flex-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cd...@apache.org
Subject [24/51] [partial] flex-blazeds git commit: - Moved old stuff to an "attic" directory - Changed the directory structure to comply to a default maven directory structure
Date Tue, 04 Aug 2015 10:06:58 GMT
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/5be16a28/attic/servers/apache-tomcat-6.0.29/webapps/docs/changelog.html
----------------------------------------------------------------------
diff --git a/attic/servers/apache-tomcat-6.0.29/webapps/docs/changelog.html b/attic/servers/apache-tomcat-6.0.29/webapps/docs/changelog.html
new file mode 100644
index 0000000..35013b6
--- /dev/null
+++ b/attic/servers/apache-tomcat-6.0.29/webapps/docs/changelog.html
@@ -0,0 +1,4054 @@
+<html><head><META http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>Apache Tomcat 6.0 - Changelog</title><meta content="Remy Maucherat" name="author"><meta content="Yoav Shapira" name="author"><meta content="Filip Hanik" name="author"><meta content="Rainer Jung" name="author"><meta content="Peter Rossbach" name="author"><meta content="Konstantin Kolinko" name="author"><meta content="Jean-Frederic Clere" name="author"><meta content="Keiichi Fujino" name="author"><style media="print" type="text/css">
+			.noPrint {display: none;}
+			td#mainBody {width: 100%;}
+		</style></head><body vlink="#525D76" alink="#525D76" link="#525D76" text="#000000" bgcolor="#ffffff"><table cellspacing="0" width="100%" border="0"><!--PAGE HEADER--><tr><td><!--PROJECT LOGO--><a href="http://tomcat.apache.org/"><img border="0" alt="
+      The Apache Tomcat Servlet/JSP Container
+    " align="right" src="./images/tomcat.gif"></a></td><td><h1><font face="arial,helvetica,sanserif">Apache Tomcat 6.0</font></h1></td><td><!--APACHE LOGO--><a href="http://www.apache.org/"><img border="0" alt="Apache Logo" align="right" src="./images/asf-logo.gif"></a></td></tr></table><table cellspacing="4" width="100%" border="0"><!--HEADER SEPARATOR--><tr><td colspan="2"><hr size="1" noshade></td></tr><tr><!--LEFT SIDE NAVIGATION--><td class="noPrint" nowrap valign="top" width="20%"><p><strong>Links</strong></p><ul><li><a href="index.html">Docs Home</a></li><li><a href="http://wiki.apache.org/tomcat/FAQ">FAQ</a></li></ul><p><strong>User Guide</strong></p><ul><li><a href="introduction.html">1) Introduction</a></li><li><a href="setup.html">2) Setup</a></li><li><a href="appdev/index.html">3) First webapp</a></li><li><a href="deployer-howto.html">4) Deployer</a></li><li><a href="manager-howto.html">5) Manager</a></li><li><a href="realm-howto.html">6) Realms and AAA</a></li><li><a hr
 ef="security-manager-howto.html">7) Security Manager</a></li><li><a href="jndi-resources-howto.html">8) JNDI Resources</a></li><li><a href="jndi-datasource-examples-howto.html">9) JDBC DataSources</a></li><li><a href="class-loader-howto.html">10) Classloading</a></li><li><a href="jasper-howto.html">11) JSPs</a></li><li><a href="ssl-howto.html">12) SSL</a></li><li><a href="ssi-howto.html">13) SSI</a></li><li><a href="cgi-howto.html">14) CGI</a></li><li><a href="proxy-howto.html">15) Proxy Support</a></li><li><a href="mbeans-descriptor-howto.html">16) MBean Descriptor</a></li><li><a href="default-servlet.html">17) Default Servlet</a></li><li><a href="cluster-howto.html">18) Clustering</a></li><li><a href="balancer-howto.html">19) Load Balancer</a></li><li><a href="connectors.html">20) Connectors</a></li><li><a href="monitoring.html">21) Monitoring and Management</a></li><li><a href="logging.html">22) Logging</a></li><li><a href="apr.html">23) APR/Native</a></li><li><a href="virtual-ho
 sting-howto.html">24) Virtual Hosting</a></li><li><a href="aio.html">25) Advanced IO</a></li><li><a href="extras.html">26) Additional Components</a></li><li><a href="maven-jars.html">27) Mavenized</a></li></ul><p><strong>Reference</strong></p><ul><li><a href="RELEASE-NOTES.txt">Release Notes</a></li><li><a href="config/index.html">Configuration</a></li><li><a href="api/index.html">Javadocs</a></li><li><a href="http://tomcat.apache.org/connectors-doc/">JK 1.2 Documentation</a></li></ul><p><strong>Apache Tomcat Development</strong></p><ul><li><a href="building.html">Building</a></li><li><a href="changelog.html">Changelog</a></li><li><a href="http://wiki.apache.org/tomcat/TomcatVersions">Status</a></li><li><a href="developers.html">Developers</a></li><li><a href="architecture/index.html">Architecture</a></li><li><a href="funcspecs/index.html">Functional Specs.</a></li></ul></td><!--RIGHT SIDE MAIN BODY--><td id="mainBody" align="left" valign="top" width="80%"><h1>Apache Tomcat 6.0</h1>
 <h2>Changelog</h2><table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.29 (jfclere)"><!--()--></a><a name="Tomcat_6.0.29_(jfclere)"><strong>Tomcat 6.0.29 (jfclere)</strong></a></font></td></tr><tr><td><blockquote>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.29 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.29_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48960">48960</a>: Add a new option to the SSI Servlet and SSI Filter to
+        allow the disabling of the <code>exec</code> command. This is now
+        disabled by default. Based on a patch by Yair Lenga. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49551">49551</a>: Allow default context.xml location to be specified
+        using an absolute path. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49598">49598</a>: When session is changed and the session cookie is
+        replaced, ensure that the new Set-Cookie header overwrites the old
+        Set-Cookie header. (markt) 
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Fix order when listing Webapp loader search URLs. (rjung)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Add support for <code>*.jar</code> pattern in VirtualWebappLoader.
