Log Message:
Update to 8.5.29

Changelog:
Tomcat 8.5.29 (markt)
Catalina
    Fix: Minor optimization when calling class transformers. (rjung)
    Fix: Prevent Tomcat from applying gzip compression to content that is \ 
already compressed with brotli compression. Based on a patch provided by burka. \ 
(markt)
    Fix: 62090: Null container names are not allowed. (remm)
    Fix: 62104: Fix programmatic login regression as the NonLoginAuthenticator \ 
has to be set for it to work (if no login method is specified). (remm)
    Fix: 62117: Improve error message in catalina.sh when calling kill -0 \ 
<pid> fails. Based on a suggestion from Mark Morschhaeuser. (markt)
    Fix: 62118: Correctly create a JNDI ServiceRef using the specified interface \ 
rather than the concrete type. Based on a suggestion by Ángel Álvarez Páscua. \ 
(markt)
    Fix: Fix for RequestDumperFilter log attribute. Patch provided by Kirill \ 
Romanov via Github. (violetagg)
    Fix: 62123: Avoid ConcurrentModificationException when attempting to clean \ 
up application triggered RMI memory leaks on web application stop. (markt)
    Fix: Correct a regression in the fix for 60276 that meant that compression \ 
was applied to all MIME types. Patch provided by Stefan Knoblich. (markt)

Coyote
    Fix: Add minor HPACK fixes, based on fixes by Stuart Douglas. (remm)
    Fix: 61751: Follow up fix so that OpenSSL engine returns underflow when \ 
unwrapping if no bytes were produced and the input is empty. (remm)
    Fix: Minor OpenSSL engine cleanups. (remm)
    Fix: NIO SSL handshake should throw an exception on overflow status, like \ 
NIO2 SSL. (remm)

Web applications
    Add: 48672: Add documentation for the Host Manager web application. Patch \ 
provided by Marek Czernek. (markt)
    Add: Work-around a known, non-specification compliant behaviour in some \ 
versions of IE that can allow XSS when the Manager application generates a plain \ 
text response. Based on a suggestion from Muthukumar Marikani. (markt)

Other
    Update the build script so MD5 hashes are no longer generated for releases \ 
as per the change in the ASF distribution policy. (markt)

2018-02-11 Tomcat 8.5.28 (markt)
Catalina
    Fix: Prevent a stack trace being written to standard out when running on \ 
Java 10 due to changes in the LogManager implementation. (markt)
    Fix: 62000: When a JNDI reference cannot be resolved, ensure that the root \ 
cause exception is reported rather than swallowed. (markt)
    Fix: 62036: When caching an authenticated user Principal in the session when \ 
the web application is configured with the NonLoginAuthenticator, cache the \ 
internal Principal object rather than the user facing Principal object as Tomcat \ 
requires the internal object to correctly process later authorization checks. \ 
(markt)
    Fix: Avoid duplicate load attempts if one has been made already. (remm)
    Fix: Avoid NPE in ThreadLocalLeakPreventionListener if there is no Engine. (remm)
    Fix: 62067: Correctly apply security constraints mapped to the context root \ 
using a URL pattern of "". (markt)
    Fix: When using Tomcat embedded, only perform Authenticator configuration \ 
once during web application start. (markt)
    Fix: Process all ServletSecurity annotations at web application start rather \ 
than at servlet load time to ensure constraints are applied consistently. \ 
(markt)

Coyote
    Fix: 61751: Fix truncated request input streams when using NIO2 with TLS. (markt)
    Fix: 62023: Log error reporting multiple SSLHostConfig elements when using \ 
the APR Connector instead of crashing Tomcat. (csutherl)
    Fix: 62032: Fix NullPointerException when certificateFile is not defined on \ 
an SSLHostConfig and unify the behavior when a certificateFile is defined but \ 
the file does not exist for both JKS and PEM file types. (csutherl)

WebSocket
    Fix: 62024: When closing a connection with an abnormal close, close the \ 
socket immediately rather than waiting for a close message from the client that \ 
may never arrive. (markt)

Webapps
    Fix: 62049: Fix missing class from manager 404 JSP error page. (remm)

jdbc-pool
    Add: Enhance the JMX support for jdbc-pool in order to expose \ 
PooledConnection and JdbcInterceptors. (kfujino)
    Add: Add MBean for PooledConnection. (kfujino)
    Add: 62011: Add MBean for StatementCache. (kfujino)
    Add: Expose the cache size for each connection via JMX in StatementCache. \ 
(kfujino)
    Add: Add MBean for ResetAbandonedTimer. (kfujino)

Other
    Update: Update the NSIS Installer used to build the Windows installer to \ 
version 3.03. (kkolinko)