-- Virus Warning Message (on uusnwa0p) --
Found virus WORM_NETSKY.Z in file Part-2.txt
.exe (in Part-2.zip)
The uncleanable file
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30770.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Hi, I've been chasing an inconsistency in the behaviour wrt jsp error page execution.
in this case the error page is evaluated and flushed to the response
html:link forward=boguslink
logic:iterate name=currentLoggers id=logger
in this case the error page is evaluated but is not flushed to the
yoavs 2004/08/20 04:21:04
Modified:webapps/docs index.xml
Log:
Minor typo fix, thanks Jan.
Revision ChangesPath
1.17 +1 -1 jakarta-tomcat-catalina/webapps/docs/index.xml
Index: index.xml
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30771.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30771.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30771.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Hi,
You can't expect a 4.1.31 anytime soon. It's in a maintenance mode
where only Spec violations and security flaws are the things that would
get a new release out. We suggest the same thing we've been suggesting
for a while now, upgrade to 5.x.
Yoav Shapira
Millennium Research Informatics
Costin Manolache wrote:
To make things a bit more interesting, I believe there are some checks
in JDK1.4 to prevent you to override rt.jar classes. That's what
endorsed really does, allow you to bypass those checks.
I don't think we managed to get xerces and jaxp to load from a
classloader
Jess Holle wrote:
Costin Manolache wrote:
To make things a bit more interesting, I believe there are some
checks in JDK1.4 to prevent you to override rt.jar classes. That's
what endorsed really does, allow you to bypass those checks.
I don't think we managed to get xerces and jaxp to load from
Jeanfrancois Arcand wrote:
Jess Holle wrote:
Costin Manolache wrote:
To make things a bit more interesting, I believe there are some
checks in JDK1.4 to prevent you to override rt.jar classes. That's
what endorsed really does, allow you to bypass those checks.
I don't think we managed to get
jfarcand2004/08/20 07:28:38
Modified:catalina/src/share/org/apache/catalina/security Tag:
TOMCAT_5_0 SecurityUtil.java
Log:
Fix for Bugzilla 30602: Subject is not available during the first call to the
servlet which use the basic authentication.
All
jfarcand2004/08/20 07:29:12
Modified:webapps/docs Tag: TOMCAT_5_0 changelog.xml
Log:
Update
Revision ChangesPath
No revision
No revision
1.70.2.3 +3 -0 jakarta-tomcat-catalina/webapps/docs/changelog.xml
Index:
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30602.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Yoav, I haven't RM'd a release yet but if you or another RM-pro
is willing to show me what is involved I might be willing to wear
the hat for 4.1.31. Here is how I understand the process:
- tag and create a release canidate
- email to announce@
- wait 48 hours for show stoppers
- delcare the RC
The offer to do this is great, but I am more than a little curious:
Why would anyone bother with a 4.1.x upgrade at this point? 5.0.27 is
faster, more stable, etc, at this point as best I can tell.
--
Jess Holle
Keith Wannamaker wrote:
Yoav, I haven't RM'd a release yet but if you or another
jfarcand2004/08/20 07:43:17
Modified:catalina/src/share/org/apache/catalina/security
SecurityUtil.java
Log:
Port fix for bug 30602
Revision ChangesPath
1.12 +9 -7
Hi,
The process is already somewhat documented. For example,
http://cvs.apache.org/~yoavs/tomcatReleaseManager.html is my personal
notes, and http://jakarta.apache.org/commons/releases/ is mostly
Jakarta-general, not specific to Commons. It deviates from the process
you posted in that we
Hi Jess, in our case we don't have the resources at this point in
time to certify our product with a completely new code base.
I'm sure different people have different reasons.
Keith
-Original Message-
From: Jess Holle [mailto:[EMAIL PROTECTED]
Sent: Friday, August 20, 2004 10:38 AM
Because a 4.1.x upgrade is not an api change. There is much more testing
involved in upgrading to a new major version than a point release. The
problem is finding the time to review the (possible)effects of 5.x on your
installation and all your applications when you could roll out a point
release
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30774.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Hi Yoav, thanks for the release documentation. Do you mind if I
check this in to jt-4.0? I think it would be very helpful.
I am aware that 5.0 uses significantly different code which is
in itself a good reason for continuing maintenance releases of 4.1.
Backporting patches would be a nice
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30775.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Keith Wannamaker wrote:
Hi Jess, in our case we don't have the resources at this point in
time to certify our product with a completely new code base.
Hmmm... As someone who distributes Tomcat 4.1.x and 5.0.x to a broad
customer base I see Tomcat 5.0.x certification as a 100% necessity for
Cox, Charlie wrote:
Because a 4.1.x upgrade is not an api change. There is much more testing
involved in upgrading to a new major version than a point release. The
problem is finding the time to review the (possible)effects of 5.x on your
installation and all your applications when you could roll
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30775.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Hi,
I agree with Jess, this is the wrong direction in principle. We're
encouraging users to stick with 4.1.x if we do this release.
Normally we have just an informal if everyone is OK with this, I'd like
to push out release X on this day and then a vote on labeling it as
stable. The latter
I've said too much on this already, but if you really need 4.1.x and bug
fixes thereto, then why not take Tomcat 4.1.30 and patch it as necessary
to address bugs of sufficient concern and deliver that to your
customer/user base?
That seems like a better solution for all than a 4.1.31 release.
Shapira, Yoav wrote:
Hi,
I agree with Jess, this is the wrong direction in principle. We're
encouraging users to stick with 4.1.x if we do this release.
