Log Message:
Updated www/apache-tomcat55 to 5.5.27

Tomcat 5.5.27 (fhanik)

    General

        44463: War file upload in manager webapp fails due to missing commons-io \ 
dependency. Added commons-io 1.4. (rjung)

    Catalina

        44021, 43013: Add support for # to signify multi-level contexts for \ 
directories and wars.
        44494: Backport from 6.0 (rjung)
        Add additional checks for URI normalization. (remm)
        Don't throw an ArrayIndexOutOfBoundsException when empty URL is \ 
requested. Patch provided by Charles R Caldarale. (markt)
        29936: Don't use parser from a webapp to parse web.xml and possibly \ 
context.xml files. (markt)
        43079: Correct pattern verification for suspicious URLs. Patch provided \ 
by John Kew. (markt)
        43080: Log suspicious URL pattern warnings to the correct web \ 
application. (markt)
        43117: Setting an empty workDIR could delete all of CATALINA_HOME. Patch \ 
provided by Takayuki Kaneko. (markt)
        44282: Prevent security exception in trace level logging for web \ 
application class loader when running under a security manager. (markt)
        44529: No roles specified (deny all) should take precedence over no \ 
auth-constraint specified (allow-all). (markt)
        43578: Enable start on Linux if $CATALINA_HOME contains a space. \ 
Original patch provided by Ray Sauers with improvements by Ian Ward Comfort. \ 
(markt)
        44673: Throw IOE if ServletInputStream is closed and a call is made to \ 
any read(), ready(), mark(), reset(), or skip() method as per javadocs for \ 
Reader. (markt)
        Enable the CGIServlet to work with Windows Vista. (markt)
        Add additional permission required to read JDK logging configuration \ 
when running with a security manager. (markt)
        44943: Reduce copy/paste issues caused by different engine names in \ 
server.xml. (markt)
        45195: Prevent NPE when calling Session.getAttribute(null) and \ 
Session.removeAttribute(null). The spec is unclear but this is a regression from \ 
5.0.x. (markt)
        45293: Update name of commons-logging jar in security policy. (markt)
        45453: Fix race condition in JDBC Realm. Based on a patch provided by \ 
Santtu Hyrkk. (markt)
        JAAS Realm did not read role information for users. (markt)

    Connectors

        Log errors for AJP signoffs at DEBUG level, since it is harmless if \ 
mod_jk has hung up the phone. (billbarker)
        42727: Handle request lines that are exact multiples of 4096 in length. \ 
Patch provided by Will Pugh. (markt)
        43191: Compression could not be disabled for some file types. Based on a \ 
patch by Len Popp. (markt)
        45591: Fix NPE on shutdown failure in some cases. Based on a patch by \ 
Matt Passell. (markt)

    Jasper

        31257: Quote endorsed dirs if they contain a space. (markt)
        42943: Make sure nested element is inside <jsp:text> element \ 
before throwing exception. (markt)
        44877: Prevent collisions in tag pool names. (markt)
        45015: Enfore JSP spec rules on quoting in attrbutes. This is \ 
configurable using the system property \ 
org.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING. (markt)

    Webapps

        42899: When saving config from admin app, correctly handle case where \ 
the old config file does not exist. (markt)
        44541: Document packetSize attribute for AJP connector. (markt)
        44715: Document use of secret for AJP connector. (markt)
        45323: Add note that context.xml files can only contain a single Context \ 
element. (markt)
        Update JNDI datasource docs since maxActive setting for unlimited \ 
changed in commons-pool > 1.2. (markt)

    Specification

        Use a localised error message if a user tries to write a negative length \ 
byte array during default processing of a HEAD request. (markt)
        44562: HEAD requests cannot use includes. Patch provided by David \ 
Jencks. (markt)