pkgsrc/www/apache-tomcat6
spz acc5cb1c66 update to apache-tomcat 6.0.36. Upstream changelog:
Tomcat 6.0.36 (jfclere)

   Catalina
   ++++++++
   update  48692: Provide option to parse
           application/x-www-form-urlencoded PUT requests. (schultz)
   add     50306: New StuckThreadDetectionValve to detect requests
           that take a long time to process, which might indicate that
           their processing threads are stuck. Based on a patch
           provided by TomLu. (kkolinko)
   fix     50570: Enable FIPS mode to be set in AprLifecycleListener.
           Based upon a patch from Chris Beckey. Note that this mode
           requires tomcat-native 1.1.23 or later linked to a
           FIPS-capable OpenSSL library, which one has to build by
           themselves. (schultz/kkolinko)
   fix     Improve synchronization and error handling in
           AprLifecycleListener. Do not allow to change SSL options
           if SSL has already been initialized. (schultz/kkolinko)
   fix     52225: Fix ClassCastException when adding an alias for an
           existing host via JMX. (kkolinko)
   fix     52293: Correctly handle the case when antiResourceLocking
           is enabled at the Context level when unpackWARs is disabled
           at the Host level. Correctly handle multi-level contexts
           when antiResourceLocking is enabled. Patch by Justin Miller.
           (kkolinko)
   fix     Do not throw IllegalArgumentException from parseParameters()
           call when chunked POST request is too large, but treat it
           like an IO error. The FailedRequestFilter filter can be
           used to detect this condition. (kkolinko)
   fix     52384: Do not fail with parameter parsing when debug
           logging is enabled. (kkolinko)
   fix     Do not flag extra '&' characters in parameters as
           parse errors. (kkolinko)
   fix     52488: Correct typos: exipre -> expire. Based on a patch
           by prockter. (markt)
   fix     Reduce log level for the message about hitting
           maxParameterCount limit from WARN to INFO. Fix limit
           comparison to allow exactly maxParameterCount parameters,
           as documentation says, instead of (maxParameterCount-1).
           (kkolinko)
   fix     Slightly improve performance of UDecoder.convert(). Align
           %2f handling between implementations. (kkolinko)
   add     Add denyStatus attribute to RequestFilterValve
           (RemoteAddrValve, RemoteHostValve valves). It allows to
           use different HTTP response code when rejecting denied
           request. E.g. 404 instead of 403. (kkolinko)
   add     Add SetCharacterEncodingFilter (similar to the one
           contained in the examples web application) to the
           org.apache.catalina.filters package so that it is
           available for all web applications. (kkolinko)
   add     52500: Added configurable mechanism to retrieve user
           names from X509 client certificates. Based on a patch
           provided by Michael Furman. (schultz/kkolinko)
   fix     52719: Fix a theoretical resource leak in the JAR
           validation that checks for non-permitted classes in
           web application JARs. (markt)
   fix     52830: Correct JNDI lookups when using javax.naming.Name
           to identify the resource rather than a java.lang.String.
           (markt)
   add     52850: Extend memory leak prevention and detection
           code to work with IBM as well as Oracle JVMs. Based on
           a patch provided by Rohit Kelapure. (kkolinko)
   add     52996: In StandardThreadExecutor: Add the ability to
           configure a job queue size (maxQueueSize attribute).
           Add a variant of execute method that allows to specify
           a timeout for how long we want to try to add something
           to the queue. Based on a patch by Rüdiger Plüm. (kkolinko)
   fix     53047: If a JDBCRealm or DataSourceRealm is configured
           for an all roles mode that only requires authorization
           (and no roles) and no role table or column is defined,
           don't populate the Principal's roles. (markt/kkolinko)
   fix     53050: Fix handling of entropy value when initializing
           session id generator in session manager. Based on proposal
           by Andras Rozsa. (kkolinko)
   fix     53056: Add APR version number to tcnative version INFO
           log message. (schultz)
   fix     53057: Add OpenSSL version number INFO log message
           when initializing. (schultz)
   fix     53071: Use the message from the Throwable for the error
           report generated by the ErrorReportValve if none was
           specified via sendError(). Use the standard text for
           HTTP error codes. (markt/rjung)
   update  53230: Change session managers to throw
           TooManyActiveSessionsException instead of
           IllegalStateException when the maximum number of sessions
           has been exceeded and a new session will not be created.
           (schultz/kkolinko)
   fix     53267: Ensure that using the GC Daemon Protection feature
           of the JreMemoryLeakPreventionListener does not trigger
           a full GC every hour. (markt/kkolinko)
   fix     53531: Fix ExpandWar.expand to check the return value
           of File.mkdir and File.mkdirs. (schultz)
   fix     Make the CSRF nonce cache in CsrfPreventionFilter
           serializable so that it can be replicated across a cluster
           and/or persisted across Tomcat restarts. (markt)
   fix     53584: Ignore path parameters when comparing URIs for
           FORM authentication. This prevents users being prompted
           twice for passwords when logging in when session IDs
           are being encoded as path parameters. (markt)
   fix     Various improvements to the DIGEST authenticator
           including 52954, the disabling caching of an authenticated
           user in the session by default, tracking server rather
           than client nonces and better handling of stale nonce
           values. (markt)
   fix     Remove unneeded handling of FORM authentication in
           RealmBase. (kkolinko)
   fix     53800: FileDirContext.list() did not provide correct paths
           for subdirectories. Patch provided by Kevin Wooten.
           (kkolinko)
   fix     53830: Better handling of Manager.randomFile default
           value on Windows. (kkolinko)
   fix     Improve session management in CsrfPreventionFilter.
           (kkolinko)

