You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2014/11/03 15:49:44 UTC
svn commit: r1636366 [2/2] - /tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1636366&r1=1636365&r2=1636366&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon Nov 3 14:49:44 2014
@@ -44,2572 +44,16 @@
They eventually become mixed with the numbered issues. (I.e., numbered
issues to not "pop up" wrt. others).
-->
-<section name="Tomcat 8.0.16 (markt)">
- <subsection name="Coyote">
- <changelog>
- <fix>
- Allow HTTP upgrade process to complete without data corruption when
- additional content is sent along with the upgrade header. (remm)
- </fix>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.15 (markt)">
- <subsection name="Catalina">
- <changelog>
- <add>
- <bug>43548</bug>: Add an XML schema for the tomcat-users.xml file.
- (markt)
- </add>
- <add>
- <bug>43682</bug>: Add support for referring to the current context, host
- and service name in per Context logging.properties files by using the
- properties <code>${classloader.webappName}</code>,
- <code>${classloader.hostName}</code> and
- <code>${classloader.serviceName}</code>. (markt)
- </add>
- <add>
- <bug>47919</bug>: Extend the information logged when Tomcat starts to
- optionally log the values of command line arguments (enabled by
- default) and environment variables (disabled by default). Note that
- the values added to CATALINA_OPTS and JAVA_OPTS environment variables
- will be logged, as they are used to build up the command line. (markt)
- </add>
- <add>
- <bug>49939</bug>: Expose the method that clears the static resource
- cache for a web application via JMX. (markt)
- </add>
- <fix>
- <bug>55951</bug>: Allow cookies to use UTF-8 encoded values in HTTP
- headers. This requires the use of the RFC6265
- <strong>CookieProcessor</strong>. (markt)
- </fix>
- <fix>
- <bug>55984</bug>: Using the allow separators in version 0 cookies option
- with the legacy cookie processor should only apply to version 0 cookies.
- Version 1 cookies with values that contain separators should not be
- affected and should continue to be quoted. (markt)
- </fix>
- <add>
- <bug>56393</bug>: Add support for RFC6265 cookie parsing and generation.
- This is currently disabled by default and may be enabled via the
- <strong>CookieProcessor</strong> element of a <strong>Context</strong>.
- (markt)
- </add>
- <add>
- <bug>56394</bug>: Introduce new configuration element CookieProcessor in
- Context to allow context-specific configuration of cookie processing
- options. Attributes of Context element that were added in Tomcat 8.0.13
- to allow configuration of a new experimental RFC6265 based cookie parser
- (<code>useRfc6265</code> and <code>cookieEncoding</code>) are
- replaced by this new configuration element. (markt)
- </add>
- <fix>
- Improve the previous fix for <bug>56401</bug>. Avoid logging version
- information in the constructor since it then gets logged at undesirable
- times such as when using <code>StoreConfig</code>. (markt)
- </fix>
- <fix>
- <bug>56403</bug>: Add pluggable password derivation support to the
- Realms via the new <code>CredentialHandler</code> interface.
- (markt/schultz)
- </fix>
- <fix>
- <bug>57016</bug>: When using the <code>PersistentValve</code> do not
- remove sessions from the store when persisting them. (markt)
- </fix>
- <add>
- Deprecate the use of system proprties to control cookie parsing and
- replace them with attributes on the new <code>CookieProcessor</code>
- that may be configured on a per context basis. (markt)
- </add>
- <fix>
- Correct an edge case and allow a cookie if the value starts with an
- equals character and the <code>CookieProcessor</code> is not configured
- to allow equals characters in cookie values but is configured to allow
- name only cookies. (markt)
- </fix>
- <fix>
- <bug>57022</bug>: Ensure SPNEGO authentication continues to work with
- the JNDI Realm using delegated credentials with recent Oracle JREs.
- (markt)
- </fix>
- <fix>
- <bug>57027</bug>: Add additional validation for stored credentials used
- by Realms when the credential is stored using hex encoding. (markt)
- </fix>
- <fix>
- <bug>57038</bug>: Add a <code>WebResource.getCodeBase()</code> method,
- implement for all <code>WebResource</code> implementations and then use
- it in the web application class loader to set the correct code base for
- resources loaded from JARs and WARs. (markt)
- </fix>
- <fix>
- Correct a couple of NPEs in the JNDI Realm that could be triggered with
- when not specifying a roleBase and enabling roleSearchAsUser. (markt)
- </fix>
- <fix>
- Correctly handle relative values for the docBase attribute of a Context.
- (markt)
- </fix>
- <fix>
- Ensure that log messages generated by the web application class loader
- correctly identify the associated Context when multiple versions of a
- Context with the same path are present. (markt)
- </fix>
- <fix>
- Remove the unnecessary registration of context.xml as a redeploy
- resource. The context.xml having an external docBase has already been
- registered as a redeploy resource at first. (kfujino)
- </fix>
- <fix>
- <bug>57089</bug>: Ensure that configuration of a session ID generator is
- not lost when a web application is reloaded. (markt)
- </fix>
- <fix>
- <bug>57105</bug>: When parsing web.xml do not limit the buffer element
- of the jsp-property-group element to integer values as the allowed
- values are <code><number>kb</code> or <code>none</code>. (markt)
- </fix>
- <update>
- Update the minimum required version of the Tomcat Native library (if
- used) to 1.1.32. (markt)
- </update>
- <fix>
- Update storeconfig with newly introduced elements: SessionIdGenerator,
- CookieProcessor, JarScanner and JarScanFilter. (remm)
- </fix>
- <fix>
- Throw a <code>NullPointerException</code> if a null string is passed to
- the <code>write(String,int,int)</code> method of the
- <code>PrintWriter</code> obtained from the <code>ServletResponse</code>.
- (markt)
- </fix>
- <fix>
- Cookie rewrite flag abbreviation should be CO rather than C. (remm)
- </fix>
- <fix>
- <bug>57153</bug>: When the StandardJarScanner is configured to scan the
- full class path, ensure that class path entries added directly to the
- web application class loader are scanned. (markt)
- </fix>
- <fix>
- AsyncContext should remain usable until fireOnComplete is called. (remm)
- </fix>
- <fix>
- AsyncContext createListener should wrap any instantiation exception
- using a ServletException. (remm)
- </fix>
- <fix>
- <bug>57155</bug>: Allow a web application to be configured that does not
- have a docBase on the file system. This is primarily intended for use
- when embedding. (markt)
- </fix>
- <fix>
- Propagate header ordering from fileupload to the part implementation.
- (remm)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Coyote">
- <changelog>
- <add>
- <bug>53952</bug>: Add support for TLSv1.1 and TLSv1.2 for APR connector.
- Based upon a patch by Marcel Šebek. This feature requires
- Tomcat Native library 1.1.32 or later. (schultz/jfclere)
- </add>
- <scode>
- Cache the <code>Encoder</code> instances used to convert Strings to byte
- arrays in the Connectors (e.g. when writing HTTP headers) to improve
- throughput. (markt)
- </scode>
- <add>
- Disable SSLv3 by default for JSSE based HTTPS connectors (BIO, NIO and
- NIO2). The change also ensures that SSLv2 is disabled for these
- connectors although SSLv2 should already be disabled by default by the
- JRE. (markt)
- </add>
- <add>
- Disable SSLv3 by default for the APR/native HTTPS connector. (markt)
- </add>
- <fix>
- Do not increase remaining counter at end of stream in
- IdentityInputFilter. (kkolinko)
- </fix>
- <fix>
- Trigger an error if an invalid attempt is made to use non-blocking IO.
- (markt)
- </fix>
- <fix>
- <bug>57157</bug>: Allow calls to
- <code>AsyncContext.start(Runnable)</code> during non-blocking IO reads
- and writes. (markt)
- </fix>
- <fix>
- Async state MUST_COMPLETE should still be started. (remm)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Jasper">
- <changelog>
- <fix>
- <bug>57099</bug>: Ensure that semi-colons are not permitted in JSP
- import page directives. (markt)
- </fix>
- <fix>
- <bug>57113</bug>: Fix broken package imports in Expression Language when
- more than one package was imported and the desired class was not in the
- last package imported. (markt)
- </fix>
- <fix>
- <bug>57132</bug>: Fix import conflicts reporting in Expression Language.
- (kkolinko)
- </fix>
- <fix>
- When coercing an object to a given type, only attempt coercion to an
- array if both the object type and the target type are an array type.
- (violetagg/markt)
- </fix>
- <fix>
- Improve handling of invalid input to
- <code>javax.el.ImportHandler.resolveClass()</code>. (markt)
- </fix>
- <fix>
- Allow the same class to be added to an instance of
- <code>javax.el.ImportHandler</code> more than once without triggering
- an error. The second and subsequent calls for the same class will be
- ignored. (markt)
- </fix>
- <fix>
- <bug>57136</bug>: Ensure only <code>\${</code> and <code>\#{</code> are
- treated as escapes for <code>${</code> and <code>#{</code> rather than
- <code>\$</code> and <code>\#</code> being treated as escapes for
- <code>$</code> and <code>#</code> when processing literal expressions in
- expression language. (markt)
- </fix>
- <fix>
- When coercing an object to an array type in Expression Langauage, handle
- the case where the source object is an array of primitives.
- (markt/kkolinko)
- </fix>
- <fix>
- Do not throw an exception on missing JSP file servlet initialization.
