Return-Path: X-Original-To: apmail-tomcat-dev-archive@www.apache.org Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id AFF9710F65 for ; Fri, 4 Dec 2015 12:38:39 +0000 (UTC) Received: (qmail 23058 invoked by uid 500); 4 Dec 2015 12:38:34 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 22993 invoked by uid 500); 4 Dec 2015 12:38:34 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 22983 invoked by uid 99); 4 Dec 2015 12:38:34 -0000 Received: from mail-relay.apache.org (HELO mail-relay.apache.org) (140.211.11.15) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Dec 2015 12:38:34 +0000 Received: from mail-oi0-f50.google.com (mail-oi0-f50.google.com [209.85.218.50]) by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with ESMTPSA id C9CC81A0149 for ; Fri, 4 Dec 2015 12:38:33 +0000 (UTC) Received: by oige206 with SMTP id e206so66662070oig.2 for ; Fri, 04 Dec 2015 04:38:32 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.202.85.211 with SMTP id j202mr11856773oib.55.1449232712993; Fri, 04 Dec 2015 04:38:32 -0800 (PST) Received: by 10.76.35.73 with HTTP; Fri, 4 Dec 2015 04:38:32 -0800 (PST) In-Reply-To: <56617C24.8040802@apache.org> References: <56617C24.8040802@apache.org> Date: Fri, 4 Dec 2015 13:38:32 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Time for tomcat-native 1.2.3? From: =?UTF-8?Q?R=C3=A9my_Maucherat?= To: Tomcat Developers List Content-Type: multipart/alternative; boundary=001a113deba00e11ab052611c9a5 --001a113deba00e11ab052611c9a5 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable 2015-12-04 12:42 GMT+01:00 Mark Thomas : > Give the recent OpenSSL vulnerability announcements [1], I was planning > on starting a tomcat-native 1.2.3 release to provide an updated Windows > binary. > > There are a few fixes in trunk since 1.2.2. I'll get the changelog update= d. > Sorry, I guess everyone forgot there's a changelog there as well. > > I'm currently planning on tagging this on Tuesday 8th Dec. We can > probably afford to wait a couple of days if anyone wants to get anything > else into a 1.2.3 release. > > On a related topic, what are people's views on switching 6.0.x, 7.0.x > and 8.0.x to 1.2.x rather than 1.1.x? > > I am investigating an issue where SSL.getPeerCertificate always returns null (for whatever reason), which may need some fixes, so it's not certain renegotiation works at the moment (although it looks like it). Hopefully this will be sorted out to be included in the tag. About forcing an update to 1.2.x for all branches, I'm not convinced at the moment. R=C3=A9my --001a113deba00e11ab052611c9a5--