Hi, here is my test result, although the vote has finished:
The proposed 9.0.0.M27 release is:
[ ] Broken - do not release
[ X ] Alpha - go ahead and release as 9.0.0.M27
Unit test passed.
Our web application works fine.
--
Mark
Author: markt
Date: Tue Sep 19 20:29:38 2017
New Revision: 21712
Log:
Release Apache Tomcat 8.5.21
Added:
release/tomcat/tomcat-8/v8.5.21/
- copied from r21711, dev/tomcat/tomcat-8/v8.5.21/
Removed:
dev/tomcat/tomcat-8/v8.5.21/
The following voters were cast:
Binding:
+1: rjung, markt, fschumacher, mgrigorov, csutherl, violetagg
Non-binding:
+1: ebourg
The vote therefore passes.
Thank you to everyone who contributed to this release.
Mark
-
To
2017-09-13 21:49 GMT+03:00 Mark Thomas :
>
> The proposed Apache Tomcat 9.0.0.M27 release is now available for voting.
>
> This is a milestone release for the 9.0.x branch. It should be
> noted that, as a milestone release:
> - Servlet 4.0 is not finalised
> - It is not known if
The following votes were cast:
Binding:
+1: markt, rjung, fschumacher, mgrigorov, violetagg
No other voters were cast.
The vote therefore passes.
Thank you to everyone who contributed to this release.
-
To unsubscribe,
Author: markt
Date: Tue Sep 19 20:28:21 2017
New Revision: 21710
Log:
Tomcat 6 has reached end of life
Removed:
dev/tomcat/tomcat-6/
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands,
Author: markt
Date: Tue Sep 19 20:29:09 2017
New Revision: 21711
Log:
Release Apache Tomcat 9.0.0.M27
Added:
release/tomcat/tomcat-9/v9.0.0.M27/
- copied from r21710, dev/tomcat/tomcat-9/v9.0.0.M27/
Removed:
dev/tomcat/tomcat-9/v9.0.0.M27/
Updated with Konstantin's feedback.
Further comments, feedback etc welcome.
The Apache Tomcat Team announces that support for Apache Tomcat Native
1.1.x will end on 30 September 2018.
This means that after 30 September 2018:
- releases from the 1.1.x branch are highly unlikely
- bugs
CVE-2017-7674 Apache Tomcat Remote Code Execution via JSP Upload
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 7.0.0 to 7.0.79
Description:
When running on Windows with HTTP PUTs enabled (e.g. via setting the
readonly initialisation parameter of
CVE-2017-7674 Apache Tomcat Information Disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 7.0.0 to 7.0.80
Description:
When using a VirtualDirContext it was possible to bypass security
constraints and/or view the source code of JSPs for
On Wed, Sep 13, 2017 at 5:02 PM, Mark Thomas wrote:
> The proposed Apache Tomcat 8.5.21 release is now available for voting.
>
> The major changes compared to the 8.5.20 release are:
>
> - Additional capabilities for the CGI Servlet. Based on patches provided
> by jm009.
>
> -
Author: markt
Revision: 1804604
Modified property: svn:log
Modified: svn:log at Tue Sep 19 11:01:02 2017
--
--- svn:log (original)
+++ svn:log Tue Sep 19 11:01:02 2017
@@ -3,3 +3,5 @@ Code clean-up
- Correct indent
-
Author: markt
Revision: 1804729
Modified property: svn:log
Modified: svn:log at Tue Sep 19 11:01:39 2017
--
--- svn:log (original)
+++ svn:log Tue Sep 19 11:01:39 2017
@@ -1 +1,4 @@
Correct regression in r1804604 that
Author: markt
Date: Tue Sep 19 10:57:45 2017
New Revision: 1808857
URL: http://svn.apache.org/viewvc?rev=1808857=rev
Log:
Add details for CVE-2017-12615 and CVE-2017-12616
Modified:
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/xdocs/security-7.xml
Modified:
The body of the original advisory referred to CVE-2017-7674. This was
incorrect. It was a copy and paste error from a previous Tomcat advisory.
The correct CVE reference is CVE-2017-12615, as per the subject line.
On 19/09/17 11:58, Mark Thomas wrote:
> CVE-2017-12615 Apache Tomcat Remote Code
The body of the original advisory referred to CVE-2017-7674. This was
incorrect. It was a copy and paste error from a previous Tomcat advisory.
The correct CVE reference is CVE-2017-12616, as per the subject line.
On 19/09/17 11:58, Mark Thomas wrote:
> CVE-2017-7674 Apache Tomcat Information
Hi,
I'm planning to start preparing Tomcat 7/8.0 for a release later today.
If you would like to include something in addition, please reply here.
Regards,
Violeta
Author: csutherl
Date: Tue Sep 19 14:07:02 2017
New Revision: 1808880
URL: http://svn.apache.org/viewvc?rev=1808880=rev
Log:
Update fix for bug 59904 so that values less than zero are accepted instead of
throwing a NegativeArraySizeException.
Modified:
Author: csutherl
Date: Tue Sep 19 14:10:12 2017
New Revision: 1808881
URL: http://svn.apache.org/viewvc?rev=1808881=rev
Log:
Cherry-pick r1808880 from 8.5.x/trunk
Modified:
tomcat/trunk/ (props changed)
tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookies.java
Author: csutherl
Date: Tue Sep 19 14:22:06 2017
New Revision: 1808887
URL: http://svn.apache.org/viewvc?rev=1808887=rev
Log:
Update fix for bug 59904 so that values less than zero are accepted instead of
throwing a NegativeArraySizeException.
Modified:
tomcat/tc7.0.x/trunk/ (props
Author: csutherl
Date: Tue Sep 19 14:17:12 2017
New Revision: 1808884
URL: http://svn.apache.org/viewvc?rev=1808884=rev
Log:
Update fix for bug 59904 so that values less than zero are accepted instead of
throwing a NegativeArraySizeException.
Modified:
tomcat/tc8.0.x/trunk/ (props
2017-09-14 0:02 GMT+03:00 Mark Thomas :
>
> The proposed Apache Tomcat 8.5.21 release is now available for voting.
>
> The major changes compared to the 8.5.20 release are:
>
> - Additional capabilities for the CGI Servlet. Based on patches provided
> by jm009.
>
> - Added
22 matches
Mail list logo