升级Tomcat版本 6.0.41

commit: 7189829bb2c240044551576d8e7a5404b9798f64 [log] [tgz]
author: Hongqing Liu <hongqing.liu@supwisdom.com> 周三 10月 15 13:31:32 2014 +0800
committer: Hongqing Liu <hongqing.liu@supwisdom.com> 周三 10月 15 13:31:32 2014 +0800
tree: 9b868dcfb2c0883ed30dcf777c59c493c3303eed
parent: fd5ee81fec460cbe9ad65f300b0faf1bf03c19bc [diff] [blame]
diff --git a/tomcat-uid/webapps/docs/changelog.html b/tomcat-uid/webapps/docs/changelog.html
index 5620168..ddebb1f 100644
--- a/tomcat-uid/webapps/docs/changelog.html
+++ b/tomcat-uid/webapps/docs/changelog.html

@@ -1,9 +1,215 @@
-<html><head><META http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>Apache Tomcat 6.0 (6.0.39) - Changelog</title><meta name="author" content="Remy Maucherat"><meta name="author" content="Yoav Shapira"><meta name="author" content="Filip Hanik"><meta name="author" content="Rainer Jung"><meta name="author" content="Peter Rossbach"><meta name="author" content="Konstantin Kolinko"><meta name="author" content="Jean-Frederic Clere"><meta name="author" content="Keiichi Fujino"><meta name="author" content="Mladen Turk"><meta name="author" content="Tim Whittington"><meta name="author" content="Sylvain Laurent"><meta name="author" content="Christopher Schultz"><style type="text/css" media="print">

+<html><head><META http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>Apache Tomcat 6.0 (6.0.41) - Changelog</title><meta name="author" content="Remy Maucherat"><meta name="author" content="Yoav Shapira"><meta name="author" content="Filip Hanik"><meta name="author" content="Rainer Jung"><meta name="author" content="Peter Rossbach"><meta name="author" content="Konstantin Kolinko"><meta name="author" content="Jean-Frederic Clere"><meta name="author" content="Keiichi Fujino"><meta name="author" content="Mladen Turk"><meta name="author" content="Tim Whittington"><meta name="author" content="Sylvain Laurent"><meta name="author" content="Christopher Schultz"><style type="text/css" media="print">

 			.noPrint {display: none;}

 			td#mainBody {width: 100%;}

 		</style></head><body bgcolor="#ffffff" text="#000000" link="#525D76" alink="#525D76" vlink="#525D76"><table border="0" width="100%" cellspacing="0"><!--PAGE HEADER--><tr><td><!--PROJECT LOGO--><a href="http://tomcat.apache.org/"><img src="./images/tomcat.gif" align="right" alt="

