tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Rees" <dree...@gmail.com>
Subject Re: [VOTE] Release build 5.5.27
Date Wed, 03 Sep 2008 00:14:52 GMT
On Tue, Sep 2, 2008 at 12:01 PM, George Sexton <gsexton@mhsoftware.com> wrote:
> To have a build that breaks an application because the container is
> violating security policy looking for a non-existent file is just not
> acceptable.
>
> In order for me to use this build I would have to install the patch, and
> recompile to have a working installation. This is what I'm doing right now
> to run 5.5.26.

I'm not a committer (or voter) either, but IMO, because this is not a
regression, it should not hold up the release, especially because the
release contains other potentially serious security fixes.

If this were a regression, I would agree with you.

5.5.27 should be shipped as is with the security fixes, and then have
the security patch reviewed and applied which fixes the security issue
so that it's ready for the next release.

I've been testing 5.5.27 internally using my applications and have not
noticed any issues with it.

-Dave

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message