binaries built with OpenSSL 1.1.1n. > > - Improve logging of unknown HTTP/2 settings frames. Pull request by >Thomas Hoffmann. > > - Add additional warnings if incompatible TLS configurations are used >such as HTTP/2 with CLIENT-CERT authentication > > - Harden the class loader to provide a mitigation for CVE-2022-22965 >a Spring Framework vulnerability > > Along with lots of other bug fixes and improvements. > > For full details, see the changelog: > https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.62/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1368 > The tag is: > https://github.com/apache/tomcat/tree/9.0.62 > 85113741042dcce9e9792bdbc3d498172bc31291 > > The proposed 9.0.62 release is: > [ ] Broken - do not release > > [X] Stable - go ahead and release as 9.0.62 (stable) Filip > >
Re: [VOTE] Release Apache Tomcat 9.0.62
On Thu, Mar 31, 2022 at 10:57 AM Rémy Maucherat wrote: > The proposed Apache Tomcat 9.0.62 release is now available for voting. > > The notable changes compared to 9.0.60 are: > > - Update the packaged version of the Tomcat Native Library to 1.2.32 to >pick up Windows binaries built with OpenSSL 1.1.1n. > > - Improve logging of unknown HTTP/2 settings frames. Pull request by >Thomas Hoffmann. > > - Add additional warnings if incompatible TLS configurations are used >such as HTTP/2 with CLIENT-CERT authentication > > - Harden the class loader to provide a mitigation for CVE-2022-22965 >a Spring Framework vulnerability > > Along with lots of other bug fixes and improvements. > > For full details, see the changelog: > https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.62/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1368 > The tag is: > https://github.com/apache/tomcat/tree/9.0.62 > 85113741042dcce9e9792bdbc3d498172bc31291 > > The proposed 9.0.62 release is: > [ ] Broken - do not release > [x] Stable - go ahead and release as 9.0.62 (stable) > +1 > Rémy > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
Re: [VOTE] Release Apache Tomcat 9.0.62
On 31/03/2022 15:56, Rémy Maucherat wrote: The proposed 9.0.62 release is: [ ] Broken - do not release [X] Stable - go ahead and release as 9.0.62 (stable) Unit tests pass on Linux, Windows and MacOS Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 9.0.62
Am 31.03.22 um 16:56 schrieb Rémy Maucherat: The proposed Apache Tomcat 9.0.62 release is now available for voting. The notable changes compared to 9.0.60 are: - Update the packaged version of the Tomcat Native Library to 1.2.32 to pick up Windows binaries built with OpenSSL 1.1.1n. - Improve logging of unknown HTTP/2 settings frames. Pull request by Thomas Hoffmann. - Add additional warnings if incompatible TLS configurations are used such as HTTP/2 with CLIENT-CERT authentication - Harden the class loader to provide a mitigation for CVE-2022-22965 a Spring Framework vulnerability Along with lots of other bug fixes and improvements. For full details, see the changelog: https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.62/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1368 The tag is: https://github.com/apache/tomcat/tree/9.0.62 85113741042dcce9e9792bdbc3d498172bc31291 The proposed 9.0.62 release is: [ ] Broken - do not release [x] Stable - go ahead and release as 9.0.62 (stable) Unit tests run with Java 11 and Java 8 on Linux Felix Rémy - To unsubscribe, e-mail:dev-unsubscr...@tomcat.apache.org For additional commands, e-mail:dev-h...@tomcat.apache.org OpenPGP_0xEA6C3728EA91C4AF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [VOTE] Release Apache Tomcat 9.0.62
> [X] Stable - go ahead and release as 9.0.62 (stable) Ray On Thu, Mar 31, 2022 at 11:23 AM Rémy Maucherat wrote: > On Thu, Mar 31, 2022 at 4:56 PM Rémy Maucherat wrote: > > > > The proposed Apache Tomcat 9.0.62 release is now available for voting. > > > > The notable changes compared to 9.0.60 are: > > > > - Update the packaged version of the Tomcat Native Library to 1.2.32 to > >pick up Windows binaries built with OpenSSL 1.1.1n. > > > > - Improve logging of unknown HTTP/2 settings frames. Pull request by > >Thomas Hoffmann. > > > > - Add additional warnings if incompatible TLS configurations are used > >such as HTTP/2 with CLIENT-CERT authentication > > > > - Harden the class loader to provide a mitigation for CVE-2022-22965 > >a Spring Framework vulnerability > > > > Along with lots of other bug fixes and improvements. > > > > For full details, see the changelog: > > https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html > > > > It can be obtained from: > > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.62/ > > The Maven staging repo is: > > https://repository.apache.org/content/repositories/orgapachetomcat-1368 > > The tag is: > > https://github.com/apache/tomcat/tree/9.0.62 > > 85113741042dcce9e9792bdbc3d498172bc31291 > > > > The proposed 9.0.62 release is: > > [ ] Broken - do not release > > [X] Stable - go ahead and release as 9.0.62 (stable) > > Rémy > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > -- *Raymond Augé* (@rotty3000) Senior Software Architect *Liferay, Inc.* (@Liferay) OSGi Fellow, Java Champion
Re: [VOTE] Release Apache Tomcat 9.0.62
On Thu, Mar 31, 2022 at 4:56 PM Rémy Maucherat wrote: > > The proposed Apache Tomcat 9.0.62 release is now available for voting. > > The notable changes compared to 9.0.60 are: > > - Update the packaged version of the Tomcat Native Library to 1.2.32 to >pick up Windows binaries built with OpenSSL 1.1.1n. > > - Improve logging of unknown HTTP/2 settings frames. Pull request by >Thomas Hoffmann. > > - Add additional warnings if incompatible TLS configurations are used >such as HTTP/2 with CLIENT-CERT authentication > > - Harden the class loader to provide a mitigation for CVE-2022-22965 >a Spring Framework vulnerability > > Along with lots of other bug fixes and improvements. > > For full details, see the changelog: > https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.62/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1368 > The tag is: > https://github.com/apache/tomcat/tree/9.0.62 > 85113741042dcce9e9792bdbc3d498172bc31291 > > The proposed 9.0.62 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 9.0.62 (stable) Rémy - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[VOTE] Release Apache Tomcat 9.0.62
The proposed Apache Tomcat 9.0.62 release is now available for voting. The notable changes compared to 9.0.60 are: - Update the packaged version of the Tomcat Native Library to 1.2.32 to pick up Windows binaries built with OpenSSL 1.1.1n. - Improve logging of unknown HTTP/2 settings frames. Pull request by Thomas Hoffmann. - Add additional warnings if incompatible TLS configurations are used such as HTTP/2 with CLIENT-CERT authentication - Harden the class loader to provide a mitigation for CVE-2022-22965 a Spring Framework vulnerability Along with lots of other bug fixes and improvements. For full details, see the changelog: https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.62/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1368 The tag is: https://github.com/apache/tomcat/tree/9.0.62 85113741042dcce9e9792bdbc3d498172bc31291 The proposed 9.0.62 release is: [ ] Broken - do not release [ ] Stable - go ahead and release as 9.0.62 (stable) Rémy - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org