       The Apache Tomcat Servlet/JSP Container

-    " border="0"></a></td><td><h1><font face="arial,helvetica,sanserif">Apache Tomcat 6.0</font></h1><font face="arial,helvetica,sanserif">Version 6.0.39, Jan 27 2014</font></td><td><!--APACHE LOGO--><a href="http://www.apache.org/"><img src="./images/asf-logo.gif" align="right" alt="Apache Logo" border="0"></a></td></tr></table><table border="0" width="100%" cellspacing="4"><!--HEADER SEPARATOR--><tr><td colspan="2"><hr noshade="noshade" size="1"></td></tr><tr><!--LEFT SIDE NAVIGATION--><td width="20%" valign="top" nowrap="nowrap" class="noPrint"><p><strong>Links</strong></p><ul><li><a href="index.html">Docs Home</a></li><li><a href="http://wiki.apache.org/tomcat/FAQ">FAQ</a></li></ul><p><strong>User Guide</strong></p><ul><li><a href="introduction.html">1) Introduction</a></li><li><a href="setup.html">2) Setup</a></li><li><a href="appdev/index.html">3) First webapp</a></li><li><a href="deployer-howto.html">4) Deployer</a></li><li><a href="manager-howto.html">5) Manager</a></li><li><a href="realm-howto.html">6) Realms and AAA</a></li><li><a href="security-manager-howto.html">7) Security Manager</a></li><li><a href="jndi-resources-howto.html">8) JNDI Resources</a></li><li><a href="jndi-datasource-examples-howto.html">9) JDBC DataSources</a></li><li><a href="class-loader-howto.html">10) Classloading</a></li><li><a href="jasper-howto.html">11) JSPs</a></li><li><a href="ssl-howto.html">12) SSL</a></li><li><a href="ssi-howto.html">13) SSI</a></li><li><a href="cgi-howto.html">14) CGI</a></li><li><a href="proxy-howto.html">15) Proxy Support</a></li><li><a href="mbeans-descriptor-howto.html">16) MBean Descriptor</a></li><li><a href="default-servlet.html">17) Default Servlet</a></li><li><a href="cluster-howto.html">18) Clustering</a></li><li><a href="balancer-howto.html">19) Load Balancer</a></li><li><a href="connectors.html">20) Connectors</a></li><li><a href="monitoring.html">21) Monitoring and Management</a></li><li><a href="logging.html">22) Logging</a></li><li><a href="apr.html">23) APR/Native</a></li><li><a href="virtual-hosting-howto.html">24) Virtual Hosting</a></li><li><a href="aio.html">25) Advanced IO</a></li><li><a href="extras.html">26) Additional Components</a></li><li><a href="maven-jars.html">27) Mavenized</a></li></ul><p><strong>Reference</strong></p><ul><li><a href="RELEASE-NOTES.txt">Release Notes</a></li><li><a href="config/index.html">Configuration</a></li><li><a href="api/index.html">Javadocs</a></li><li><a href="http://tomcat.apache.org/connectors-doc/">JK 1.2 Documentation</a></li></ul><p><strong>Apache Tomcat Development</strong></p><ul><li><a href="building.html">Building</a></li><li><a href="changelog.html">Changelog</a></li><li><a href="http://wiki.apache.org/tomcat/TomcatVersions">Status</a></li><li><a href="developers.html">Developers</a></li><li><a href="architecture/index.html">Architecture</a></li><li><a href="funcspecs/index.html">Functional Specs.</a></li></ul></td><!--RIGHT SIDE MAIN BODY--><td width="80%" valign="top" align="left" id="mainBody"><h1>Apache Tomcat 6.0</h1><h2>Changelog</h2><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.39 (markt)"><!--()--></a><a name="Tomcat_6.0.39_(markt)"><strong>Tomcat 6.0.39 (markt)</strong></a></font></td></tr><tr><td><blockquote>