- (remm)
- </fix>
- <fix>
- <bug>57148</bug>: When coercing an object to a given type and a
- <code>PropertyEditor</code> has been registered for the type correctly
- coerce the empty string to <code>null</code> if the
- <code>PropertyEditor</code> throws an exception. (kkolinko/markt)
- </fix>
- <fix>
- <bug>57153</bug>: Correctly scan for TLDs located in directories that
- represent exanded JARs files that have been added to the web application
- class loader's class path. (markt)
- </fix>
- <fix>
- <bug>57141</bug>: Enable EL in JSPs to refer to static fields of
- imported classes including the standard <code>java.lang.*</code>
- imports. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Cluster">
- <changelog>
- <fix>
- Add support for the <code>SessionIdGenerator</code> to cluster manager
- template. (kfujino)
- </fix>
- <fix>
- Avoid possible integer overflows reported by Coverity Scan. (fschumacher)
- </fix>
- </changelog>
- </subsection>
- <subsection name="WebSocket">
- <changelog>
- <fix>
- <bug>57054</bug>: Correctly handle the case in the WebSocket client
- when the HTTP response to the upgrade request can not be read in a
- single pass; either because the buffer is too small or the server sent
- the response in multiple packets. (markt)
- </fix>
- <add>
- Extend support for the <code>permessage-deflate</code> extension to the
- client implementation. (markt)
- </add>
- <fix>
- Fix client subprotocol handling. (remm)
- </fix>
- <fix>
- Add null checks for arguments in remote endpoint. (remm/kkolinko)
- </fix>
- <fix>
- <bug>57091</bug>: Work around the behaviour of the Oracle JRE when
- creating new threads in an applet environment that breaks the WebSocket
- client implementation. Patch provided by Niklas Hallqvist. (markt)
- </fix>
- <fix>
- <bug>57118</bug>: Ensure that that an <code>EncodeException</code> is
- thrown by <code>RemoteEndpoint.Basic.sendObject(Object)</code> rather
- than an <code>IOException</code> when no suitable <code>Encoder</code>
- is configured for the given Object. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Web applications">
- <changelog>
- <fix>
- Correct a couple of broken links in the Javadoc. (markt)
- </fix>
- <fix>
- Correct documentation for <code>ServerCookie.ALLOW_NAME_ONLY</code>
- system property. (kkolinko)
- </fix>
- <fix>
- <bug>57049</bug>: Clarified that <code>jvmRoute</code> can be set in
- <code><Engine></code>'s <code>jvmRoute</code> or in a system
- property. (schultz)
- </fix>
- <fix>
- Correct version of Java WebSocket mentioned in documentation
- (s/1.0/1.1/). (markt/kkolinko)
- </fix>
- <update>
- Suppress timestamp comments in Javadoc. (kkolinko)
- </update>
- <fix>
- <bug>57147</bug>: Various corrections to the JDBC Store section of the
- session manager configuration page of the documentation web application.
- (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Tribes">
- <changelog>
- <fix>
- <bug>45282</bug>: Improve shutdown of NIO receiver so that sockets are
- closed cleanly. (fhanik/markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="jdbc-pool">
- <changelog>
- <fix>
- <bug>57005</bug>: Fix javadoc errors when building with Java 8. Patch
- provided by Pierre Viret. (markt)
- </fix>
- <fix>
- <bug>57079</bug>: Use Tomcat version number for jdbc-pool module when
- building and shipping the module as part of Tomcat. (markt)
- </fix>
- <fix>
- Fix broken overview page in javadoc generated via "javadoc" task in
- jdbc-pool build.xml file. (kkolinko)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Other">
- <changelog>
- <fix>
- <bug>56079</bug>: The uninstaller packaged with the Apache Tomcat
- Windows installer is now digitally signed. (markt)
- </fix>
- <fix>
- Fix timestamps in Tomcat build and jdbc-pool to use 24-hour format
- instead of 12-hour one and use UTC timezone. (markt/kkolinko)
- </fix>
- <fix>
- Update the package renamed copy of Apache Commons DBCP 2 to revision
- 1631450 to pick up additional fixes since the 2.0.1 release including
- Javadoc corrections to fix errors when compiling with Java 8. (markt)
- </fix>
- <update>
- <bug>56596</bug>: Update to Tomcat Native Library version 1.1.32 to
- pick up the Windows binaries that are based on OpenSSL 1.0.1j and APR
- 1.5.1. (markt)
- </update>
- <scode>
- In Tomcat tests: log name of the current test method at start time.
- (kkolinko)
- </scode>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.14 (markt)" rtext="2014-09-29">
- <subsection name="Other">
- <changelog>
- <fix>
- <bug>56079</bug>: The Apache Tomcat Windows installer, the Apache Tomcat
- Windows service and the Apache Tomcat Windows service monitor
- application are now digitally signed. (markt)
- </fix>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.13 (markt)" rtext="not released">
- <subsection name="Catalina">
- <changelog>
- <fix>
- <bug>55917</bug>: Allow bytes in the range 0x80 to 0xFF to appear in
- cookie values if the cookie is a V1 (RFC2109) cookie and the value is
- correctly quoted. The new RFC6265 based cookie parser must be enabled to
- correctly handle these cookies. (markt)
- </fix>
- <fix>
- <bug>55918</bug>: Do not permit control characters to appear in quoted
- V1 (RFC2109) cookie values. The new RFC6265 based cookie parser must be
- enabled to correctly handle these cookies. (markt)
- </fix>
- <fix>
- <bug>55921</bug>: Correctly handle (ignore the cookie) unescaped JSON in
- a cookie value. The new RFC6265 based cookie parser must be enabled to
- correctly handle these cookies. (markt)
- </fix>
- <add>
- <bug>56401</bug>: Log version information when Tomcat starts.
- (markt/kkolinko)
- </add>
- <add>
- <bug>56530</bug>: Add a web application class loader implementation that
- supports the parallel loading of web application classes. (markt)
- </add>
- <fix>
- <bug>56900</bug>: Fix some potential resource leaks when reading
- property files reported by Coverity Scan. Based on patches provided by
- Felix Schumacher. (markt)
- </fix>
- <fix>
- <bug>56902</bug>: Fix a potential resource leak in the Default Servlet
- reported by Coverity Scan. Based on a patch provided by Felix
- Schumacher. (markt)
- </fix>
- <fix>
- <bug>56903</bug>: Correct the return value for
- <code>StandardContext.getResourceOnlyServlets()</code> so that multiple
- names are separated by commas. Identified by Coverity Scan and fixed
- based on a patch by Felix Schumacher. (markt)
- </fix>
- <add>
- Add an additional implementation of a RFC6265 based cookie parser along
- with new Context options to select and configure it. This parser is
- currently considered experimental and is not used by default. (markt)
- </add>
- <fix>
- Fixed the multipart elements merge operation performed during web
- application deployment. Identified by Coverity Scan. (violetagg)
- </fix>
- <fix>
- Correct the information written by
- <code>ExtendedAccessLogValve</code> when a format token x-O(XXX) is
- used so that multiple values for a header XXX are separated by commas.
- Identified by Coverity Scan. (violetagg)
- </fix>
- <fix>
- Fix a potential resource leak when reading MANIFEST.MF file for
- extension dependencies reported by Coverity Scan. (violetagg)
- </fix>
- <fix>
- Fix some potential resource leaks when reading properties, files and
- other resources. Reported by Coverity Scan. (violetagg)
- </fix>
- <fix>
- Correct the previous fix for <bug>56825</bug> that enabled pre-emptive
- authentication to work with the SSL authenticator. (markt)
- </fix>
- <scode>
- Refactor to reduce code duplication identified by Simian. (markt)
- </scode>
- <fix>
- When using parallel deployment and <code>undeployOldVersions</code>
- feature is enabled on a Host, correctly undeploy context of old
- version. Make sure that Tomcat does not undeploy older Context if
- current context is not running. (kfujino)
- </fix>
- <fix>
- Fix a rare threading issue when locking resources via WebDAV.
- (markt)
- </fix>
- <fix>
- Fix a rare threading issue when using HTTP digest authentication.
- (markt)
- </fix>
- <fix>
- When deploying war, add XML file in the config base to the redeploy
- resources if war does not have META-INF/context.xml or
- <code>deployXML</code> is false. If XML file is created in the config
- base, redeploy will occur. (kfujino)
- </fix>
- <scode>
- Various changes to reduce unnecessary code in Tomcat's copy of
- Apache Commons BCEL to reduce the time taken for annotation scanning
- when web applications start. Includes contributions from kkolinko and
- hzhang9. (markt)
- </scode>
- <fix>
- <bug>56938</bug>: Ensure web applications that have mixed case context
- paths and are deployed as directories are correctly removed on undeploy
- when running on a case sensitive file system. (markt)
- </fix>
- <add>
- <bug>57004</bug>: Add <code>stuckThreadCount</code> property to
- <code>StuckThreadDetectionValve</code>'s JMX bean. Patch provided by
- Jiří Pejchal. (schultz)
- </add>
- <fix>
- <bug>57011</bug>: Ensure that the request and response are correctly
- recycled when processing errors during async processing. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Coyote">
- <changelog>
- <fix>
- <bug>56910</bug>: Prevent the invalid value of <code>-1</code> being
- used for <code>maxConnections</code> with APR connectors. (markt)
- </fix>
- <fix>
- Ensure that AJP connectors enable the <code>KeepAliveTimeout</code>.
