tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chinoy Gupta <cgu...@adobe.com>
Subject Re: AW: Question concerning mod_jk Security Fix CVE-2014-8111
Date Sat, 08 Aug 2015 14:47:23 GMT
Chris,

Is the trunk stable?

Regards,
Chinoy
On Sat, Aug 08, 2015 at 5:42 pm, Christopher Schultz <chris@christopherschultz.net<mailto:chris@christopherschultz.net>>
wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Chinoy,

On 8/5/15 4:39 AM, Chinoy Gupta wrote:
> When can we expect the release of JK 1.2.41 source code?

Well, you can get your hands on it right now: svn trunk is always
available.

Or you can wait for the vote to finish... I believe we have 3 votes to
release.

http://tomcat.markmail.org/thread/evury5r6rwcls5df

- -chris

> -----Original Message----- From: Mark Thomas
> [mailto:markt@apache.org] Sent: Sunday, July 26, 2015 10:16 PM To:
> Tomcat Users List <users@tomcat.apache.org> Subject: Re: AW:
> Question concerning mod_jk Security Fix CVE-2014-8111
>
> On 20/07/2015 10:58, Kreuser, Peter wrote:
>
> <snip/>
>
>> Hi Mark,
>>
>> I appreciate your open comment and that clarifies the lengthy
>> wait. I trust that now the solution gets going and will be solved
>> soonish.
>>
>> I'm in no position to criticize any wrongdoing on this CVE. I
>> only hope to find a clearer communication on the tomcat-security
>> sites in the future and if THAT is RedHat's fault, then please
>> clean up the process with them.
>
> I've just updated the JK security page on the Tomcat web site.
>
> To be clear, keeping this page up to date is entire the
> responsibility of the Tomcat committers. We dropped the ball on
> this one. That said, I had hoped - much like I hoped with the
> release - that RedHat would have directed one of their employees
> who is a committer to do the update. When that didn't happen pretty
> much immediately, we (the Tomcat committers) should have done it.
>
> I've read through the release docs and I should be able to get a
> 1.2.41 source release out. I'm planning on doing that next. Binary
> releases are going to have to wait for other folks to contribute
> them.
>
> Cheers,
>
> Mark
>
>> Thank You. Best regards,
>>
>> Peter
>>
>> PS: is that the correct position to add my response?
>
> Yes, it was.
>
> ---------------------------------------------------------------------
>
>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
> ---------------------------------------------------------------------
>
>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJVxfHfAAoJEBzwKT+lPKRYPy8P/jN1cMPMQNXF7HCL9x9VC2o0
MoQK05eZ1EKj/hdI94kxr1Zz9tfFkm3Ud2XgMLIwexTpSwuIfkMRh4QREHGuAojO
sCzufygPc6Yb8Tf+HNDCi6GEqJy1SGB3inM4glgKWxuDugh+f8Kl+ZOKFBkeHeYV
Tjo900rLdQotxHI+RzUK/74Jua/He8Dtlne4XFoiCfpmqfIzwRtNmWJ2N9gWYpCn
fcpbQ0S4Hqw7YH6gzutDSgWiT/vlftx/5ynX9ybgSSFqVLsGmIxoTJMSot8/Rv0R
BlumYGTMfvf+NhzwCJSPab3xzcQsdYp8ObucuQp4FfKzh2i2R1VuT+cxZcuG04aT
69pE61DY6QOZUz6n8gCpzEaNTIYSA13ktS7qQQN1L2ik0HwapLaAx+xaIP7h58B1
yS6Q2N8Lm2k5UOqIEO+Nev6ZwnYHLIb7rdllpJiia+4t9eLfFrMWE/It8Tg9WE7q
t+wi0YFZDV8iB4c/2IBSN2xEUBcasUzfj2M0QOPVkNblPVtKkH0C9tqzukPLXRG2
VMtgpZwk1QWAPTi3Ghl1aKzhgvjGvzrrFfsLgxQDz4blg8TAzxuV1hn6pMUQxnsd
luxCMprIXUt5IL2UJejGnqLKKWUkXCuC0anxV9yQTMGWNr9CZlVKVJYEALPUJOLC
u5RWsrWcctsQauIZJQg0
=GPIs
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message