You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by David Rees <dr...@gmail.com> on 2008/08/12 04:02:13 UTC
Tomcat 5.5 & 4.1 Security Release
I posted a couple messages to the user/dev lists last week asking the
same question, but still haven't seen any mention of a plan to release
a new 5.5.x or 4.1.x to fix the security issues posted at the
beginning of the month.
Is there a plan to push a new release for either 5.5.x or 4.1.x or
should end users assume that we're on our own regarding these two
versions and we should either patch/build them ourselves or upgrade to
6.0.x which does appear to be maintained?
It appears that both branches already have all the required security
patches applied to them so I don't see what the hold up is here. Are
there other changes applied to the branches which need to be tested?
I'm more than happy to help with testing where I can.
Thanks,
-Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: Tomcat 5.5 & 4.1 Security Release
Posted by Mark Thomas <ma...@apache.org>.
David Rees wrote:
> I posted a couple messages to the user/dev lists last week asking the
> same question,
There is no need to cross-post.
> but still haven't seen any mention of a plan to release
> a new 5.5.x or 4.1.x to fix the security issues posted at the
> beginning of the month.
>
> Is there a plan to push a new release for either 5.5.x or 4.1.x or
> should end users assume that we're on our own regarding these two
> versions and we should either patch/build them ourselves or upgrade to
> 6.0.x which does appear to be maintained?
Current status is maintained at http://wiki.apache.org/tomcat/TomcatVersions
A Tomcat 4.1.x release is in the works - I have a couple more patches I
need to apply and one bug I want to make sure is fixed before I start the
release process.
The 5.5.x release depends on Filip's availability.
> It appears that both branches already have all the required security
> patches applied to them so I don't see what the hold up is here. Are
> there other changes applied to the branches which need to be tested?
> I'm more than happy to help with testing where I can.
Any testing you can do once the releases are up for voting woudl be
appreciated.
Mark
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org