- (kfujino)
- </fix>
- <fix>
- Reduce duplicated code. All AJP connectors use common method to
- configuration of processor. (kfujino)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Jasper">
- <changelog>
- <fix>
- <bug>43001</bug>: Enable the JspC Ant task to set the JspC option
- <code>mappedFile</code>. (markt)
- </fix>
- <fix>
- Ensure that the implementation of
- <code>javax.servlet.jsp.PageContext.include(String)</code>
- and
- <code>javax.servlet.jsp.PageContext.include(String, boolean)</code>
- will throw <code>IOException</code> when an I/O error occur during
- the operation. (violetagg)
- </fix>
- <fix>
- <bug>56908</bug>: Fix some potential resource leaks when reading
- jar files. Reported by Coverity Scan. Patch provided by Felix
- Schumacher. (violetagg)
- </fix>
- <fix>
- Fix a potential resource leak in JDTCompiler when checking wether
- a resource is a package. Reported by Coverity Scan. (fschumacher)
- </fix>
- <fix>
- <bug>56991</bug>: Deprecate the use of a request attribute to pass a
- <jsp-file> declaration to Jasper and prevent an infinite loop
- if this technique is used in conjunction with an include. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="WebSocket">
- <changelog>
- <fix>
- <bug>56905</bug>: Make destruction on web application stop of thread
- group used for WebSocket connections more robust. (kkolinko/markt)
- </fix>
- <fix>
- <bug>56907</bug>: Ensure that client IO threads are stopped if a secure
- WebSocket client connection fails. (markt)
- </fix>
- <fix>
- <bug>56982</bug>: Return the actual negotiated extensions rather than an
- empty list for <code>Session.getNegotiatedExtensions()</code>. (markt)
- </fix>
- <update>
- Update the WebSocket implementation to support the Java WebSocket
- specification version 1.1. (markt)
- </update>
- </changelog>
- </subsection>
- <subsection name="Web applications">
- <changelog>
- <add>
- Add <code>JarScanner</code> to the nested components listed for a
- Context. (markt)
- </add>
- <update>
- Update the Windows authentication documentation after some additional
- testing to answer the remaining questions. (markt)
- </update>
- </changelog>
- </subsection>
- <subsection name="Other">
- <changelog>
- <fix>
- <bug>56895</bug>: Correctly compose <code>JAVA_OPTS</code> in
- <code>catalina.bat</code> so that escape sequences are preserved. Patch
- by Lucas Theisen. (markt)
- </fix>
- <update>
- <bug>56988</bug>: Allow to use relative path in <code>base.path</code>
- setting when building Tomcat. (kkolinko)
- </update>
- <fix>
- <bug>56990</bug>: Ensure that the <code>ide-eclipse</code> build target
- downloads all the libraries required by the default Eclipse
- configuration files. (markt)
- </fix>
- <fix>
- Update the package renamed copy of Apache Commons DBCP 2 to revision
- 1626988 to pick up the fixes since the 2.0.1 release including support
- for custom eviction policies. (markt)
- </fix>
- <fix>
- Update the package renamed copy of Apache Commons Pool 2 to revision
- 1627271 to pick up the fixes since the 2.2 release including some memory
- leak fixes and support for application provided eviction policies.
- (markt)
- </fix>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.12 (markt)" rtext="2014-09-03">
- <subsection name="Catalina">
- <changelog>
- <add>
- Make the session id generator extensible by adding a
- <code>SessionIdGenerator</code> interface, an abstract
- base class and a standard implementation. (rjung)
- </add>
- <fix>
- <bug>56882</bug>: Fix regression in processing of includes and forwards
- when Context have been reloaded. Tomcat was responding with HTTP Status
- 503 (Servlet xxx is currently unavailable). (kkolinko)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Coyote">
- <changelog>
- <fix>
- When building a list of JSSE ciphers from an OpenSSL cipher defintiion,
- ignore unknown criteria rather than throwing a
- <code>NullPointerException</code>. (markt)
- </fix>
- <add>
- Add support for the EECDH alias when using the OpenSSL cipher syntax to
- define JSSE ciphers. (markt)
- </add>
- </changelog>
- </subsection>
- <subsection name="Jasper">
- <changelog>
- <fix>
- Correct a logic error in the <code>JasperElResolver</code>. There was no
- functional impact but the code was less efficient as a result of the
- error. Based on a patch by martinschaef. (markt)
- </fix>
- <fix>
- <bug>56568</bug>: Enable any HTTP method to be used to request a JSP
- page that has the <code>isErrorPage</code> page directive set to
- <code>true</code>. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="WebSocket">
- <changelog>
- <add>
- Extend support for the <code>permessage-deflate</code> extension to
- compression of outgoing messages on the server side. (markt)
- </add>
- </changelog>
- </subsection>
- <subsection name="Other">
- <changelog>
- <add>
- <bug>56323</bug>: Include the <code>*.bat</code> files when installing
- Tomcat via the Windows installer. (markt)
- </add>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.11 (markt)" rtext="2014-08-22">
- <subsection name="Catalina">
- <changelog>
- <fix>
- <bug>56658</bug>: Fix regression that a context was inaccessible after
- reload. (kkolinko)
- </fix>
- <fix>
- <bug>56710</bug>: Do not map requests to servlets when context is
- being reloaded. (kkolinko)
- </fix>
- <fix>
- <bug>56712</bug>: Fix session idle time calculations in
- <code>PersistenceManager</code>. (kkolinko)
- </fix>
- <fix>
- <bug>56717</bug>: Fix duplicate registration of
- <code>MapperListener</code> during repeated starts of embedded Tomcat.
- (kkolinko)
- </fix>
- <add>
- <bug>56724</bug>: Write an error message to Tomcat logs if container
- background thread is aborted unexpectedly. (kkolinko)
- </add>
- <fix>
- When scanning class files (e.g. for annotations) and reading the number
- of parameters in a <code>MethodParameters</code> structure only read a
- single byte (rather than two bytes) as per the JVM specification. Patch
- provided by Francesco Komauli. (markt)
- </fix>
- <fix>
- Allow the JNDI Realm to start even if the directory is not available.
- The directory not being available is not fatal once the Realm is started
- and it need not be fatal when the Realm starts. Based on a patch by
- Cédric Couralet. (markt)
- </fix>
- <fix>
- <bug>56736</bug>: Avoid an incorrect <code>IllegalStateException</code>
- if the async timeout fires after a non-container thread has called
- <code>AsyncContext.dispatch()</code> but before a container thread
- starts processing the dispatch. (markt)
- </fix>
- <fix>
- <bug>56739</bug>: If an application handles an error on an application
- thread during asynchronous processing by calling
- <code>HttpServletResponse.sendError()</code>, then ensure that the
- application is given an opportunity to report that error via an
- appropriate application defined error page if one is configured. (markt)
- </fix>
- <fix>
- <bug>56784</bug>: Fix a couple of rare but theoretically possible
- atomicity bugs. (markt)
- </fix>
- <fix>
- <bug>56785</bug>: Avoid <code>NullPointerException</code> if directory
- exists on the class path that is not readable by the Tomcat user.
- (markt)
- </fix>
- <fix>
- <bug>56796</bug>: Remove unnecessary sleep when stopping a web
- application. (markt)
- </fix>
- <fix>
- <bug>56801</bug>: Improve performance of
- <code>org.apache.tomcat.util.file.Matcher</code> which is to filter JARs
- for scanning during web application start. Based on a patch by Sheldon
- Shao. (markt)
- </fix>
- <fix>
- <bug>56815</bug>: When the <code>gzip</code> option is enabled for the
- <code>DefaultServlet</code> ensure that a suitable <code>Vary</code>
- header is returned for resources that might be returned directly in
- compressed form. (markt)
- </fix>
- <fix>
- Do not mark threads from the container thread pool as container threads
- when being used to process <code>AsyncContext.start(Runnable)</code> so
- processing is correctly transferred back to a genuine container thread
- when necessary. (markt)
- </fix>
- <add>
- Add simple caching for calls to <code>StandardRoot.getResources()</code>
- in the new (for 8.0.x) resources implementation. (markt)
- </add>
- <fix>
- <bug>56825</bug>: Enable pre-emptive authentication to work with the
- SSL authenticator. Based on a patch by jlmonteiro. (markt)
- </fix>
- <fix>
- <bug>56840</bug>: Avoid NPE when the rewrite valve is mapped to
- a context. (remm)
- </fix>
- <fix>
- Correctly handle multiple <code>accept-language</code> headers rather
- than just using the first header to determine the user's preferred
- Locale. (markt)
- </fix>
- <fix>
- <bug>56848</bug>: Improve handling of <code>accept-language</code>
- headers. (markt)
- </fix>
- <fix>
- <bug>56857</bug>: Fix thread safety issue when calling ServletContext
- methods while running under a security manager. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Coyote">
- <changelog>
- <fix>
- Fix NIO2 sendfile state tracking and error handling to fix
- various corruption issues. (remm)
- </fix>
- <fix>
- Missing timeout for NIO2 sendfile writes. (remm)
- </fix>
- <fix>
- Allow inline processing for NIO2 sendfile and optimize keepalive
- behavior. (remm)
- </fix>
- <fix>
- Fix excessive NIO2 sendfile direct memory use in some cases, sendfile
- will now instead use the regular socket write buffer as configured.
- (remm)
- </fix>
- <fix>
- <bug>56661</bug>: Fix <code>getLocalAddr()</code> for AJP connectors.