+    " border="0"></a></td><td><h1><font face="arial,helvetica,sanserif">Apache Tomcat 6.0</font></h1><font face="arial,helvetica,sanserif">Version 6.0.41, May 19 2014</font></td><td><!--APACHE LOGO--><a href="http://www.apache.org/"><img src="./images/asf-logo.gif" align="right" alt="Apache Logo" border="0"></a></td></tr></table><table border="0" width="100%" cellspacing="4"><!--HEADER SEPARATOR--><tr><td colspan="2"><hr noshade="noshade" size="1"></td></tr><tr><!--LEFT SIDE NAVIGATION--><td width="20%" valign="top" nowrap="nowrap" class="noPrint"><p><strong>Links</strong></p><ul><li><a href="index.html">Docs Home</a></li><li><a href="http://wiki.apache.org/tomcat/FAQ">FAQ</a></li></ul><p><strong>User Guide</strong></p><ul><li><a href="introduction.html">1) Introduction</a></li><li><a href="setup.html">2) Setup</a></li><li><a href="appdev/index.html">3) First webapp</a></li><li><a href="deployer-howto.html">4) Deployer</a></li><li><a href="manager-howto.html">5) Manager</a></li><li><a href="realm-howto.html">6) Realms and AAA</a></li><li><a href="security-manager-howto.html">7) Security Manager</a></li><li><a href="jndi-resources-howto.html">8) JNDI Resources</a></li><li><a href="jndi-datasource-examples-howto.html">9) JDBC DataSources</a></li><li><a href="class-loader-howto.html">10) Classloading</a></li><li><a href="jasper-howto.html">11) JSPs</a></li><li><a href="ssl-howto.html">12) SSL</a></li><li><a href="ssi-howto.html">13) SSI</a></li><li><a href="cgi-howto.html">14) CGI</a></li><li><a href="proxy-howto.html">15) Proxy Support</a></li><li><a href="mbeans-descriptor-howto.html">16) MBean Descriptor</a></li><li><a href="default-servlet.html">17) Default Servlet</a></li><li><a href="cluster-howto.html">18) Clustering</a></li><li><a href="balancer-howto.html">19) Load Balancer</a></li><li><a href="connectors.html">20) Connectors</a></li><li><a href="monitoring.html">21) Monitoring and Management</a></li><li><a href="logging.html">22) Logging</a></li><li><a href="apr.html">23) APR/Native</a></li><li><a href="virtual-hosting-howto.html">24) Virtual Hosting</a></li><li><a href="aio.html">25) Advanced IO</a></li><li><a href="extras.html">26) Additional Components</a></li><li><a href="maven-jars.html">27) Mavenized</a></li></ul><p><strong>Reference</strong></p><ul><li><a href="RELEASE-NOTES.txt">Release Notes</a></li><li><a href="config/index.html">Configuration</a></li><li><a href="api/index.html">Javadocs</a></li><li><a href="http://tomcat.apache.org/connectors-doc/">JK 1.2 Documentation</a></li></ul><p><strong>Apache Tomcat Development</strong></p><ul><li><a href="building.html">Building</a></li><li><a href="changelog.html">Changelog</a></li><li><a href="http://wiki.apache.org/tomcat/TomcatVersions">Status</a></li><li><a href="developers.html">Developers</a></li><li><a href="architecture/index.html">Architecture</a></li><li><a href="funcspecs/index.html">Functional Specs.</a></li></ul></td><!--RIGHT SIDE MAIN BODY--><td width="80%" valign="top" align="left" id="mainBody"><h1>Apache Tomcat 6.0</h1><h2>Changelog</h2><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.41"><!--()--></a><a name="Tomcat_6.0.41"><strong>Tomcat 6.0.41</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong></strong></font></td></tr><tr><td colspan="2"><blockquote>

+  <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.41/Jasper"><!--()--></a><a name="Tomcat_6.0.41/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>

+    <table border="0" cellpadding="2" cellspacing="2">

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56529">56529</a>: Avoid <code>NoSuchElementException</code> while handling

+        attributes with empty string value in custom tags. Based on a patch

+        provided by Hariprasad Manchi. (violetagg/kkolinko)

+      </td></tr>

+    </table>

+  </blockquote></td></tr></table>

+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.40"><!--()--></a><a name="Tomcat_6.0.40"><strong>Tomcat 6.0.40</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>

+  <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.40/Catalina"><!--()--></a><a name="Tomcat_6.0.40/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>

+    <table border="0" cellpadding="2" cellspacing="2">

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56027">56027</a>: Add more options for managing FIPS mode in the

+        AprLifecycleListener. (schultz/kkolinko)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56082">56082</a>: Fix a concurrency bug in JULI's LogManager

+        implementation. (markt)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56236">56236</a>: Enable Tomcat to work with alternative Servlet and

+        JSP API JARs that package the XML schemas in such as way as to require

+        a dependency on the JSP API before enabling validation for web.xml.