+        (kkolinko)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+</blockquote></td></tr></table><table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.28 (jfclere)"><!--()--></a><a name="Tomcat_6.0.28_(jfclere)"><strong>Tomcat 6.0.28 (jfclere)</strong></a></font></td><td bgcolor="#525D76" align="right"><font face="arial,helvetica.sanserif" color="#ffffff"><strong>released 2010-07-09</strong></font></td></tr><tr><td colspan="2"><blockquote>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.28 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.28_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>Arrange filter logic. (jfclere)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49230">49230</a>: Enhance JRE leak prevention listener with protection
+        for the keep-alive thread started by
+        <code>sun.net.www.http.HttpClient</code>. Patch provided by Rob Kooper.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49351">49351</a>: Fix possible NPe when embedding and no name is
+        specified for the Service. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49424">49424</a>: Avoid NPE if client provides no data with a chunked
+        POST request. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49414">49414</a>: Differentiate between request threads and application
+        created threads when warning about still running threads when an
+        application stops. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49443">49443</a>: Use remoteIpHeader rather than remoteIPHeader
+        consistently. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Add property <code>searchExternalFirst</code> to WebappLoader.
+        If set, the external repositories will be searched before
+        the WEB-INF ones. (rjung)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.28 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.28_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49445">49445</a>: When session ID is changed after authentication,
+        ensure the DeltaManager replicates the change in ID to the other nodes
+        in the cluster. (kfujino)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.28 (jfclere)/Webapps"><!--()--></a><a name="Tomcat_6.0.28_(jfclere)/Webapps"><strong>Webapps</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49213">49213</a>: Grant permissions required by manager application when
+        running under a security manager. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49436">49436</a>: Correct documented default for readonly attribute of
+        the UserDatabase component. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+</blockquote></td></tr></table><table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.27 (jfclere)"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)"><strong>Tomcat 6.0.27 (jfclere)</strong></a></font></td><td bgcolor="#525D76" align="right"><font face="arial,helvetica.sanserif" color="#ffffff"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.27 (jfclere)/General"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Update DBCP to 1.3. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.27 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Fix CVE-2010-1157. Prevent possible disclosure of host name or IP
+        address via the HTTP WWW-Authenticate header when using BASIC or DIGEST
+        authentication. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Include context name when reporting memory leaks to aid root cause
+        identification. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Improve exception handling on session de-serialization to assist in
+        identifying the root cause of <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48007">48007</a>. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48379">48379</a>: Make session cookie name, domain and path configurable
+        per context. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48589">48589</a>: Make JNDIRealm easier to extend. Based on a patch by
+        Candid Dauth. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48629">48629</a>: Allow user names as well as DNs to be used with the
+        nested role search. Add roleNested to the documentation. Patch provided
+        by Felix Schumacher. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48661">48661</a>: Make error page behavior consistent, regardless of how
+        the error page is defined. If a response has been committed, always
+        include the error page. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48729">48729</a>: Return roles defined by both userRoleName and roleName
+        mechanisms. Patch provided by 'eric'. Also make user's role list
+        immutable.(markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48760">48760</a>: Fix potential multi-threading issue in static resource
+        serving where multiple threads could try to use the the same
+        InputStream. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48790">48790</a>: Fix thread safety issue in the count of the maximum
+        number of active session. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48793">48793</a>: Make catalina.sh more robust to different return
+        values on different platforms. Patch provided by Thomas GL. (markt)
+      </td></tr>
+       <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48840">48840</a>: Swallow output (if any) from use of cd when determining
+        $CATALINA_HOME in catalina.sh and tool-wrapper.sh scripts. Based on patch
+        provided by mdietze. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48895">48895</a>: Make clearing of ThreadLocals that are causing memory
+        leaks on web application stop, reload or undeploy configurable since the
+        process of clearing them is not thread-safe. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48903">48903</a>: Fix deadlock in webapp class loader. (rjung)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48971">48971</a>: Make stopping of leaking Timer threads optional and
+        disabled by default. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48976">48976</a>: Document JAVA_ENDORSED_DIRS in start-up scripts. Patch
+        provided by Laurent Vaills. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48983">48983</a>: Improve debug logging for situations when
+        <code>RemoteIpValve</code> is bypassed. Patch provided by Cyrille Le