- The complete fix is only available with a recent AJP forwarder like
- the forthcoming mod_jk 1.2.41. (rjung)
- </fix>
- <fix>
- Use default ciphers defined as
- <code>HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5</code> so
- that no weak ciphers are enabled by default. (remm)
- </fix>
- <fix>
- <bug>56780</bug>: Enable Tomcat to start when using SSL with an IBM JRE
- in strict SP800-131a mode. (markt)
- </fix>
- <fix>
- <bug>56810</bug>: Remove use of Java 8 specific API calls in unit tests
- for OpenSSL to JSSE cipher conversion. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Jasper">
- <changelog>
- <fix>
- <bug>56709</bug>: Fix system property name in a log message. Submitted
- by Robert Kish. (remm)
- </fix>
- <fix>
- <bug>56797</bug>: When matching a method in an EL expression, do not
- treat bridge methods as duplicates of the method they bridge to. In this
- case always call the target of the bridge method. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="WebSocket">
- <changelog>
- <fix>
- <bug>56746</bug>: Allow secure WebSocket client threads to use the
- current context class loader rather than explicitly setting it to the
- class loader that loaded the WebSocket implementation. This allows
- WebSocket client connections from within web applications to access,
- amongst other things, the JNDI resources associated with the web
- application. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Web applications">
- <changelog>
- <fix>
- Correct the label in the list of sessions by idle time for the bin that
- represents the idle time immediately below the maximum permitted idle
- time when using the expire command of the Manager application. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="jdbc-pool">
- <changelog>
- <fix>
- <bug>53088</bug>: More identifiable thread name. (fhanik)
- </fix>
- <fix>
- <bug>53200</bug>: Selective logging for slow versus failed queries.
- (fhanik)
- </fix>
- <fix>
- <bug>53853</bug>: More flexible classloading. (fhanik)
- </fix>
- <fix>
- <bug>54225</bug>: Disallow empty init SQL. (fhanik)
- </fix>
- <fix>
- <bug>54227</bug>: Evaluate max age upon borrow. (fhanik)
- </fix>
- <fix>
- <bug>54235</bug>: Disallow nested pools exploitating using data source.
- (fhanik)
- </fix>
- <fix>
- <bug>54395</bug>: Fix JDBC interceptor parsing bug. (fhanik)
- </fix>
- <fix>
- <bug>54537</bug>: Performance improvement in
- <code>StatementFinalizer</code>. (fhanik)
- </fix>
- <fix>
- <bug>54978</bug>: Make sure proper connection validation always happens,
- regardless of config. (fhanik)
- </fix>
- <fix>
- <bug>56318</bug>: Ability to trace statement creation in
- <code>StatementFinalizer</code>. (fhanik)
- </fix>
- <fix>
- <bug>56789</bug>: getPool() returns the actual pool, always. (fhanik)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Other">
- <changelog>
- <add>
- <bug>56788</bug>: Display the full version in the list of installed
- applications when installed via the Windows installer package. Patch
- provided by Alexandre Garnier. (markt)
- </add>
- <add>
- <bug>56829</bug>: Add the ability for users to define their own values
- for <code>_RUNJAVA</code> and <code>_RUNJDB</code> environment
- variables. Be more strict with executable filename on Windows
- (s/java/java.exe/). Based on a patch by Neeme Praks. (markt/kkolinko)
- </add>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.10 (markt)" rtext="not released">
- <subsection name="Catalina">
- <changelog>
- <fix>
- <bug>44312</bug>: Log an error if there is a conflict between Host and
- Alias names. Improve host management methods in <code>Mapper</code>
- to avoid occasionally removing a wrong host. Check that host management
- operations are performed on the host and not on an alias. (kkolinko)
- </fix>
- <scode>
- <bug>56611</bug>: Refactor code to remove inefficient calls to
- <code>Method.isAnnotationPresent()</code>. Based on a patch by Jian Mou.
- (markt/kkolinko)
- </scode>
- <fix>
- Fix regression in
- <code>StandardContext.removeApplicationListener()</code>, introduced by
- the fix for bug <bug>56588</bug>. (kkolinko)
- </fix>
- <fix>
- <bug>56653</bug>: Fix concurrency issue with lists of contexts in
- <code>Mapper</code> when stopping Contexts. (kkolinko)
- </fix>
- <fix>
- <bug>56657</bug>: When using parallel deployment, if the same session id
- matches different versions of a web application, prefer the latest
- version. Ensure that remapping selects the version that we expect.
- (kkolinko)
- </fix>
- <fix>
- Assert that mapping result object is empty before performing mapping
- work in <code>Mapper</code>. (kkolinko)
- </fix>
- <scode>
- Remove <code>context</code> and <code>wrapper</code> fields in
- <code>Request</code> class and deprecate their setters. (kkolinko)
- </scode>
- <fix>
- <bug>56658</bug>: Avoid delay between registrations of mappings for
- context and for its servlets. (kkolinko)
- </fix>
- <fix>
- <bug>56665</bug>: Correct the generation of the effective web.xml when
- elements contain an empty string as value. (violetagg)
- </fix>
- <fix>
- Fix storeconfig exception routing issues, so that a major problem
- should avoid configuration overwrite. (remm)
- </fix>
- <fix>
- Add configuration fields for header names in SSLValve. (remm)
- </fix>
- <fix>
- <bug>56666</bug>: When clearing the SSO cookie use the same values for
- domain, path, httpOnly and secure as were used to set the SSO cookie.
- (markt)
- </fix>
- <fix>
- <bug>56677</bug>: Ensure that
- <code>HttpServletRequest.getServletContext()</code> returns the correct
- value during a cross-context dispatch. (markt)
- </fix>
- <fix>
- <bug>56684</bug>: Ensure that Tomcat does not shut down if the socket
- waiting for the shutdown command experiences a
- <code>SocketTimeoutException</code>. (markt)
- </fix>
- <fix>
- <bug>56693</bug>: Fix various issues in the static resource cache
- implementation where the cache retained a stale entry after the
- successful completion of an operation that always invalidates the cache
- entry such as a delete operation.
- (markt)
- </fix>
- <fix>
- When the current PathInfo is modified as a result of dispatching a
- request, ensure that a call to
- <code>HttpServletRequest.getPathTranslated()</code> returns a value that
- is based on the modified PathInfo. (markt)
- </fix>
- <fix>
- <bug>56698</bug>: When persisting idle sessions, only persist newly idle
- sessions. Patch provided by Felix Schumacher. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Coyote">
- <changelog>
- <fix>
- <bug>56663</bug>: Fix edge cases demonstrated by ByteCounter relating
- to data available, remaining and extra write events, mostly occurring
- with non blocking Servlet 3.1. (remm)
- </fix>
- <fix>
- Avoid possible NPE stopping endpoints that are not started (stop
- shouldn't do anything in that case). (remm)
- </fix>
- <add>
- <bug>56704</bug>: Add support for OpenSSL syntax for ciphers when
- using JSSE SSL connectors. Submitted by Emmanuel Hugonnet. (remm)
- </add>
- <update>
- Allow to configure <code>maxSwallowSize</code> attribute of an HTTP
- connector via JMX. (kkolinko)
- </update>
- </changelog>
- </subsection>
- <subsection name="Jasper">
- <changelog>
- <fix>
- <bug>56543</bug>: Update to the Eclipse JDT Compiler 4.4. (violetagg)
- </fix>
- <fix>
- <bug>56652</bug>: Add support for method parameters that use arrays and
- varargs to <code>ELProcessor.defineFunction()</code>.(markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="WebSocket">
- <changelog>
- <add>
- Add support for the <code>permessage-deflate</code> extension. This is
- currently limited to decompressing incoming messages on the server side.
- It is expected that support will be extended to outgoing messages and to
- the client side shortly. (markt)
- </add>
- </changelog>
- </subsection>
- <subsection name="Web applications">
- <changelog>
- <fix>
- Attempt to obfuscate session cookie values associated with other web
- applications when viewing HTTP request headers with the Cookies example
- from the examples web application. This reduces the opportunity to use
- this example for malicious purposes should the advice to remove the
- examples web application from security sensitive systems be ignored.
- (markt)
- </fix>
- <fix>
- <bug>56694</bug>: Remove references to <code>Manager</code> attribute
- <code>checkInterval</code> from documentation and Javadoc since it no
- longer exists. Based on a patch by Felix Schumacher. Also remove other
- references to <code>checkInterval</code> that are no longer valid.
- (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Other">
- <changelog>
- <update>
- Update the API stability section of the release notes now that Tomcat 8
- has had its first stable release. (markt)
- </update>
- <update>
- Improve <code>build.xml</code> so that when Eclipse JDT Compiler is
- updated, it will delete the old JAR from <code>build/lib</code>
- directory. (kkolinko)
- </update>
- <scode>
- Simplify implementation of "setproxy" target in <code>build.xml</code>.
