tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Niki Diulgerov <ndiulge...@imx.fr>
Subject Re: potential thread? and what should we do?
Date Wed, 24 Jun 2009 15:26:35 GMT
Mark,
 I used the build.xml downloaded from here
 (http://tomcat.apache.org/tomcat-5.5-doc/build.xml).
 Looking at it I can see that it checks out
 http://svn.apache.org/repos/asf/tomcat/current/tc5.5.x (probably the
 latest available revision).
 
 Please advice me does it contain the latest approved patches or also the
 latest applied (but still not approved) patches.
 
 Should I change something in the build.xml script or I should manually
 checkout from different location (or different revision but not the head
 one)
 
 The idea is to check out the latest 5.5.x version with approved bugfixes
 and to build tomcat, cause on tomcat.apache.org the binaries are from 2008.
 
 
 
 Best regards,
 
 Nikolay Diulgerov
 Network Administrator


Mark Thomas wrote:
> Niki Diulgerov wrote:
>   
>> After doing some reading of the documentation I found that these bugs
>> are fixed in the SVN repository. Also checking out the latest source I
>> can see that it is revision (Checked out revision 787991) and tomcat is
>> with version 5.5.28.
>> Following the simple instructions on the site
>> (http://tomcat.apache.org/tomcat-5.5-doc/building.html) anyone can build
>> the latest release and get version with these bugs fixed.
>>     
>
> Just be aware that although what you download from svn today may call
> itself 5.5.28, there may be other changes made before 5.5.28 is tagged.
>
> If you want to work with the same source code as we used to build the
> release, you need to checkout the tag rather than trunk.
>
> Mark
>
>   
>>
>>
>> Best regards,
>>
>> Nikolay Diulgerov
>> Network Administrator
>>
>>
>>
>>
>> David kerber wrote:
>>     
>>> Niki Diulgerov wrote:
>>>       
>>>> Hello there,
>>>> recently I'm reading in the security news channels that there are
>>>> discovered "multiple vulnerabilities" in tomcat and almost all
>>>> versions are affected.
>>>> For example these news from today:
>>>> http://www.linuxsecurity.com/content/view/149201?rdf
>>>>
>>>> On the other side, I can see that the latest version of tomcat is
>>>> 5.5.27 and the package is created in 2008 (06-Sep).
>>>>
>>>> Are there any fixes, or some new version comes soon? Does someone
>>>> know something about this.
>>>>
>>>>         
>>> I asked this question a couple of weeks ago, and they said that the
>>> fix in the TC6 line is already done in 6.0.20, and the TC5.5 and TC4
>>> lines will have this fixed in the not-too-distant future.
>>>
>>> D
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>       
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>     
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>   

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message