+        Clerc. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49018">49018</a>: Fix processing of time argument in the Expire sessions 
+        action in the Manager web application. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49116">49116</a>: If session is already invalid, expire session to 
+        prevent memory leak. (kfujino)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49158">49158</a>: Ensure only one session cookie is returned for a
+        single request. (markt/fhanik)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49245">49245</a>: Fix session expiration check in cross-context
+        requests. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49398">49398</a>: ByteChunk.indexOf(String, int, int, int) could not
+        find a string of length 1. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Fix possible overflows when calculating session statistics. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Log unexpected exceptions when providing access to web application
+        resources in ApplicationContext. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Improve exception handling in CatalinaShutdownHook. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Expose properties of VirtualWebappLoader and WebappClassLoader via JMX.
+        (rjung)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.27 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48839">48839</a>: Correctly handle HTTP header folding in the NIO
+        connector. Patch suggested by Richa Baronia. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48843">48843</a>: Prevent possible deadlock for worker allocation in
+        connectors. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48843">48843</a>: Fix handling of add queues in AprEndpoint.Poller and
+        AprEndpoint.Sendfile. Do not miss wakeups. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48862">48862</a>: Add support for the backlog parameter to the AJP
+        connector. (pero/markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48917">48917</a>: Correct name of mod_jk module in ApacheConfig. Patch
+        provided by Todd Hicks. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49095">49095</a>: AprEndpoint did not wakeup acceptors during shutdown
+        when deferAccept option was enabled. Based on a patch provided by
+        Ruediger Pluem. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Use chunked encoding for http 1.1 requests with no content-length
+        (regardless of keep-alive) so client can differentiate between complete
+        and partial responses. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Correct the SSL session timeout attribute name so the code agrees with
+        the documentation. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        CoyotePrincipal now implements Serializable. (fhanik)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Enable the BIO AJP connector to run under a security manager. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.27 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45015">45015</a>: Correct a regression in quote handling caused by the
+        re-factoring of attribute parsing. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48701">48701</a>: Add a system property to allow disabling enforcement
+        of JSP.5.3. The specification recommends, but does not require, this
+        enforcement. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48737">48737</a>: Don't assume paths that start with /META-INF/... are
+        always in JARs. This is not true for some IDEs. Patch provided by
+        Fabrizio Giustina. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49081">49081</a>: Correctly handle EL expressions of the form #${...}.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49196">49196</a>: Avoid NullPointerException in PageContext.getErrorData()
+        if an error-handling JSP page is called directly. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.27 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48717">48717</a>: When a node joins a cluster and it receives all the
+        current sessions, ensure the sessionCreated event is fired if the
+        Manager is configured to replicate session events. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48934">48934</a>: Previous fix to handle dropped connections incorrectly
+        permanently disabled session replication. (fhanik)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49051">49051</a>: memberAlive is not called if member has not already 
+        existed in membership. (kfujino)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49151">49151</a>: Avoid ClassCastException in BackupManager#stop. 
+        (kfujino)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49170">49170</a>: Do not send duplicated session. (kfujino)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Add missing messages and ensure cluster listeners log messages to
+        correct logger. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.27 (jfclere)/Webapps"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Webapps"><strong>Webapps</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Use underscores instead of spaces in anchor names in Tomcat
+        documentation. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Add support for displaying the Spring Security user name (if present) in
+        the Manager application. (markt)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Improve the ChatServlet <a href="aio.html">Comet</a> example
+        (/examples/jsp/chat/). (kkolinko)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.27 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>Update to Commons Daemon 1.0.2. Use service launcher (procrun)
+      from the Commons Daemon release. Do not keep a copy of it in our source
+      tree. (mturk/kkolinko)</td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Update to NSIS 2.46. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48990">48990</a>: Fix the <code>skip.installer</code> build property
+        so if set, only the Windows installer is skipped. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49178">49178</a>: Provide in catalina.policy an example of additional
+        permissions that might be needed for code located in
+        <code>$CATALINA_BASE/lib</code>. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49236">49236</a>: Do not use indexing when packing Tomcat JARs.