- (kkolinko)
- </scode>
- <update>
- Update optional Checkstyle library to 5.7. (kkolinko)
- </update>
- <update>
- <bug>56596</bug>: Update to Tomcat Native Library version 1.1.31 to
- pick up the Windows binaries that are based on OpenSSL 1.0.1h. (markt)
- </update>
- <fix>
- <bug>56685</bug>: Add quotes necessary for <code>daemon.sh</code> to
- work correctly on Solaris. Based on a suggesiton by lfuka. (markt)
- </fix>
- <update>
- Update package renamed Apache Commons Pool2 to r1609323 to pick various
- bug fixes. (markt)
- </update>
- <update>
- Update package renamed Apache Commons DBCP2 to r1609329 to pick up a
- minor bug fix. (markt)
- </update>
- <update>
- Update package renamed Apache Commons FileUpload to r1596086 to pick
- various bug fixes. (markt)
- </update>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.9 (markt)" rtext="2014-06-24">
- <subsection name="Catalina">
- <changelog>
- <fix>
- <bug>55282</bug>: Ensure that one and the same application listener is
- added only once when starting the web application. (violetagg)
- </fix>
- <fix>
- <bug>55975</bug>: Apply consistent escaping for double quote and
- backslash characters when escaping cookie values. (markt)
- </fix>
- <scode>
- <bug>56387</bug>: Improve the code that handles an attempt to load a
- class after a web application has been stopped. Use common code to handle
- this case regardless of the access path and don't throw an exception
- purely to log a stack trace. (markt)
- </scode>
- <scode>
- <bug>56399</bug>: Improve implementation of CoyoteAdapter.checkRecycled()
- to do not use an exception for flow control. (kkolinko)
- </scode>
- <add>
- <bug>56461</bug>: New <code>failCtxIfServletStartFails</code> attribute
- on Context and Host configuration to force the context startup to fail
- if a load-on-startup servlet fails its startup. (slaurent)
- </add>
- <add>
- <bug>56526</bug>: Improved the <code>StuckThreadDetectionValve</code> to
- optionally interrupt stuck threads to attempt to unblock them.
- (slaurent)
- </add>
- <fix>
- <bug>56545</bug>: Pre-load two additional classes, the loading of which
- may otherwise be triggered by a web application which in turn would
- trigger an exception when running under a security manager. (markt)
- </fix>
- <update>
- <bug>56546</bug>: Reduce logging level for stack traces of stuck web
- application threads printed by WebappClassLoader.clearReferencesThreads()
- from error to info. (kkolinko)
- </update>
- <scode>
- Refactor and simplify common code in object factories in
- <code>org.apache.catalina.naming</code> package, found thanks to Simian
- (Similarity Analyser) tool. Improve handling of Throwable.
- (markt/kkolinko)
- </scode>
- <fix>
- Relax cookie naming restrictions. Cookie attribute names used in the
- <code>Set-Cookie</code> header may be used unambiguously as cookie
- names. The restriction that prevented such usage has been removed.
- (jboynes/markt)
- </fix>
- <fix>
- Further relax cookie naming restrictions. Version 0 (a.k.a Netscape
- format) cookies may now use names that start with the <code>$</code>
- character. (jboynes/markt)
- </fix>
- <fix>
- Restrict cookie naming so that the <code>=</code> character is no longer
- permitted in a version 0 (a.k.a. Netscape format) cookie name. While
- Tomcat allowed this, browsers always truncated the name at the
- <code>=</code> character leading to a mis-match between the cookie the
- server set and the cookie returned by the browser. (jboynes/markt)
- </fix>
- <add>
- Add a simple <code>ServiceLoader</code> based discovery mechanism to the
- JULI <code>LogFactory</code> to make it easier to use JULI and Tomcat
- components that depend on JULI (such as Jasper) independently from
- Tomcat. Patch provided by Greg Wilkins. (markt)
- </add>
- <fix>
- <bug>56578</bug>: Correct regression in the fix for <bug>56339</bug>
- that prevented sessions from expiring when using clustering. (markt)
- </fix>
- <fix>
- <bug>56588</bug>: Remove code previously added to enforce the
- requirements of section 4.4 of the Servlet 3.1 specification. The code
- is no longer required now that Jasper initialization has been refactored
- and TLD defined listeners are added via a different code path that
- already enforces the specification requirements. (markt)
- </fix>
- <fix>
- <bug>56600</bug>: In WebdavServlet: Do not waste time generating
- response for broken PROPFIND request. (kkolinko)
- </fix>
- <fix>
- Provide a better error message when asynchronous operations are not
- supported by a filter or servlet. Patch provided by Romain Manni-Bucau.
- (violetagg)
- </fix>
- <fix>
- <bug>56606</bug>: User entries in <code>tomcat-users.xml</code> file
- are recommended to use "username" attribute rather than legacy "name"
- attribute. Fix inconsistencies in Windows installer, examples. Update
- digester rules and documentation for <code>MemoryRealm</code>.
- (markt/kkolinko)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Coyote">
- <changelog>
- <fix>
- <bug>56518</bug>: When using NIO, do not attempt to write to the socket
- if the thread is marked interrupted as this will lead to a connection
- limit leak. This fix was based on analysis of the issue by hanyong.
- (markt)
- </fix>
- <fix>
- <bug>56521</bug>: Re-use the asynchronous write buffer between writes to
- reduce allocation and GC overhead. Based on a patch by leonzhx. Also
- make the buffer size configurable and remove copying of data within
- buffer when the buffer is only partially written on a subsequent write.
- (markt)
- </fix>
- <fix>
- Ensure that a request without a body is correctly handled during Comet
- processing. This fixes the Comet chat example. (markt)
- </fix>
- <fix>
- Fix input concurrency issue in NIO2 upgrade. (remm)
- </fix>
- <fix>
- Correct a copy/paste error and return a 500 response rather than a 400
- response when an internal server error occurs on early stages of
- request processing. (markt)
- </fix>
- <scode>
- <bug>56582</bug>: Use switch(actionCode) in processors instead of a
- chain of "elseif"s. (kkolinko)
- </scode>
- <fix>
- <bug>56582#c1</bug>: Implement DISPATCH_EXECUTE action for AJP
- connectors. (kkolinko)
- </fix>
- <fix>
- If request contains an unrecognized Expect header, respond with error
- 417 (Expectation Failed), according to RFC2616 chapter 14.20. (markt)
- </fix>
- <fix>
- When an error occurs after the response has been committed close the
- connection immediately rather than attempting to finish the response to
- make it easier for the client to differentiate between a complete
- response and one that failed part way though. (markt)
- </fix>
- <scode>
- Remove the beta tag from the NIO2 connectors. (remm)
- </scode>
- <fix>
- <bug>56620</bug>: Avoid bogus access log entries when pausing the NIO
- HTTP connector and ensure that access log entries generated by error
- conditions use the correct request start time. (markt)
- </fix>
- <fix>
- Improve configuration of cache sizes in the endpoint. (markt)
- </fix>
- <add>
- Add a new limit, defaulting to 2MB, for the amount of data Tomcat will
- swallow for an aborted upload. The limit is configurable by
- <code>maxSwallowSize</code> attribute of an HTTP connector. (markt)
- </add>
- </changelog>
- </subsection>
- <subsection name="Jasper">
- <changelog>
- <fix>
- <bug>56334#c15</bug>: Fix a regression in EL parsing when quoted string
- follows a whitespace. (kkolinko/markt)
- </fix>
- <update>
- <bug>56543</bug>: Update to the Eclipse JDT Compiler 4.4RC4 to pick up
- some fixes for Java 8 support. (markt/kkolinko)
- </update>
- <fix>
- <bug>56561</bug>: Avoid <code>NoSuchElementException</code> while
- handling attributes with empty string value. (violetagg)
- </fix>
- <scode>
- Do not configure a <code>JspFactory</code> in the
- <code>JasperInitializer</code> if one has already been set as might be
- the case in some embedding scenarios. (markt)
- </scode>
- <add>
- Add a simple implementation of <code>InstanceManager</code> and have
- Jasper use it if no other <code>InstanceManager</code> is provided. This
- makes it easier to use Jasper independently from Tomcat. Patch provided
- by Greg Wilkins. (markt)
- </add>
- <fix>
- <bug>56568</bug>: Allow any HTTP method when a JSP is being used as an
- error page. (markt)
- </fix>
- <update>
- <bug>56581</bug>: If an error on a JSP page occurs when response has
- already been committed, do not clear the buffer of JspWriter, but flush
- it. It will make more clear where the error occurred. (kkolinko)
- </update>
- <fix>
- <bug>56612</bug>: Correctly parse two consecutive escaped single quotes
- when used in UEL expression in a JSP. (markt)
- </fix>
- <update>
- Move code that parses EL expressions within JSP template text from
- <code>Parser</code> to <code>JspReader</code> class for better
- performance. (kkolinko)
- </update>
- <fix>
- <bug>56636</bug>: Correctly identify the required method when specified
- via <code>ELProcessor.defineFunction(String,String,String,String)</code>
- when using Expression Language. (markt)
- </fix>
- <fix>
- <bug>56638</bug>: When using
- <code>ELProcessor.defineFunction(String,String,String,String)</code> and
- no function name is specified, use the method name as the function name
- as required by the specification. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="WebSocket">
- <changelog>
- <scode>
- <bug>56446</bug>: Clearer handling of exceptions when calling a method
- on a POJO based WebSocket endpoint. Based on a suggestion by Eugene
- Chung. (markt)
- </scode>
- <fix>
- When a WebSocket client attempts to write to a closed connection, handle
- the resulting <code>IllegalStateException</code> in a manner consistent
- with the handling of an <code>IOException</code>. (markt)
- </fix>
- <fix>
- Add more varied endpoints for echo testing. (remm)
- </fix>
- <fix>
- <bug>56577</bug>: Improve the executor configuration used for the
- callbacks associated with asynchronous writes. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Web applications">
- <changelog>
- <fix>
- Set the path for cookies created by the examples web application so they
- only returned to the examples application. This reduces the opportunity
- for using such cookies for malicious purposes should the advice to
- remove the examples web application from security sensitive systems be
- ignored. (markt/kkolinko)
- </fix>
- <fix>
- Attempt to obfuscate session cookie values associated with other web
- applications when viewing HTTP request headers with the Request Header
- example from the examples web application. This reduces the opportunity
- to use this example for malicious purposes should the advice to remove
- the examples web application from security sensitive systems be ignored.