+        Tomcat has no such dependency. (markt)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Change the default value of the <code>xmlBlockExternal</code> attribute

+        of Context elements. It is now <code>true</code>. (kkolinko) 

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Don't log to standard out in SSLValve. (kkolinko/markt)

+      </td></tr>

+      <tr><td><img alt="code" class="icon" src="./images/code.gif"></td><td>

+        Use StringBuilder in DefaultServlet. (kkolinko)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56275">56275</a>: Allow web applications to be stopped cleanly even if

+        filters throw exceptions when their destroy() method is called.

+        (markt/kkolinko)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Redefine the <code>globalXsltFile</code> initialisation parameter of the

+        DefaultServlet as relative to CATALINA_BASE/conf or CATALINA_HOME/conf.

+        Prevent user supplied XSLTs used by the DefaultServlet from defining

+        external entities. (markt)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Add a work around for validating XML documents (often TLDs) that use

+        just the file name to refer to refer to the JavaEE schema on which they

+        are based. (kkolinko)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56369">56369</a>: Ensure that removing an MBean notification listener

+        reverts all the operations performed when adding an MBean notification

+        listener. (markt)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Only create XML parsing objects if required and fix associated potential

+        memory leak in the default Servlet. (markt)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Ensure that a TLD parser obtained from the cache has the correct value

+        of <code>blockExternal</code>. (markt/kkolinko)

+      </td></tr>

+      <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>

+        Extend XML factory, parser etc. memory leak protection to cover some

+        additional locations where, theoretically, a memory leak could occur.

+        (markt)

+      </td></tr>

+      <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>

+        Add the <code>org.apache.naming</code> package to the packages requiring

+        code to have the <code>defineClassInPackage</code> permission when

+        running under a security manager. (markt)

+      </td></tr>

+      <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>

+        Add the <code>org.apache.naming.resources</code> package to the packages

+        requiring code to have the <code>accessClassInPackage</code> permission

+        when running under a security manager. (markt)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Make the naming context tokens for containers more robust. Require

+        RuntimePermission when introducing a new token. (markt/kkolinko)

+      </td></tr>

+    </table>

+  </blockquote></td></tr></table>

+  <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.40/Coyote"><!--()--></a><a name="Tomcat_6.0.40/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>

+    <table border="0" cellpadding="2" cellspacing="2">

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Improve processing of chuck size from chunked headers. Avoid overflow

+        and use a bit shift instead of a multiplication as it is marginally

+        faster. (markt/kkolinko)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Fix possible overflow when parsing long values from a byte array.

+        (markt)

+      </td></tr>

+      <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56363">56363</a>: Update to version 1.1.30 of Tomcat Native library.

+        The minimum required version of this library for APR connector is now

+        1.1.30. (kkolinko)

+      </td></tr>

+    </table>

+  </blockquote></td></tr></table>

+  <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.40/Jasper"><!--()--></a><a name="Tomcat_6.0.40/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>

+    <table border="0" cellpadding="2" cellspacing="2">

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Change the default behaviour of JspC to block XML external entities by

+        default. (kkolinko) 

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Restore the validateXml option to Jasper that was previously renamed

+        validateTld. Both options are now supported. validateXml controls the

+        validation of web.xml files when Jasper parses them and validateTld

+        controls the validation of *.tld files when Jasper parses them. (markt)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54475">54475</a>: Add Java 8 support to SMAP generation for JSPs. Patch

+        by Robbie Gibson. (markt)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56010">56010</a>: Don't throw an

+        <code>IllegalArgumentException</code> when

+        <code>JspFactory.getPageContext</code> is used with

+        <code>JspWriter.DEFAULT_BUFFER</code>. Based on a patch by Eugene Chung.