+        (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Remove unused code from org.apache.tomcat.util.buf classes. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Rearrange tomcat-juli.jar permissions and wrap long lines in the
+        <code>conf/catalina.policy</code> file, to make the text more readable
+        when cited in documentation. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Do not evaluate the <code>execute.installer</code> property when building
+        a release. The <code>skip.installer</code> property is used instead.
+        (kkolinko)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+</blockquote></td></tr></table><table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.26 (jfclere)"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)"><strong>Tomcat 6.0.26 (jfclere)</strong></a></font></td><td bgcolor="#525D76" align="right"><font face="arial,helvetica.sanserif" color="#ffffff"><strong>released 2010-03-11</strong></font></td></tr><tr><td colspan="2"><blockquote>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.26 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Close security hole in unreleased 6.0.25 by ensuring new find leaks
+        functionality is protected by a security constraint. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48831">48831</a>: Improve logging shutdown behaviour. Use Catalina's
+        shutdown hook to shutdown JULI. This enables them to be shutdown in the
+        correct order. Do not shutdown global handlers several times.
+        (markt/kkolinko)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.26 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48584">48584</a>: Prevent the APR connector logging an error if the
+        acceptor fails during shutdown since this is expected. (mturk) 
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48660">48660</a>: Using compression should not overwrite any Vary header
+        set by a web application. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.26 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48371">48371</a>: Ensure generated servlet mappings are inserted at the
+        correct location when using JspC and allow the option that controls this
+        to be configured on the command line. Also allow the encoding of web.xml
+        to be configured when using JspC and deprecate some unused JspC methods.
+        (markt/kkolinko) 
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48498">48498</a>: Avoid ArrayIndexOutOfBoundsException triggered by a
+        Java 6/7 XML parser bug. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48668">48668</a>: Additional fixes to ensure deferred syntax is handled
+        correctly. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48827">48827</a>: Correct a regression in the fix for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47977">47977</a>
+        that caused an incorrect non-empty body error to be reported for valid
+        JSP documents. (markt) 
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.26 (jfclere)/Webapps"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)/Webapps"><strong>Webapps</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Make changelog.xml be directly rendered as HTML by certain browsers.
+        (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Add support for automated generation of TOC tables and for links to svn
+        revisions to tomcat-docs.xsl in documentation. (kkolinko/fhanik)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Move Manager application JSPs that are not intended to be accessed
+        directly under the WEB-INF directory. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Improve the messages displayed by the find leaks diagnostic in the
+        Manager application. (kkolinko)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.26 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Encode all property files using ascii escaped UTF-8. Also fixes
+        deployment problem when using French locale. (jfclere/rjung)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+</blockquote></td></tr></table><table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.25 (jfclere)"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)"><strong>Tomcat 6.0.25 (jfclere)</strong></a></font></td><td bgcolor="#525D76" align="right"><font face="arial,helvetica.sanserif" color="#ffffff"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.25 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48039">48039</a>: Return immediately if start() is called on an already
+        started StandardService. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48109">48109</a>: Ensure InputStream is closed on error condition in web
+        application class loader. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48179">48179</a>: Clean up dead code that was used to read tldCache
+        file. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48318">48318</a>: Handle case where WebDAV resource is in directory
+        listing but is not accessible. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48384">48384</a>: Add a per context xslt option for directory listings.
+        Make the fallback options work as described in the documentation.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48577">48577</a>: Filter URL when displaying missing included page.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48612">48612</a>: Prevent exception on shutdown if the address attribute
+        is specified for a connector. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48613">48613</a>: Further fixes to ensure APRLifecycleListener is only
+        used if defined in server.xml. (fhanik)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48614">48614</a>: Correct JULI log file buffering so default behaviour
+        is no buffering. (fhanik)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48625">48625</a>: Provide an option to exit if an error occurs during
+        the initialization phase. (fhanik)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48645">48645</a>: Use specified encoding rather than null in calls to
+        <code>RequestUtil.URLDecode(byte[] bytes, String enc)</code> (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48653">48653</a>: Force request.secure and request.scheme to
+        <code>false</code> and <code>http</code> if the X-Forwarded-Proto header
+        has the value http. Patch provided by Cyrille Le Clerc. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48678">48678</a>: Remove duplicate server field from
+        <code>org.apache.catalina.startup.Catalina</code>. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48694">48694</a>: Remove potential deadlock in web application class
+        loader. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48716">48716</a>: Provide additional configuration options for JULI.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48726">48726</a>: Prevent OOME when uploading large WAR files with the
+        deployer. Patch provided by adam. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Improve memory leak protection by safely stopping threads started via
+        <code>java.util.Timer</code> that an application starts but fails to
+        stop and by clearing references retained due to the use of
+        <code>java.util.ResourceBundle</code>. (markt)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Modify ThreadLocal memory leak detection to not report false positives
+        and to simplify implementation. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Basic memory leak detection was added to the standard Host
+        implementation and exposed via JMX to detect memory leaks on web
+        application reload. (markt/kkolinko)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.25 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Update the native/APR library version bundled with Tomcat to 1.1.20.
