Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
Update to 8.5.37
Changelog:
Tomcat 8.5.37 (markt)
Catalina
Update: Update the recommended minimum Tomcat Native version to 1.2.19. (markt)
Other
Update: Update the packaged version of the Tomcat Native Library to 1.2.19 \
to pick up the latest Windows binaries built with APR 1.6.5 and OpenSSL 1.1.1a. \
(markt)
not released Tomcat 8.5.36 (markt)
Catalina
Fix: 62788: Add explicit logging configuration to write log files using \
UTF-8 to align with Tomcat's use of UTF-8 by default elsewhere. (markt)
Fix: The default Servlet should not override a previously set content-type. \
(remm)
Add: 62897: Provide a property (clearReferencesThreadLocals) on the standard \
Context implementation that enables the check for memory leaks via ThreadLocals \
to be disabled because this check depends on the use of an API that has been \
deprecated in later versions of Java. (markt)
Fix: Fix more storeconfig issues with duplicated SSL attributes. (remm)
Fix: 62968: Avoid unnecessary (and relatively expensive) getResources() call \
in the Mapper when processing rule 7. (markt)
Fix: 62978: Update the RemoteIpValve to handle multiple values in the \
x-forwarded-proto header. Patch provided by Tom Groot. (markt)
Fix: Update the RemoteIpFilter to handle multiple values in the \
x-forwarded-proto header. Based on a patch provided by Tom Groot. (markt)
Code: 62986: Refactor the code that performs class scanning during web \
application start to make integration simpler for downstream users. Patch \
provided by rmannibucau. (markt)
Fix: 62988: Fix the LoadBalancerDrainingValve so it works when the session \
cookie configuration is not explicitly declared. Based on a patch provided by \
Andreas Kurth. (markt)
Fix: 63002: Fix setting rewrite qsdiscard flag. (remm)
Fix: Implement the requirements of section 8.2.2 2c of the Servlet \
specification and prevent a web application from deploying if it has fragments \
with duplicate names and is configured to use relative ordering of fragments. \
(markt)
Coyote
Fix: Avoid an exception when using Tomcat Native built with a version of \
OpenSSL that does not support TLSv1.3. (markt)
Fix: 62899: Prevent the incorrect timing out of connections when Servlet \
non-blocking I/O is used to read a request body over an HTTP/2 stream. (markt)
Fix: Avoid bad SSLHostConfig JMX registrations before init. (remm)
Jasper
Add: 53737: Extend JspC, the precompilation tool, to include support for \
resource JARs. (markt)
Fix: 62976: Avoid an IllegalStateException when using background compilation \
when tag files are packaged in JAR files. (markt)
Web applications
Fix: 62918: Filter out subtype mbeans to avoid breaking the connector status \
page. (remm)
Other
Fix: Prevent an error when running in a Cygwin shell and the \
JAVA_ENDORSED_DIRS system property is empty. Patch provided by Zemian Deng. \
(markt)
Add: 53930: Add support for the CATALINA_OUT_CMD environment variable that \
defines a command to which captured stdout and stderr will be redirected. Patch \
provided by Casey Lucas. (markt)
2018-11-07 Tomcat 8.5.35 (markt)
Catalina
Add: 61692: Add the ability to control which HTTP methods are handled by the \
CGI Servlet via a new initialization parameter cgiMethods. (markt)
Fix: 62687: Expose content length information for resources when using a \
compressed war. (remm)
Fix: 62737: Fix rewrite substitutions parsing of {} nesting. (remm)
Fix: Add rewrite flags output when getting the rewrite configuration back. (remm)
Fix: Add missing qsdiscard flag to the rewrite flags as a cleaner way to \
discard the query string. (remm)
Fix: Add documentation about the files context.xml.default and \
web.xml.default that can be used to customize conf/context.xml and conf/web.xml \
on a per host basis. (fschumacher)
Fix: Ensure that a canonical path is always used for the docBase of a \
Context to ensure consistent behaviour. (markt)
Fix: 62803: Fix SSL connector configuration processing in storeconfig. (remm)