- (markt)
- </fix>
- <add>
- Add options for all of the WebSocket echo endpoints to the WebSocket
- echo example in the examples web application. (markt)
- </add>
- <fix>
- Ensure that the asynchronous WebSocket echo endpoint in the examples
- web application always waits for the previous message to complete before
- it sends the next. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Other">
- <changelog>
- <update>
- Update package renamed Apache Commons DBCP2 to r1596858. (markt)
- </update>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.8 (markt)" rtext="beta, 2014-05-21">
- <subsection name="Catalina">
- <changelog>
- <fix>
- <bug>56536</bug>: Ensure that
- <code>HttpSessionBindingListener.valueUnbound()</code> uses the correct
- class loader when the <code>SingleSignOn</code> valve is used. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Jasper">
- <changelog>
- <fix>
- <bug>56529</bug>: Avoid <code>NoSuchElementException</code> while handling
- attributes with empty string value in custom tags. Patch provided by
- Hariprasad Manchi. (violetagg)
- </fix>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.7 (markt)" rtext="not released">
- <subsection name="Catalina">
- <changelog>
- <fix>
- <bug>56523</bug>: When using SPNEGO authentication, log the exceptions
- associated with failed user logins at debug level rather than error
- level. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Coyote">
- <changelog>
- <add>
- <bug>56399</bug>: Assert that both Coyote and Catalina request objects
- have been properly recycled. (kkolinko)
- </add>
- </changelog>
- </subsection>
- <subsection name="Jasper">
- <changelog>
- <fix>
- <bug>56522</bug>: When setting a value for a
- <code>ValueExpression</code>, ensure that the expected coercions take
- place such as a <code>null</code> string being coerced to an empty
- string. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Other">
- <changelog>
- <fix>
- Copy missing resources file from Apache Commons DBCP 2 to packaged
- renamed copy of DBCP 2. (markt)
- </fix>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.6 (markt)" rtext="not released">
- <subsection name="Catalina">
- <changelog>
- <fix>
- Fix extension validation which was broken by refactoring for new
- resources implementation. (markt)
- </fix>
- <fix>
- Fix custom UTF-8 decoder so that a byte of value 0xC1 is always rejected
- immediately as it is never valid in a UTF-8 byte sequence. Update UTF-8
- decoder tests to account for UTF-8 decoding improvements in Java 8.
- The custom UTF-8 decoder is still required due to bugs in the UTF-8
- decoder provided by Java. Java 8's decoder is better than Java
- 7's but it is still buggy. (markt)
- </fix>
- <fix>
- <bug>56027</bug>: Add more options for managing FIPS mode in the
- AprLifecycleListener. (schultz/kkolinko)
- </fix>
- <fix>
- <bug>56320</bug>: Fix a file descriptor leak in the default servlet when
- sendfile is used. (markt)
- </fix>
- <fix>
- <bug>56321</bug>: When a WAR is modified, undeploy the web application
- before deleting any expanded directory as the undeploy process may
- refer to classes that need to be loaded from the expanded directory. If
- the expanded directory is deleted first, any attempt to load a new class
- during undeploy will fail. (markt)
- </fix>
- <fix>
- <bug>56327</bug>: Enable AJP as well as HTTP connectors to be created
- via JMX. Patch by kiran. (markt)
- </fix>
- <fix>
- <bug>56339</bug>: Avoid an infinite loop if an application calls
- <code>session.invalidate()</code> from the session destroyed event for
- that session. (markt)
- </fix>
- <scode>
- <bug>56365</bug>: Simplify file name pattern matching code in
- <code>StandardJarScanner</code>. Improve documentation. (kkolinko)
- </scode>
- <fix>
- Ensure that the static resource cache is able to detect when a cache
- entry is invalidated by being overridden by a new resource in a
- different <code>WebResourceSet</code>. (markt)
- </fix>
- <fix>
- <bug>56369</bug>: Ensure that removing an MBean notification listener
- reverts all the operations performed when adding an MBean notification
- listener. (markt)
- </fix>
- <scode>
- Improve implementation of <code>Lifecycle</code> for
- <code>WebappClassLoader</code>. State is now correctly reported rather
- than always reporting as <code>NEW</code>. (markt)
- </scode>
- <add>
- <bug>56382</bug>: Information about finished deployment and its execution
- time is added to the log files. Patch is provided by Danila Galimov.
- (violetagg)
- </add>
- <add>
- <bug>56383</bug>: Properties for disabling server information and error
- report are added to the <code>org.apache.catalina.valves.ErrorReportValve</code>.
- Based on the patch provided by Nick Bunn. (violetagg/kkolinko)
- </add>
- <fix>
- <bug>56390</bug>: Fix JAR locking issue with JARs containing TLDs and
- the TLD cache that prevented the undeployment of web applications when
- the WAR was deleted. (markt)
- </fix>
- <fix>
- Fix CVE-2014-0119:
- Only create XML parsing objects if required and fix associated potential
- memory leak in the default Servlet.
- Extend XML factory, parser etc. memory leak protection to cover some
- additional locations where, theoretically, a memory leak could occur.
- (markt)
- </fix>
- <fix>
- Modify generic exception handling so that
- <code>StackOverflowError</code> is not treated as a fatal error and can
- handled and/or logged as required. (markt)
- </fix>
- <fix>
- <bug>56409</bug>: Avoid <code>StackOverflowError</code> on non-Windows
- systems if a file named <code>\</code> is encountered when scanning for
- TLDs. (markt)
- </fix>
- <add>
- <bug>56430</bug>: Extend checks for suspicious URL patterns to include
- patterns of the form <code>*.a.b</code> which are not valid patterns for
- extension mappings. (markt)
- </add>
- <fix>
- <bug>56441</bug>: Raise the visibility of exceptions thrown when a
- problem is encountered calling a getter or setter on a component
- attribute. The logging level is raised from debug to warning. (markt)
- </fix>
- <add>
- <bug>56463</bug>: Property for disabling server information is added to
- the <code>DefaultServlet</code>. Server information is presented in the
- response sent to the client when directory listings is enabled.
- (violetagg)
- </add>
- <fix>
- <bug>56472</bug>: Allow NamingContextListener to clean up on stop if its
- start failed. (kkolinko)
- </fix>
- <fix>
- <bug>56481</bug>: Work around case insensitivity issue in
- <code>URLClassLoader</code> exposed by some recent refactoring. (markt)
- </fix>
- <add>
- <bug>56492</bug>: Avoid eclipse debugger pausing on uncaught exceptions
- when tomcat renews its threads. (slaurent)
- </add>
- <add>
- Add the <code>org.apache.naming</code> package to the packages requiring
- code to have the <code>defineClassInPackage</code> permission when
- running under a security manager. (markt)
- </add>
- <fix>
- Make the naming context tokens for containers more robust by using a
- separate object. Require RuntimePermission when introducing a new token.
- (markt/kkolinko)
- </fix>
- <fix>
- <bug>56501</bug>: <code>HttpServletRequest.getContextPath()</code>
- should return the undecoded context path used by the user agent. (markt)
- </fix>
- <fix>
- Minor fixes to <code>ThreadLocalLeakPreventionListener</code>. Do not
- trigger threads renewal for failed contexts. Do not ignore
- <code>threadRenewalDelay</code> setting. Improve documentation. (kkolinko)
- </fix>
- <fix>
- Correct regression introduced in <rev>1239520</rev> that broke loading
- of users from <code>tomcat-users.xml</code> when using the
- <code>JAASMemoryLoginModule</code>. (markt)
- </fix>
- <fix>
- Correct regression introduced in <rev>797162</rev> that broke
- authentication of users when using the
- <code>JAASMemoryLoginModule</code>. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Coyote">
- <changelog>
- <fix>
- More cleanup of NIO2 endpoint shutdown. (remm)
- </fix>
- <fix>
- <bug>56336</bug>: AJP output corruption and errors. (remm)
- </fix>
- <fix>
- Handle various cases of incomplete writes in NIO2. (remm)
- </fix>
- <scode>
- Code cleanups and i18n in NIO2. (remm)
- </scode>
- <fix>
- Fix extra onDataAvailable calls in the NIO2 connector. (remm)
- </fix>
- <fix>
- Fix gather writes in NIO2 SSL. (remm)
- </fix>
- <scode>
- Upgrade the NIO2 connectors to beta, but still not ready for production. (remm)
- </scode>
- <scode>
- Fix code duplication between NIO and NIO2. (remm)
- </scode>
- <fix>
- <bug>56348</bug>: Fix slow asynchronous read when read was performed on
- a non-container thread. (markt)
- </fix>
- <fix>
- <bug>56416</bug>: Correct documentation for default value of socket
- linger for the AJP and HTTP connectors. (markt)
- </fix>
- <fix>
- Fix possible corruption if doing keepalive after a comet request. (remm)
- </fix>
- <fix>
- <bug>56518</bug>: Fix connection limit latch leak when a non-container
- thread is interrupted during asynchronous processing. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Jasper">
- <changelog>
- <fix>
- <bug>56334</bug>: Fix a regression in the handling of back-slash
- escaping introduced by the fix for <bug>55735</bug>. (markt/kkolinko)
- </fix>
- <fix>
- <bug>56425</bug>: Improve method matching for EL expressions. When
- looking for matching methods, an exact match between parameter types is
- preferred followed by an assignable match followed by a coercible match.