+        (kkolinko)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.25 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Add some debug logging to the compiler where exceptions were previously
+        swallowed. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48170">48170</a>: Remove unnecessary synchronization that is causing
+        issues under load. (markt) 
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48580">48580</a>: Prevent AccessControlException if first access is to a
+        JSP that uses a FunctionMapper. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48582">48582</a>: Avoid NPE on background compilation failure. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48616">48616</a>: Don't declare or synchronize scripting variables for
+        JSP fragments since they are scriptless. This is an alternative fix for
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42390">42390</a> that avoids both the original problem and the
+        regression in the first fix. (kkolinko) 
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48627">48627</a>: Fix regression in re-factored EL parsing. Keep
+        literals as literals and handle deferredSyntaxAllowedAsLiteral.
+        (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48668">48668</a>: When parsing JSPs only parse EL as EL if EL is enabled
+        else strings such as ${ will be silently dropped. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Various EL TCK failures. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.25 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Force a disconnect if an error occurs during replication such as
+        a firewall dropping the connection. (fhanik)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.25 (jfclere)/Webapps"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Webapps"><strong>Webapps</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Add new "Find leaks" command to the Manager application. It allows to
+        detect web applications that have caused memory leaks on stop,
+        reload or undeploy. (markt/kkolinko)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.25 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Ensure files in conf directory have CRLF line endings when using the
+        Windows installer. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Allow special characters recognized by the Windows command-line shell to
+        be present in the names of CATALINA_HOME/_BASE and the current directory
+        used to call the Tomcat scripts. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Don't use @Deprecated annotations in
+        <code>javax.servlet.jsp.JspContext</code> since the specification does
+        not include them in the API definition. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Improve the information in the JAR manifest files. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+</blockquote></td></tr></table><table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.24 (jfclere)"><!--()--></a><a name="Tomcat_6.0.24_(jfclere)"><strong>Tomcat 6.0.24 (jfclere)</strong></a></font></td><td bgcolor="#525D76" align="right"><font face="arial,helvetica.sanserif" color="#ffffff"><strong>released 2010-01-21</strong></font></td></tr><tr><td colspan="2"><blockquote>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.24 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.24_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Correct TCK failures with security manager caused by the original fix
+        for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47774">47774</a>. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.24 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.24_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Remove broken link in README.html. (jfclere)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Add <code>.notice</code> files to the set of files that have their line
+        endings changed. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <code>.zip</code> distributions should have windows line endings.
+        (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+</blockquote></td></tr></table><table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.23 (jfclere)"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)"><strong>Tomcat 6.0.23 (jfclere)</strong></a></font></td><td bgcolor="#525D76" align="right"><font face="arial,helvetica.sanserif" color="#ffffff"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.23 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47774">47774</a>: Ensure web application class loader is used when
+        calling session listeners. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48006">48006</a>: Add additional information to the optional
+        X-Powered-By header to align with the content suggested in the Servlet
+        specification. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48345">48345</a>: Sessions timed out too early when using
+        PersistentManager. Patch provided by Keiichi Fujino. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48398">48398</a>: Make objects used as locks final to ensure correct
+        operation. Patch provided by sebb. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48417">48417</a>: Update French translations. Patch provided by Andr&eacute;
+        Warnier. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48421">48421</a>: Fix file descriptor and potential memory leak when a
+        web application uses a local logging.properties file. Allow a web
+        applciation's log files to be deleted once the web application has been
+        stopped. (markt) 
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48454">48454</a>: Ensure stderr is completely read before terminating
+        the CGI process. Patch provided by Markus Grieder. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48516">48516</a>: Prevent NPE in JNDIRealm if requested user does not
+        exist. Patch provided by Kevin Conaway. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Fix implementation of log buffer size and provide a cleaner interface.