   Coyote
   ++++++
   fix     42181: Better handling of edge conditions in chunk
           header processing. (kkolinko)
   update  51477: Support all SSL protocol combinations in the
           APR/native connector. This only works when using the
           native library version 1.1.21 or later. (rjung)
   fix     52055 (comment 14): Correctly reset
           ChunkedInputFilter.needCRLFParse flag when the filter
           is recycled. (kkolinko)
   fix     52606: Ensure replayed POST bodies are available when
           using AJP. (markt)
   fix     52858: Fix high CPU load with SSL, NIO and sendfile
           when client breaks the connection before reading all
           the requested data. (fhanik/kkolinko)
   fix     53119: Prevent buffer overflow errors being reported
           when a client disconnects before the response has been
           fully written from an AJP connection using the APR/native
           connector. (kkolinko)
   fix     Improve InternalNioInputBuffer.parseHeaders(). (kkolinko)
   add     Implement maxHeaderCount attribute on Connector.
           It is equivalent of LimitRequestFields directive of
           Apache HTTPD. Default value is 100. (kkolinko)
   fix     In JkCoyoteHandler connector for AJP/1.3 protocol
           (in JkMain.setProperty()): Fix setting of properties
           when connector has already started for properties that
           have aliases. E.g. it now allows to change maxHeaderCount
           attribute on Connector MBean via JMX. (kkolinko)
   fix     53725: Fix possible corruption of GZIP'd output. (kkolinko)

   Jasper
   ++++++
   fix     48097 (comment 7), 53366 (comment 1): If JSP page
           unexpectedly fails to initialize PageContext instance,
           write exception to the logs instead of silent swallowing.
           (kkolinko)
   fix     52335: Only handle <\% and not \% as escaped in
           template text. (markt)
   fix     52666: Correct coercion order in EL when processing the
           equality and inequality operators. (markt)
   fix     53001: Revert the fix for 46915 since the use case
           described in the bug is invalid since it breaks the EL
           specification. (markt)
   fix     53032: Modify JspC so it extends org.apache.tools.ant.Task
           enabling it to work with features such as namespaces
           within build.xml files. (markt)

   Cluster
   +++++++
   fix     Replicate principal in ClusterSingleSignOn. (kfujino)
   fix     53513: Fix race condition between the processing of
           session sync message and transfer complete message. (kfujino)
   fix     53606: Fix potential NPE in TcpPingInterceptor. Based
           on a patch by F. Arnoud. (markt)
   fix     53607: To avoid NPE, set TCP PING data to ChannelMessage.
           Patch provided by F.Arnoud (kfujino)
   fix     Fix a behavior of TcpPingInterceptor#useThread. Do not
           start a ping thread when useThread is set to false. (kfujino)