Fix: 62797: Pass throwable to keep client aborts with status 200 rather than \
500. Patch submitted by zikfat. (remm)
Fix: 62809: Correct a regression in the implementation of DIGEST \
authentication support for the Deployer Ant tasks (bug 45832) that prevented the \
DeployTask from working when authentication was required. (markt)
Update: Update the recommended minimum Tomcat Native version to 1.2.18. (markt)
Add: Ignore an attribute named source on Context elements provided by \
StandardContext. This is to suppress warnings generated by the Eclipse / Tomcat \
integration provided by Eclipse. Based on a patch by mdfst13. (markt)
Add: 62830: Added JniLifeCycleListener and static methods \
Library.loadLibrary(libraryName) and Library.load(filename) to load a native \
library by a shared class loader so that more than one Webapp can use it. \
(isapir)
Fix: Correct a typo in the Spanish resource files. Patch provided by Diego \
Agulló. (markt)
Fix: 62868: Order the Enumeration<URL> provided by \
WebappClassLoaderBase.getResources(String) according to the setting of the \
delegate flag. (markt)
Coyote
Add: Add TLSv1.3 to the default protocols and to the all alias for JSSE \
based TLS connectors when running on a JVM that supports TLS version 1.3. One \
such JVM is OpenJDK version 11. (rjung)
Fix: 62685: Correct an error in host name validatin parsing that did not \
allow a fully qualified domain name to terminate with a period. Patch provided \
by AG. (markt)
Fix: 62739: Do not reject requests with an empty HTTP Host header. Such \
requests are unusual but not invalid. Patch provided by MichaeNIO2 connector \
when using the OpenSSL backed JSSE implementation. (schultz/markt)
Fix: 62791: Remove an unnecessary check in the NIO TLS implementation that \
prevented from secure WebSocket connections from being established. (markt)
Fix: Fix servesed by the fix for 53492, that caused the JSP compiler to \
hang. (markt)
Fix: 62721: Correct generation of web.xml header when using JspC. (markt)
Fix: 62757: Correct a regression in the fix for 62603 that caused \
NullPointerExceptions when compiling tag files on first access when development \
mode was disabled and background compilation was enabled. Based on a patch by \
Jordi Llach. (markt)
WebSocket
Fix: 62731: Make the URI returned by HandshakeRequest.getRequestURI() and \
Session.getRequestURI() absolute so that the scheme, host and port are \
accessible. (markt)
Web applications
Fix: 62676: Expand the CORS filter documentation to make it clear that \
explicit configuration is required to enable support for cross-origin requests. \
(markt)
Fix: 62712: Correct NPE in Manager application when attempting to view \
configured certificates for an APR/native TLS connector. (markt)
Fix: 62761: Correct the advanced CORS example in the Filter documentation to \
use a valid configuration. (markt)
Fix: 62786: Add a note to the Context documentation to explain that, by \
default, settings for a Context element defined in server.xml will be \
overwritten by settings specified in a default context file such as \
conf/context.xml. (markt)
Fix: Create a little visual separation between the Undeploy button and the \
other buttons in the Manager application. Patch provided by Łukasz Jąder. \
(markt)
Other
Update: Update the internal fork of Apache Commons Pool 2 to d4e0e88 \
(2018-09-12) to pick up some bug fixes and enhancements. (markt)
Update: Update the packaged version of the Tomcat Native Library to 1.2.18 \
to pick up the latest Windows binaries built with APR 1.6.5 and OpenSSL 1.1.1. \
(markt)
2018-09-10 Tomcat 8.5.34 (markt)
Catalina
Add: Make the isLocked() method of the LockOutRealm public and expose the \
method via JMX. (markt)
Fix: Improve the handling of path parameters when working with \
RequestDispatcher objects. (markt)
Fix: 62664: Process requests with content type multipart/form-data to \
servlets with a @MultipartConfig annotation regardless of HTTP method. (markt)
Fix: 62667: Add recursion to rewrite substitution parsing. (remm)