+        (fhanik/kkolinko)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.23 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Update version of native bundled in Windows installer to 1.1.19. (mturk)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Update recommended version for native to 1.1.19. (rjung)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48004">48004</a>: All web applications to set the http
+        <code>Server</code> header. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48470">48470</a>: Ensure Tomcat does not lock up if shut down under
+        load. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.23 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+  <table cellspacing="2" cellpadding="2" border="0">
+    <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+      <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47977">47977</a>: Using a body with a tag that has an empty body should
+      cause an error. (markt)
+    </td></tr>
+    <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+      <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48112">48112</a>: Correct handling of } character in literals when parsing
+      expressions. This also improves the fix for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47413">47413</a>. (markt)
+    </td></tr>
+  </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.23 (jfclere)/Webapps"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)/Webapps"><strong>Webapps</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48530">48530</a>: Add information on the Manager Server Status page to
+        the Manager How-To in the documentation webapp. Based on a patch by
+        Arnaud Espy. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48532">48532</a>: Add information to the BIO/NIO SSL configuration page
+        in the documentation web application to specify how the defaults for the
+        various trust store attributes are determined. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.23 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Remove hard coded version numbers and instead apply version filter
+        already defined in ant scripts. (rjung)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47609">47609</a>: Correct regression in previous fix. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48464">48464</a>: Provide an option to specify the command window title
+        in catalina.bat on Windows. Patch provided by LiuYan. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Add some missing deprecation markers for
+        <code>javax.servlet.jsp.JspContext</code>. (markt/kkolinko)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+</blockquote></td></tr></table><table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.22 (jfclere)"><!--()--></a><a name="Tomcat_6.0.22_(jfclere)"><strong>Tomcat 6.0.22 (jfclere)</strong></a></font></td><td bgcolor="#525D76" align="right"><font face="arial,helvetica.sanserif" color="#ffffff"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.22 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.22_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Log errors if a web application starts a thread but fails to stop the
+        thread when the web application stops or is reloaded. Failure to stop a
+        thread is very likely to result in a memory leak. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Provide an option to stop any threads a web application starts but fails
+        to stop when the web application stops or is reloaded. Using this option
+        is very likely to result in instability and should be viewed as a last
+        resort in development and is not recommended at all in production.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Log errors if a web application creates a ThreadLocal but fails to clear
+        it when the web application stops or is reloaded. Failure to clear a
+        ThreadLocal is very likely to result in a memory leak. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Clear any unintentional references remaining in
+        <code>sun.rmi.transport.Target</code> when the web application stops or
+        is reloaded. Failure to clear these is very likely to result in a memory
+        leak. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.22 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.22_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Remove unneeded line from the method that normalizes decodedURI.
+        (kkolinko)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.22 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.22_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Correct MD5 generation in the build process. (jfclere/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47609">47609</a>: Provide fail-safe EOL conversion for build process.
+        Based on patches by sebb/kkolinko. (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+</blockquote></td></tr></table><table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#525D76"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.21 (jfclere)"><!--()--></a><a name="Tomcat_6.0.21_(jfclere)"><strong>Tomcat 6.0.21 (jfclere)</strong></a></font></td><td bgcolor="#525D76" align="right"><font face="arial,helvetica.sanserif" color="#ffffff"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.21 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.21_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Fix issues with expression language when running under a
+        SecurityManager. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Remove duplicate mime-mapping entries in web.xml. Re-order entries
+        alphabetically to make it easier to identify duplicates. (markt) 
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Use a more sensible default (webapps) for a Host's appBase.
+        (markt/idarwin)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37794">37794</a>: Support the parsing of parameters from chunked POSTs.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37984">37984</a>: Strip {MD5} as well as {SHA} if present in digest
+        passwords in LDAP directories. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38352">38352</a>: Allow JSPs to write to the directory defined by
+        <code>javax.servlet.context.tempdir</code> when running under a security
+        manager. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39231">39231</a>: Call LoginContext.logout() when using JAAS realm and
+        session expires. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40380">40380</a>: Fix potential synchronization issue in
+        StandardSession.expire(). (markt) 
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41059">41059</a>: Reduce chances of errors when ENABLE_CLEAR_REFERENCES
+        is used. Patch provided by Curt Arnold. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43343">43343</a>: Fix additional concurrency issues identified with the
+        persistent session manager. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44041">44041</a>: Fix threading issue in WebappClassLoader that can lead
+        to duplicate class definition under high load. (markt/fhanik)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44943">44943</a>: Use the same engine name in server.xml comments to
+        reduce copy and pastes issues. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45255">45255</a>: Provide protection against session fixation by
+        changing session ID automatically on authentication. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45403">45403</a>: Add additional checks on web application deployment
+        and do not swallow IO errors. (kkolinko) 
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45785">45785</a>: Additional fix required for the extension validator.