   Web applications
   ++++++++++++++++
   fix     52243: Improve windows service documentation to clarify
           how to include # and/or ; in the value of an environment
           variable that is passed to the service. (markt)
   fix     52515: Make it clear in the Realm how-to in the
           documentation web application that digested password
           storage when using DIGEST authentication requires that
           MD5 digests are used. (markt)
   fix     52641: Remove mentioning of ldap.jar from docs. Patch
           provided by Felix Schumacher. (rjung)
   fix     Remove obsolete bug warning from windows service
           documentation page. (rjung)
   fix     52983: Remove unnecessary code that makes switching to
           other authentication methods difficult. (markt)
   fix     53158: Fix documented defaults for DBCP. Patch provided
           by ph.dezanneau at gmail.com. (rjung)
   update  Update JavaSE documentation links to point to the current
           docs.oracle.com site, instead of obsolete ones
           (download.oracle.com, java.sun.com). (kkolinko)
   update  53289: Clarify ResourceLink example that uses
           DataSource.getConnection(username, password) method.
           Not all data source implementations support it. (kkolinko)
   fix     Prevent the custom error pages for the Manager and
           Host Manager applications from being accessed directly.
           Configure custom pages for error codes 401 and 403
           in Host Manager application. (markt/kkolinko)
   fix     Correct documentation for enableLookups attribute of
           a Connector. By default DNS lookups are disabled. (kkolinko)
   fix     Fix several HTML markup errors in servlets of examples
           web application. (kkolinko)
   update  Change the index page of ROOT webapp to mention
           "manager-gui" role instead of "manager" one. (kkolinko)
   fix     53473: Correct the allowed values for the SSI option
           isVirtualWebappRelative which are true or false. (markt)
   fix     53664: Minor JNDI Howto document enhancement concerning
           mail properties. Patch provided by Mark Eggers. (schultz)
   fix     53601: Clarify that to build Apache Tomcat 6 from sources
           a Java 5 JDK is recommended. (kkolinko)
   fix     53793: Change links on the list of applications in the
           Manager to point to /appname/ instead of /appname. (kkolinko)

   Other
   +++++
   fix     49402, 52124: Fix Maven publishing script: make sure it
           finds tomcat-juli.jar and use later version of wagon-ssh.
           (jfclere)
   fix     Update Apache Commons Daemon to 1.0.10. It resolves
           52548 which meant that services created with service.bat
           did not set the catalina.home and catalina.base system
           properties. (markt, kkolinko)
   update  Update Apache Commons Pool to 1.5.7. (kkolinko)
   update  52579: Add a note about Sun's Charset.decode() bug to
           the RELEASE-NOTES file. (kkolinko)
   update  52805: Update to Eclipse JDT Compiler 3.7.2. (kkolinko)
   update  Update the native component of the APR/native connectors
           to 1.1.23 and take advantage of the simplified distribution.
           (kkolinko)
   fix     When building a Windows installer do not copy whole
           "res" folder to output/dist, but only the files that
           we need. Apply fixcrlf filter only after the files are
           copied, so that INSTALLLICENSE file had correct line
           ends. (kkolinko)
   update  Remove res/License.rtf. The file that is actually shown
           by the Windows installer is res/INSTALLLICENSE. (kkolinko)
   update  Improve RUNNING.txt. (kkolinko)
   update  Align the script that deploys Maven jars for Tomcat
           (res/maven/mvn-pub.xml) with the Tomcat 7 version, making
           full use of Nexus. (markt)
   add     53034: Add project.url and project.licenses sections to
           the POMs for the Maven artifacts. (kkolinko)
   fix     53454: Return correct content-length header for HEAD
           requests when content length is greater than 2GB. (markt)
2012-12-02 11:31:17 +00:00
..
files
DESCR
distinfo update to apache-tomcat 6.0.36. Upstream changelog: 2012-12-02 11:31:17 +00:00
Makefile update to apache-tomcat 6.0.36. Upstream changelog: 2012-12-02 11:31:17 +00:00
MESSAGE
PLIST update to apache-tomcat 6.0.36. Upstream changelog: 2012-12-02 11:31:17 +00:00