Fix: 62669: When using the SSIFilter and a resource does not specify a \
content type, do not force the content type to application/x-octet-stream. \
(markt)
Fix: 62670: Adjust the memory leak protection for the DriverManager so that \
JDBC drivers located in $CATALINA_HOME/lib and $CATALINA_BASE/lib are loaded via \
the service loader mechanism when the protection is enabled. (markt)
Fix: When generating a redirect to a directory in the Default Servlet, avoid \
generating a protocol relative redirect. (markt)
Coyote
Fix: Fix potential deadlocks when using asynchronous Servlet processing with \
HTTP/2 connectors. (markt)
Fix: 62620: Fix corruption of response bodies when writing large bodies \
using asynchronous processing over HTTP/2. (markt)
Fix: 62628: Additional fixes for output corruption of response bodies when \
writing large bodies using asynchronous processing over HTTP/2. (markt)
Jasper
Fix: Correct the JSP version in the X-PoweredBy HTTP header generated when \
the xpoweredBy option is enabled. (markt)
Fix: 62662: Fix the corruption of web.xml output during JSP compilation \
caused by the fix for 53492. Patch provided by Bernhard Frauendienst. (markt)
Web applications
Add: Expand the information in the documentation web application regarding \
the use of CATALINA_HOME and CATALINA_BASE. Patch provided by Marek Czernek. \
(markt)
Fix: 62652: Make it clearer that the version of DBCP that is packaged in \
Tomcat 8.5.x is DBCP 2. Correct the names of some DBCP 2 configuration \
attributes that changed between 1.x and 2.x. (markt)
Add: 62666: Expand internationalisation support in the Manager application \
to include the server status page and provide Russian translations in addition \
to English. Patch provided by Artem Chebykin. (markt)
Other
Fix: Switch the build script to use http for downloads from an ASF mirror \
using the closer.lua script to avoid failures due to HTTPS to HTTP redirects. \
(rjung)
2018-08-17 Tomcat 8.5.33 (markt)
Catalina
Fix: Ensure that the HTTP Vary header is set correctly when using the CORS \
filter and improve the cacheability of requests that pass through the COPRS \
filter. (markt)
Fix: 62527: Revert restriction of JNDI to the java: namespace. (remm)
Add: Introduce a new class - MultiThrowable - to report exceptions when \
multiple actions are taken where each action may throw an exception but all \
actions are taken before any errors are reported. Use this new class when \
reporting multiple container (e.g. web application) failures during start. \
(markt)
Fix: Correctly decode URL paths (+ should not be decoded to a space in the \
path) in the RequestDispatcher and the web application class loader. (markt)
Add: Make logout more robust if JASPIC subject is unexpectedly unavailable. \
(markt)
Fix: 62547: JASPIC cleanSubject() was not called on logout when the \
authenticator was configured to cache the authenticated Principal. Patch \
provided by Guillermo González de Agüero. (markt)
Add: 62559: Add jaxb-*.jar to the list of JARs ignored by \
StandardJarScanner. (markt)
Add: 62560: Add oraclepki.jar to the list of JARs ignored by \
StandardJarScanner. (markt)
Add: 62607: Return a non-zero exit code from catalina.[bat|sh] run if Tomcat \
fails to start. (markt)
Code: Remove ServletException from declaration of \
Tomcat.addWebapp(String,String) since it is never thrown. Patch provided by \
Tzafrir. (markt)
Fix: Use short circuit logic to prevent potential NPE in CorsFilter. \
(fschumacher)
Code: Simplify construction of appName from container name in JAASRealm. \
(fschumacher)
Coyote
Update: 60560: Add support for using an inherited channel to the NIO \
connector. Based on a patch submitted by Thomas Meyer with testing and \
suggestions by Coty Sutherland. (remm)
Fix: 62507: Ensure that JSSE based TLS connectors work correctly with a DKS \
keystore. Note: DKS keystores require Java 8 or later. (markt)
Fix: Refactor code that adds an additional header name to the Vary HTTP \
response header to use a common utility method that addresses several additional \