+        Based on a patch by Rolf Wojtech. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46908">46908</a>: Try and support java encoding names when using an xml
+        parser provided via the endorsed mechanism. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46967">46967</a>: Better handling of errors when trying to use
+        Manager.randomFile. Based on a patch by Kirk Wolf. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47046">47046</a>: Unregister all MBeans, including when non-default
+        engine names are used. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Use native2ascii to ensure non-ASCII characters in property files are
+        handled correctly in all circumstances. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47050">47050</a>: Remove unnecessary filtering of error messages.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47080">47080</a>: Fix NPE in RealmBase when uri is null. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47158">47158</a>: Fix some thread safety issues in the AccessLogValve.
+        (markt) 
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47228">47228</a>: Correct French translations. Patch provided by sebb.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47299">47299</a>: Simplify code and make embedding easier. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47316">47316</a>: Allow different values for Service name and Engine
+        name. This corrects a regression introduced by the fix for
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42707">42707</a>. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47343">47343</a>: Editing context.xml for a directory should not delete
+        the directory. This was a regression caused by the fix for
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42747">42747</a>. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47364">47364</a>: Improve Javadoc for
+        org.apache.catalina.connector.Request.getAttributeNames() to include
+        information on the handling of Tomcat's internal request attributes.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47451">47451</a>: Don't throw an NPE if the various response.setHeader()
+        methods are called with null header name, zero length header name or
+        null value. Silently ignore the calls in the same way they are ignored
+        if the response has already been committed. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47462">47462</a>: Allow individual web applications to override metadata
+        complete if set in the global web.xml. Patch provided by Keiichi Fujino.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47495">47495</a>: Provide a more meaningful error message is server.xml
+        is not readable and exit immediately if a server cannot be created.
+        (funkman/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47518">47518</a>: Correct reference in Valve Javadoc that referred to an
+        old method. Patch provided by Christopher Schultz. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47537">47537</a>: Return an error page rather than a zero length 200
+        response if the forward to the login or error page fails during FORM
+        authentication. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47718">47718</a>: Fix file descriptor leak on context stop/reload. Patch
+        provided by George Sexton. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47796">47796</a>: Fix OpenEJB integration. Reset annotation processor on
+        context stop. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47826">47826</a>: Correct error in debug message in
+        org.apache.catalina.Bootstrap (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47836">47836</a>: Clear cached TLD information on context reload.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47841">47841</a>: When using the CombinedRealm, if one of the nested
+        Realms fails to start, skip that Realm rather than preventing the
+        CombinedRealm from starting. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47881">47881</a>: Fix processing of startd and stopd arguments. Patch
+        provided by Qingyang Xu. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47918">47918</a>: Correct mbean descriptors for the host deployer. Patch
+        provided by Uwe G&uuml;nther. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47930">47930</a>: Fix thread safety issues on session swap-in in the
+        persistent session manager. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47976">47976</a>: Correct usage message and Javadoc for
+        <code>org.apache.catalina.startup.Catalina</code>. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47997">47997</a>: Ensure the NamingContextListener applies to all naming
+        contexts, not just the global one. Patch provided by Michael Allman.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48049">48049</a>: Fix copy and paste error so
+        <code>NamingContext.destroySubContext()</code> works correctly.
+        Patch provided by gingyang.xu (markt)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48097">48097</a>: Make WebappClassLoader to do not swallow
+        AccessControlException. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48097">48097</a>: Avoid throwing an AccessControlException which can
+        lead to a NoClassDefFoundError on first access of first jsp.
+        (kkolinko/markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48257">48257</a>: Correct error in Spanish translations. Patch provided
+        by Guillermo Guti&eacute;rrez. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48306">48306</a>, <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48307">48307</a>: Correct French translations. Patches
+        provided by Marc Paquette. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48322">48322</a>: Single quote characters are not HTTP separators and
+        should not be treated as such in the cookie handling. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48413">48413</a>: Correct some French translations. Patch provided by
+        Andr&eacute; Warnier. (markt)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Deprecate the <code>caseSensitive</code> option on the
+        <code>StandardContext</code> which will be removed in Tomcat 7 onwards.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Log deployments consistently for WAR, directory and descriptor
+        deployments. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Better logging for parameter decoding issues to help identify broken
+        requests. (markt) 
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Update Apache Commons Pool from 1.4 to 1.5.4. This update includes
+        various fixes to prevent deadlocks, reduces synchronization and makes
+        object allocation occur fairly - i.e. objects are allocated to threads
+        in the order that the threads request them. This update fixes a number
+        of issues in Tomcat's built-in copy of DBCP. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Allow log file encoding to be configured for JULI FileHandler. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Provide debug logging for JNDI lookups. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Correct JDBC driver de-registration on web application stop and fix NPE
+        that is exposed by the fix. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Ensure JDBC driver de-registration works with a security manager.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48214">48214</a>: Ensure JDBC driver de-registration is not too zealous.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Various JNDI realm improvements for Active Directory. These include the
+        ability to specify a default role, optional handling for nested roles
+        and an option to ignore PartialResultExceptions (markt). 