- (markt)
- </fix>
- <fix>
- Correct the handling of back-slash escaping in the EL parser and no
- longer require that <code>\$</code> or <code>\#</code> must be followed
- by <code>{</code> in order for the back-slash escaping to take effect.
- (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Cluster">
- <changelog>
- <scode>
- Remove the implementation of
- <code>org.apache.catalina.LifecycleListener</code> from
- <code>org.apache.catalina.ha.tcp.SimpleTcpCluster</code>.
- <code>SimpleTcpCluster</code> does not work as
- <code>LifecycleListener</code>, it works as nested components of Host or
- Engine. (kfujino)
- </scode>
- <fix>
- Remove cluster and replicationValve from cluster manager template. These
- instance are not necessary to template. (kfujino)
- </fix>
- <fix>
- Add support for cross context session replication to
- <code>org.apache.catalina.ha.session.BackupManager</code>. (kfujino)
- </fix>
- <fix>
- Remove the unnecessary cross context check. It does not matter whether
- the context that is referenced by other context is set to
- <code>crossContext</code>=true. The context that refers to the different
- context must be set to <code>crossContext</code>=true. (kfujino)
- </fix>
- <scode>
- Move to <code>org.apache.catalina.ha.session.ClusterManagerBase</code>
- common logics of
- <code>org.apache.catalina.ha.session.BackupManager</code> and
- <code>org.apache.catalina.ha.session.DeltaManager</code>. (kfujino)
- </scode>
- <scode>
- Simplify the code of <code>o.a.c.ha.tcp.SimpleTcpCluster</code>. In
- order to add or remove cluster valve to Container, use pipeline instead
- of <code>IntrospectionUtils</code>. (kfujino)
- </scode>
- <fix>
- There is no need to set cluster instance when
- <code>SimpleTcpCluster.unregisterClusterValve</code> is called.
- Set null than cluster instance for cleanup. (kfujino)
- </fix>
- </changelog>
- </subsection>
- <subsection name="WebSocket">
- <changelog>
- <fix>
- <bug>56343</bug>: Avoid a NPE if Tomcat's Java WebSocket 1.0
- implementation is used with the Java WebSocket 1.0 API JAR from the
- reference implementation. (markt)
- </fix>
- <fix>
- Increase the default maximum size of the executor used by the WebSocket
- implementation for call backs associated with asynchronous writes from
- 10 to 200. (markt)
- </fix>
- <add>
- Add a warning if the thread group created for WebSocket asynchronous
- write call backs can not be destroyed when the web application is
- stopped. (markt)
- </add>
- <fix>
- Ensure that threads created to support WebSocket clients are stopped
- when no longer required. This will happen automatically for WebSocket
- client connections initiated by web applications but stand alone clients
- must call <code>WsWebSocketContainer.destroy()</code>. (markt)
- </fix>
- <fix>
- <bug>56449</bug>: When creating a new session, add the message handlers
- to the session before calling <code>Endpoint.onOpen()</code> so the
- message handlers are in place should the <code>onOpen()</code> method
- trigger the sending of any messages. (markt)
- </fix>
- <fix>
- <bug>56458</bug>: Report WebSocket sessions that are created over secure
- connections as secure rather than as not secure. (markt)
- </fix>
- <fix>
- Stop threads used for secure WebSocket client connections when they are
- no longer required and give them better names for easier debugging while
- they are running. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Web applications">
- <changelog>
- <fix>
- Add Support for <code>copyXML</code> attribute of Host to Host Manager.
- (kfujino)
- </fix>
- <fix>
- Ensure that "name" request parameter is used as a application base of
- host if "webapps" request parameter is not set when adding host in
- HostManager Application. (kfujino)
- </fix>
- <fix>
- Correct documentation on Windows service options, aligning it with
- Apache Commons Daemon documentation. (kkolinko)
- </fix>
- <fix>
- <bug>56418</bug>: Ensure that the Manager web application does not
- report success for a web application deployment that fails. (slaurent)
- </fix>
- <update>
- Improve valves documentation. Split valves into groups. (kkolinko)
- </update>
- <fix>
- <bug>56513</bug>: Make the documentation crystal clear that using
- sendfile will disable any compression that Tomcat may otherwise have
- applied to the response. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Other">
- <changelog>
- <scode>
- Review source code and take advantage of Java 7's
- try-with-resources syntax where possible. (markt)
- </scode>
- <fix>
- Align DisplayName of Tomcat installed by <code>service.bat</code> with
- one installed by the *.exe installer. Print a warning in case if neither
- server nor client jvm is found by <code>service.bat</code>. (kkolinko)
- </fix>
- <update>
- <bug>56363</bug>: Update to version 1.1.30 of Tomcat Native library.
- (schultz)
- </update>
- <update>
- Update package renamed Apache Commons BCEL to r1593495 to pick up some
- additional changes for Java 7 support and some code clean up. (markt)
- </update>
- <update>
- Update package renamed Apache Commons FileUpload to r1569132 to pick up
- some small improvements (e.g. better <code>null</code> protection) and
- some code clean up. (markt)
- </update>
- <update>
- Update package renamed Apache Commons Codec to r1586336 to pick up some
- Javadoc fixes and some code clean up. (markt)
- </update>
- <scode>
- Switch to including Apache Commons DBCP via a package renamed svn copy
- rather than building from a source release for consistency with other
- Commons packages and to allow faster releases to fix DBCP related
- issues. (markt)
- </scode>
- <update>
- Update package renamed Apache Commons Pool2 and DBCP2 to r1593563 to
- pick various bug fixes. (markt)
- </update>
- <add>
- In tests: allow to configure directory where JUnit reports and access
- log are written to. (kkolinko)
- </add>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.5 (markt)" rtext="beta, 2014-03-27">
- <subsection name="Catalina">
- <changelog>
- <fix>
- Rework the fix for <bug>56190</bug> as the previous fix did not recycle
- the request in all cases leading to mis-routing of requests. (markt)
- </fix>
- <fix>
- Allow web applications to package tomcat-jdbc.jar and their JDBC driver
- of choice in the web application. (markt)
- </fix>
- <fix>
- <bug>56293</bug>: Cache resources loaded by the class loader from
- <code>/META-INF/services/</code> for better performance for repeated
- look ups. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Coyote">
- <changelog>
- <fix>
- Fix possibly incomplete final flush with NIO2 when using non blocking
- mode. (remm)
- </fix>
- <fix>
- Cleanup NIO2 endpoint shutdown. (remm)
- </fix>
- <fix>
- Fix rare race condition notifying onWritePossible in the NIO2
- HTTP/1.1 connector. (remm)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Jasper">
- <changelog>
- <fix>
- <bug>54475</bug>: Add Java 8 support to SMAP generation for JSPs. Patch
- by Robbie Gibson. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Web applications">
- <changelog>
- <fix>
- <bug>56273</bug>: If the Manager web application does not perform an
- operation because the web application is already being serviced, report
- an error rather than reporting success. (markt)
- </fix>
- <fix>
- <bug>56304</bug>: Add a note to the documentation about not using
- WebSocket with BIO HTTP in production. (markt)
- </fix>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.4 (markt)" rtext="not released">
- <subsection name="Catalina">
- <changelog>
- <fix>
- Restore the ability to use the <code>addURL()</code> method of the
- web application class loader to add external resources to the web
- application. (markt)
- </fix>
- <fix>
- Improve the robustness of web application undeployment based on some
- code analysis triggered by the report for <bug>54315</bug>. (markt)
- </fix>
- <fix>
- <bug>56125</bug>: Correctly construct the URL for a resource that
- represents the root of a JAR file. (markt)
- </fix>
- <fix>
- Generate a valid root element for the effective web.xml for a web
- application for all supported versions of web.xml. (markt)
- </fix>
- <add>
- Make it easier for applications embedding and/or extending Tomcat to
- modify the <code>javaseClassLoader</code> attribute of the
- <code>WebappClassLoader</code>. (markt)
- </add>
- <fix>
- Add missing support for <code><deny-uncovered-http-methods></code>
- element when merging web.xml files. (markt)
- </fix>
- <fix>
- Improve merging process for web.xml files to take account of the
- elements and attributes supported by the Servlet version of the merged
- file. (markt)
- </fix>
- <fix>
- Avoid <code>NullPointerException</code> in resource cache when making an
- invalid request for a resource outside of the web application. (markt)
- </fix>
- <fix>
- Remove an unnecessary null check identified by FindBugs. (markt)
- </fix>
- <add>
- In WebappClassLoader, when reporting threads that are still running
- while web application is being stopped, print their stack traces to
- the log. (kkolinko)
- </add>
- <fix>
- <bug>56190</bug>: The response should be closed (i.e. no further output
- is permitted) when a call to <code>AsyncContext.complete()</code> takes
- effect. (markt)
- </fix>
- <fix>
- <bug>56236</bug>: Enable Tomcat to work with alternative Servlet and
- JSP API JARs that package the XML schemas in such as way as to require
- a dependency on the JSP API before enabling validation for web.xml.
- Tomcat has no such dependency. (markt)
- </fix>
- <fix>
- <bug>56244</bug>: Fix MBeans descriptor for WebappClassLoader MBean.