edge cases. (markt)
Fix: 62515: When a connector is configured (via setting bindOnInit to false) \
to bind/unbind the server socket during start/stop, close the socket earlier in \
the stop process so new connections do not sit in the TCP backlog during the \
shutdown process only to be dropped as stop completes. In this scenario new \
connections will now be refused immediately. (markt)
Fix: 62526: Correctly handle PKCS12 format key stores when the key store \
password is configured to be the empty string. (markt)
Fix: Fix error in back-port of HTTP/2 compression that meant compression was \
never enabled. (markt)
Fix: 62605: Ensure ReadListener.onDataAvailable() is called when the initial \
request body data arrives after the request headers when using asynchronous \
processing over HTTP/2. (markt)
Fix: 62614: Ensure that WriteListener.onWritePossible() is called after \
isReady() returns false and the window size is subsequently incremented when \
using asynchronous processing over HTTP/2. (markt)
Jasper
Fix: 53011: When pre-compiling with JspC, report all compilation errors \
rather than stopping after the first error. A new option -failFast can be used \
to restore the previous behaviour of stopping after the first error. Based on a \
patch provided by Marc Pompl. (markt)
Add: 53492: Make the Java file generation process multi-threaded. By \
default, one thread will be used per core. Based on a patch by Dan Fabulich. \
(markt)
Add: 62453: Add a performance optimisation for using expressions in tags \
that depend on uninitialised tag attributes with implied scope. Generally, using \
an explicit scope with tag attributes in EL is the best way to avoid various \
potential performance issues. (markt)
Fix: Correctly decode URL paths (+ should not be decoded to a space in the \
path) in the Jasper class loader. (markt)
Fix: 62603: Fix a potential race condition when development mode is disabled \
and background compilation checks are enabled. It was possible that some updates \
would not take effect and/or ClassNotFoundExceptions would occur. (markt)
WebSocket
Fix: 62596: Remove the limit on the size of the initial HTTP upgrade request \
used to establish the web socket connection. (markt)
Web applications
Add: 61565: Add the ability to trigger a reloading of TLS host configuration \
(certificate and key files, server.xml is not re-parsed) via the Manager web \
application. (markt)
Add: 62558: Add Russian translations for the Manager and Host Manager web \
applications. Based on a patch by Ivan Krasnov. (markt)
Add: 62561: Add advanced class loader configuration information regarding \
the use of the Server and Shared class loaders to the documentation web \
application. (markt)
Tribes
Fix: Ensures that the specified rxBufSize is correctly set to receiver \
buffer size. (kfujino)
Other
Update: Support building with Java 9+ while preserving the Java 7 \
compatibility at runtime (requires Ant 1.9.8 or later). (ebourg)
Update: Update WSDL4J library to version 1.6.3 (from 1.6.2). (kkolinko)
Update: Update JUnit library to version 4.12 (from 4.11). (kkolinko)
Update: Downgrade CGLib library used for testing with EasyMock to version \
2.2.2 (from 2.2.3) as version 2.2.3 is not available from Maven Central. \
(markt/kkolinko)
Add: Implement checksum checks when downloading dependencies that are used \
to build Tomcat. (kkolinko)
Fix: Fixed spelling. Patch provided by Jimmy Casey via GitHub. (violetagg)
Update: Update the internal fork of Apache Commons Pool 2 to 3e02523 \
(2018-08-09) to pick up some bug fixes and enhancements. (markt)
Update: Update the internal fork of Apache Commons DBCP 2 to abc0484 \
(2018-08-09) to pick up some bug fixes and enhancements. (markt)
Fix: Correct various spelling errors throughout the source code and \
documentation. Patch provided by Kazuhiro Sera. (markt)
| Revision | Action | file |
| 1.8 | modify | pkgsrc/www/apache-tomcat85/Makefile |
| 1.5 | modify | pkgsrc/www/apache-tomcat85/PLIST |
| 1.8 | modify | pkgsrc/www/apache-tomcat85/distinfo |