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Expose Servlet Filters via JMX. Based on a patch by Xie Xiaodong as part
+        of GSOC2009. (markt)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Tomcat now uses the Platform MBean server by default so all MBeans
+        registered by Tomcat will be exposed via JMX (eg via JConsole) without
+        requiring any additional configuration. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        The JMX Remote Lifecycle Listener allows the ports used by JMX to be
+        fixed, making it easier to configure firewalls to all JMX traffic to
+        pass through. Part of the extras package. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Make context deployment error message for fixDocBase() more meaningful.
+        (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Add an additional permission required by JULI when running under newer
+        JDKs and a security manager. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Remove unnecessary reference to tomcat-coyote.jar from the bootstrap JAR
+        manifest. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Use correct method to create URLs in VirtualWebappLoader. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Provide a new listener to protect against a memory leak caused by a
+        change in the Sun JRE from version 1.6.0_15 onwards. Also include
+        protection against locked JAR files, memory leaks triggered by
+        XML parsing and the GC Daemon. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Don't swallow exceptions in ApplicationContextFacade.doPrivileged()
+        (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Close resource stream in WebappClassLoader after read error. (pero)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Include attribute name into the text of Non-serializable exception
+        that might be thrown by Session.setAttribute() in distributable
+        applications. (mturk)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Add RemoteIpValve, a port of mod_remoteip. Patch provided by Cyrille Le
+        Clerc. (markt)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Allow per instance configuration of JULI or log4j for core Tomcat
+        logging when using CATALINA_BASE. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Prevent NPE in JULI during shutdown when resources try to log messages
+        after JULI has been shutdown. (fhanik/kkolinko) 
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Make the JULI FileHandler easier to extend. (fhanik)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Make buffer size for FileHandler configurable. (fhanik)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Make JULI FileHandler thread safe. (fhanik)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Provide an option to disable buffering in the JULI FileHandler.
+        (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Ensure log messages are not lost on shutdown. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44679">44679</a>: Provide an option to allow the equals character in
+        unquoted cookie values. (markt)
+      </td></tr>
+      <tr><td><img src="./images/add.gif" class="icon" alt="add"></td><td>
+        Add support for a connectionTimeout parameter to the JNDIRealm. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Various (un)deployment related improvements including better handling of
+        failed (un)deployment, additional checking for valid zip entries that
+        don't make sense in a WAR and improved validation of WAR file names.
+        (markt)
+      </td></tr>
+    </table>
+  </blockquote></td></tr></table>
+  <table cellpadding="2" cellspacing="0" border="0"><tr><td bgcolor="#828DA6"><font face="arial,helvetica.sanserif" color="#ffffff"><a name="Tomcat 6.0.21 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.21_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+    <table cellspacing="2" cellpadding="2" border="0">
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>Implement <code>socket.unlockTimeout</code> attribute for NIO connector.</td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Update version of native bundled in Windows installer
+        to 1.1.18. (kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>
+        Update minimum required version for native to 1.1.17. (rjung)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46950">46950</a>: Fix doing SSL renegotiation when a resource with CLIENT-CERT
+        auth is requested. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Align tcnative native and Java method names. (rjung)
+      </td></tr>
+      <tr><td><img src="./images/update.gif" class="icon" alt="update"></td><td>Dont report thread count from connector if an external executor is used.</td></tr> 
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39637">39637</a>: Enable the AJP connectors to correctly handle client
+        certificate chains. Patch by Patrik Schnellmann. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46985">46985</a>: Clean up code and remove impossible condition.
+        (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47225">47225</a>: Fix error in calculation of a buffer length in the
+        mapper. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47320">47320</a>: Don't rely on the platform default encoding being
+        suitable to parse the session ID. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47499">47499</a>: Don't swallow bind exceptions. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47744">47744</a>: Prevent a medium term memory leak if using SSl with
+        the JSSE provider and also using a security manager. Based on a patch by
+        Greg Vanore. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47963">47963</a>: Ensure that any HTTP status messages are compliant
+        with RFC2616. (markt/kkolinko)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47987">47987</a>: Limit size of not found resources cache. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48009">48009</a>: Protect against the situation where editing a
+        context.xml file may result in the file disappearing for a very short
+        time. (markt)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Use correct connector attribute (SSLEnabled) rather than secure to
+        determine if SSL should be used. (fhanik)
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" class="icon" alt="fix"></td><td>
+        Provide a workaround for CVE-2009-3555, the TLS renegotiation issue, for
+        the default Blocking IO Java connector.
+      </td></tr>
+      <tr><td><img src="./images/fix.gif" clas

<TRUNCATED>

Mime
View raw message