- (kkolinko)
- </fix>
- <add>
- Add a work around for validating XML documents (often TLDs) that use
- just the file name to refer to refer to the JavaEE schema on which they
- are based. (markt)
- </add>
- <add>
- Add methods of get the idle time from last client access time to
- <code>org.apache.catalina.Session</code>. (kfujino)
- </add>
- <fix>
- <bug>56246</bug>: Fix NullPointerException in MemoryRealm when
- authenticating an unknown user. (markt)
- </fix>
- <fix>
- <bug>56248</bug>: Allow the deployer to update an existing WAR file
- without undeploying the existing application if the update flag is set.
- This allows any existing custom context.xml for the application to be
- retained. To update an application and remove any existing context.xml
- simply undeploy the old version of the application before deploying the
- new version. (markt)
- </fix>
- <fix>
- <bug>56253</bug>: When listing resources that are provided by a JAR, fix
- possible <code>StringIndexOutOfBoundsException</code>s. Add some unit
- tests for this and similar scenarios and fix the additional issues those
- unit tests identified. Based on a patch by Larry Isaacs. (markt)
- </fix>
- <fix>
- Fix CVE-2014-0096:
- Redefine the <code>globalXsltFile</code> initialisation parameter of the
- DefaultServlet as relative to CATALINA_BASE/conf or CATALINA_HOME/conf.
- Prevent user supplied XSLTs used by the DefaultServlet from defining
- external entities. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Coyote">
- <changelog>
- <fix>
- In some circumstances asynchronous requests could time out too soon.
- (markt)
- </fix>
- <fix>
- <bug>56172</bug>: Avoid possible request corruption when using the AJP
- NIO connector and a request is sent using more than one AJP message.
- Patch provided by Amund Elstad. (markt)
- </fix>
- <add>
- Add experimental NIO2 connector. Based on code developed by
- Nabil Benothman. (remm)
- </add>
- <fix>
- Fix CVE-2014-0075:
- Improve processing of chuck size from chunked headers. Avoid overflow
- and use a bit shift instead of a multiplication as it is marginally
- faster. (markt/kkolinko)
- </fix>
- <fix>
- Fix CVE-2014-0095:
- Correct regression introduced in 8.0.0-RC2 as part of the Servlet 3.1
- non-blocking IO support that broke handling of requests with an explicit
- content length of zero. (markt/kkolinko)
- </fix>
- <fix>
- Fix CVE-2014-0099:
- Fix possible overflow when parsing long values from a byte array.
- (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Jasper">
- <changelog>
- <fix>
- Change the default compiler source and compiler target versions to 1.7
- since Tomcat 8 requires a minimum of Java 7. (markt)
- </fix>
- <fix>
- <bug>56179</bug>: Fix parsing of EL expressions that contain unnecessary
- parentheses. (markt)
- </fix>
- <fix>
- <bug>56177</bug>: Handle dependency tracking for TLDs when using JspC
- with a tag library JAR that is located outside of the web application.
- (markt)
- </fix>
- <fix>
- Remove an unnecessary null check identified by FindBugs. (markt)
- </fix>
- <fix>
- <bug>56199</bug>: Restore validateXml option for JspC which determines
- if web.xml will be parsed with a validating parser. (markt)
- </fix>
- <fix>
- <bug>56223</bug>: Throw an <code>IllegalStateException</code> if a call
- is made to <code>ServletContext.setInitParameter()</code> after the
- ServletContext has been initialized. (markt)
- </fix>
- <fix>
- <bug>56265</bug>: Do not escape values of dynamic tag attributes
- containing EL expressions. (kkolinko)
- </fix>
- <fix>
- Make the default compiler source and target versions for JSPs Java 7
- since Tomcat 8 requires Java 7 as a minimum. (markt)
- </fix>
- <update>
- <bug>56283</bug>: Update to the Eclipse JDT Compiler P20140317-1600
- which adds support for Java 8 syntax to JSPs. Add support for value
- "1.8" for the <code>compilerSourceVM</code> and
- <code>compilerTargetVM</code> options. (markt)
- </update>
- </changelog>
- </subsection>
- <subsection name="WebSocket">
- <changelog>
- <fix>
- Avoid a possible deadlock when one thread is shutting down a connection
- while another thread is trying to write to it. (markt)
- </fix>
- <fix>
- Avoid NPE when flushing batched messages. (markt)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Web Applications">
- <changelog>
- <add>
- <bug>56093</bug>: Add the SSL Valve to the documentation web
- application. (markt)
- </add>
- <fix>
- <bug>56217</bug>: Improve readability by using left alignment for the
- table cell containing the request information on the Manager application
- status page. (markt)
- </fix>
- <fix>
- Fixed <code>java.lang.NegativeArraySizeException</code> when using
- "Expire sessions" command in the manager web application on a
- context where the session timeout is disabled. (kfujino)
- </fix>
- <fix>
- Add support for <code>LAST_ACCESS_AT_START</code> system property to
- Manager web application. (kfujino)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Other">
- <changelog>
- <fix>
- <bug>56115</bug>: Expose the <code>httpusecaches</code> property of
- Ant's <code>get</code> task as some users may need to change the
- default. Based on a suggestion by Anthony. (markt)
- </fix>
- <fix>
- <bug>56143</bug>: Improve <code>service.bat</code> so that it can be
- launched from a non-UAC console. This includes using a single call to
- <code>tomcat8.exe</code> to install the Windows service rather than
- three calls, and using command line arguments instead of environment
- variables to pass the settings. (markt/kkolinko)
- </fix>
- <scode>
- Simplify Windows *.bat files: remove %OS% checks, as current java does
- not run on ancient non-NT operating systems. (kkolinko)
- </scode>
- <fix>
- Align options between <code>service.bat</code> and <code>exe</code>
- Windows installer. For <code>service.bat</code> the changes are in
- --Classpath, --DisplayName, --StartPath, --StopPath. For
- <code>exe</code> installer the changes are in --JvmMs, --JvmMx options,
- which are now 128 Mb and 256 Mb respectively instead of being empty.
- Explicitly specify --LogPath path when uninstalling Windows service,
- avoiding default value for that option. (kkolinko)
- </fix>
- <fix>
- <bug>56137</bug>: Explicitly use NIO connector in SSL example in
- server.xml so it doesn't break if APR is enabled. (markt)
- </fix>
- <fix>
- <bug>56139</bug>: Avoid a web application class loader leak in some unit
- tests when running on Windows. (markt)
- </fix>
- <fix>
- Correct build script to avoid building JARs with empty packages. (markt)
- </fix>
- <add>
- Allow to limit JUnit test run to a number of selected test case
- methods. (kkolinko)
- </add>
- <update>
- Update Commons Pool 2 to 2.2. (markt)
- </update>
- <update>
- Update Commons DBCP 2 to the 2.0 release. (markt)
- </update>
- <fix>
- <bug>56189</bug>: Remove used file cpappend.bat from the distribution.
- (markt)
- </fix>
- <fix>
- <bug>56204</bug>: Remove unnecessary dependency between tasks in the
- build script. (markt)
- </fix>
- <fix>
- Add definition of <code>org.apache.catalina.ant.FindLeaksTask</code>.
- (kfujino)
- </fix>
- <fix>
- Implement <code>org.apache.catalina.ant.VminfoTask</code>,
- <code>org.apache.catalina.ant.ThreaddumpTask</code> and
- <code>org.apache.catalina.ant.SslConnectorCiphersTask</code>. (kfujino)
- </fix>
- <add>
- Add the option to the Apache Ant tasks to ignore the constraint of the
- first line of the response message that must be "OK -"
- (<code>ignoreResponseConstraint</code> in <code>AbstractCatalinaTask</code>).
- Default is false. (kfujino)
- </add>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.3 (markt)" rtext="beta, 2014-02-11">
- <subsection name="Other">
- <changelog>
- <fix>
- Fix build of Apache Commons DBCP2 classes. (kkolinko)
- </fix>
- <update>
- Update Commons DBCP 2 to snapshot 170 dated 07 Feb 2014. This enables
- DBCP to work with a SecurityManager such that only DBCP needs to be
- granted the necessary permissions to communicate with the database.
- (markt)
- </update>
- </changelog>
- </subsection>
-</section>
-<section name="Tomcat 8.0.2 (markt)" rtext="not released">
- <subsection name="Catalina">
- <changelog>
- <fix>
- <bug>56082</bug>: Fix a concurrency bug in JULI's LogManager
- implementation. (markt)
- </fix>
- <fix>
- <bug>56085</bug>: <code>ServletContext.getRealPath(String)</code> should
- return <code>null</code> for invalid input rather than throwing an
- <code>IllegalArgumentException</code>. (markt)
- </fix>
- <fix>
- Fix WebDAV support that was broken by the refactoring for the new
- resources implementation. (markt)
- </fix>
- <scode>
- Simplify Catalina.initDirs(). (kkolinko)
- </scode>
- <fix>
- <bug>56096</bug>: When the attribute <code>rmiBindAddress</code> of the
- JMX Remote Lifecycle Listener is specified it's value will be used when
- constructing the address of a JMX API connector server. Patch is
- provided by Jim Talbut. (violetagg)
- </fix>
- <fix>
- When environment entry with one and the same name is defined in the web
- deployment descriptor and with annotation then the one specified in the
- web deployment descriptor is with priority. (violetagg)
- </fix>
- <fix>
- Fix passing the value of false for <code>xmlBlockExternal</code> option
- of Context to Jasper, as the default was changed in 8.0.1. (kkolinko)
- </fix>
- </changelog>
- </subsection>
- <subsection name="Coyote">
- <changelog>
[... 380 lines stripped ...]
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org