Normally we have just an informal if everyone is OK with this, I'd like
to push out release X on this day and then a vote on labeling it as
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30775.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Patching Tomcat 4.1.30 is pretty much what I have done. I spent a lot
of effort getting our installation working in a stable way. And a lot
of that effort was in applying patches similar to the ones that are in
the baseline but have never been released.
As far as moving to Tomcat 5.x, I
Hi,
I propose to apply pending bugzilla 4.1 patches and issue
a 4.1.31 release. The existance of unreleased committed fixes,
unapplied patches, and multiple requests for 4.1.31 on tomcat-dev
clearly represent an interest in a maintenance relase of
4.1.31. I volunteer to be the RM for this
Hi Jeanfrancois, we share enthusiasm but not opinions. I believe
since there are pending 4.1 patches in bugzilla and committed 4.1
fixes then there is clearly an interest in preserving the 4.1
tree in maintenance mode, and that means maintenance releases.
My understanding of the jakarta PMC
Hi,
ballot
The 4.1.31 maintenance release should happen:
[ ] Yes
[ X ] No
/ballot
-1 on this release. Reasons have been stated in detail in the other
thread, but to summarize this branch is no longer maintained and users
should upgrade to 5.x or custom-patch if they have an emergency.
Yoav
I really hate comments like this. I'm glad you have plenty of free time to
upgrade to 5.x. When Tomcat 5.x was released, I was already midstream in
replacing IIS/ASP with Tomcat 4.1 and I'm happy to be able to do just that.
Now we're focusing on business needs and less on upgrading something that
ballot
The 4.1.31 maintenance release should happen:
[X] Yes
[ ] No
/ballot
Just such a thing has been on my mind for a while.
Whilst in an ideal world everyone would migrate to 5.x, I have seen many
organisations prefer to stay on earlier versions of software for a variety of
reasons. I
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30768.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30771.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=29671.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
ballot
The 4.1.31 maintenance release should happen:
[X] Yes
[ ] No
/ballot
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
This message is intended only for the
markt 2004/08/20 11:42:27
Modified:webapps/examples/WEB-INF/classes CookieExample.java
HelloWorldExample.java JndiServlet.java
RequestHeaderExample.java RequestInfoExample.java
RequestParamExample.java
There are some bugs in the examples I want to fix. AFAIK we can fix these but we
can't change any of the API stuff - right? Anyway, how do I go about getting
karma for these packages?
Thanks,
Mark
-
To unsubscribe, e-mail:
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=6218.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Mark,
I can't give you karma, but one thing I recommend is you post the patch
here first so the spec leads can take a look to make sure the previous
specs is not impacted by the changes.
Just recommending.no need to vote ;-)
Thanks
-- Jeanfrancois
Mark Thomas wrote:
There are some bugs in
Hi,
I thought karma for these modules was restricted to members of the
servlet expert group. So we can post patches to Bugzilla and they'll
apply them.
Yoav Shapira
Millennium Research Informatics
-Original Message-
From: Mark Thomas [mailto:[EMAIL PROTECTED]
Sent: Friday, August 20,
Cox, Charlie wrote:
I really hate comments like this. I'm glad you have plenty of free time to
upgrade to 5.x.
Sorry to rankle you, but let's be honest -- if you want to be able to
move forward you have to keep looking ahead. Either your app is so
portable (and likely thus rather simple) that
Remove - There is no user by that name at this server.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Remove - There is no user by that name at this server.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Remove - There is no user by that name at this server.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Remove - There is no user by that name at this server.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Remove - There is no user by that name at this server.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Remove - There is no user by that name at this server.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Remove - There is no user by that name at this server.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Remove - There is no user by that name at this server.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Remove - There is no user by that name at this server.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Remove - There is no user by that name at this server.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30778.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30775.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30778.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
ballot
The 4.1.31 maintenance release should happen:
[ X ] Yes
[ ] No
/ballot
I would benefit directly from many of the fixes.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30780.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30780.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30780.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=11561.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30780.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Its maintained if there is a committer who will apply the patches. Mark has
been very good at doing this.
For large companies - it takes (a lot) time to upgrade versions. I'm still
stuck on 4.0.4 for all of my servers. (Soon to be 5 if all goes well)
Stability is more important than speed and
Hi Zvi,
Thank you for sending the paper. It's interesting, well-researched, and makes
good points. Congratulations on completing it and presumably your PhD soon ;)
I have a few comments:
- In Tomcat, java.security.SecureRandom and not java.util.Random is the default
generator, so as described
hi Michael
Thanks for your suggestion. But after taking a look at opensta, I think it cannot work as my wish.
I hope I can record all traffic on server side, because it is not convinient to deploy
sush system on client side.
Any other suggestion :=)
best wishes,
xudong
billbarker2004/08/20 19:51:37
Modified:http11/src/java/org/apache/coyote/http11
Http11Processor.java
Log:
Check that the browser actually sent a user-agent header before using it.
Fix for Bug #30770
Reported By: Elmar Haneke [EMAIL PROTECTED]
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30770.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
billbarker2004/08/20 21:44:37
Modified:webapps/docs Tag: TOMCAT_5_0 changelog.xml
Log:
Document patch
Revision ChangesPath
No revision
No revision
1.70.2.4 +3 -0 jakarta-tomcat-catalina/webapps/docs/changelog.xml
Index:
I think we long ago agreed not to vote -1 just because you want somebody
to work on a different codebase :-)
If Keith has an itch in 4.1 branch - and if he can find 2 more +1 votes,
than it's his right to have a release, and the 4.1 branch will become
maintained. A branch is maintained if
72 matches
Mail list logo