+        (markt)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56265">56265</a>: Do not escape values of dynamic tag attributes

+        containing EL expressions. (kkolinko)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56283">56283</a>: Add support for running Tomcat 6 with

+        ecj-P20140317-1600.jar (as drop-in replacement for ecj-4.3.1.jar). Add

+        support for value "1.8" for the <code>compilerSourceVM</code> and

+        <code>compilerTargetVM</code> options. Note that ecj-P20140317-1600.jar

+        can only be used when running with Java 6 or later. The "1.8" options

+        make sense only when running with Java 8 (or later). (kkolinko)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56334">56334</a>: Fix a regression in the handling of back-slash

+        escaping introduced by the fix for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55735">55735</a>. (markt/kkolinko)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Correct the handling of back-slash escaping in the EL parser and no

+        longer require that <code>\$</code> or <code>\#</code> must be followed

+        by <code>{</code> in order for the back-slash escaping to take effect.

+        (markt)

+      </td></tr>

+    </table>

+  </blockquote></td></tr></table>

+  <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.40/Cluster"><!--()--></a><a name="Tomcat_6.0.40/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>

+    <table border="0" cellpadding="2" cellspacing="2">

+      <tr><td><img alt="code" class="icon" src="./images/code.gif"></td><td>

+        Refactor <code>AbstractReplicatedMap</code> and related classes to

+        enable Tomcat 6 to be compiled using Java 8. (markt)

+      </td></tr>

+    </table>

+  </blockquote></td></tr></table>

+  <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.40/Web applications"><!--()--></a><a name="Tomcat_6.0.40/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>

+    <table border="0" cellpadding="2" cellspacing="2">

+      <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56093">56093</a>: Documentation for SSLValve. (markt/kkolinko)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Correct documentation on Windows service options, aligning it with

+        Apache Commons Daemon documentation. (kkolinko)

+      </td></tr>

+      <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>

+        Add support for <code>version-major</code>,

+        <code>version-major-minor</code> tags in documentation XSLT, to simplify

+        documentation backports. (kkolinko)

+      </td></tr>

+      <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Fix target and rel attributes on links in documentation. They were

+        lost during XSLT transformation. (kkolinko)

+      </td></tr>

+    </table>

+  </blockquote></td></tr></table>

+  <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.40/Other"><!--()--></a><a name="Tomcat_6.0.40/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>

+    <table border="0" cellpadding="2" cellspacing="2">

+      <tr><td><img alt="code" class="icon" src="./images/code.gif"></td><td>

+        Remove svn keywords (such as $Id) from source files and documentation.

+        (kkolinko)

+      </td></tr>

+      <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>

+        Improvements to the Windows installer, to align it with installing

+        the sevice with <code>service.bat</code>. Use explicit memory sizes

+        (--JvmMs 128 Mb and --JvmMx 256 Mb). Specify log directory path

+        when ininstalling, so that the log file is written to the Tomcat logs

+        directory, instead of "%SystemRoot%\System32\LogFiles\Apache".

+        (kkolinko)

+      </td></tr>

+      <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>

+        <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49993">49993</a>, <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56143">56143</a>: Improve <code>service.bat</code>

+        script. Allow it to be launched from non-UAC console. The UAC prompt

+        will be shown only once. Now there is no need to run the command shell

+        with elevated privileges. Improve check for <code>JAVA_HOME</code>

+        and add support for <code>JRE_HOME</code>. Warn if neither "client"

+        nor "server" JVM is found. Align classpath, display name and other

+        options with the <code>exe</code> installer. Make command names

+        case-insensitive. Update documentation. (kkolinko)

+      </td></tr>

+    </table>

+  </blockquote></td></tr></table>

+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.39 (markt)"><!--()--></a><a name="Tomcat_6.0.39_(markt)"><strong>Tomcat 6.0.39 (markt)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2014-01-31</strong></font></td></tr><tr><td colspan="2"><blockquote>

   <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.39 (markt)/Catalina"><!--()--></a><a name="Tomcat_6.0.39_(markt)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>

     <table border="0" cellpadding="2" cellspacing="2">

       <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

@@ -117,13 +323,15 @@
         aware, validating parser will be used when processing <code>*.tld</code>

         and <code>web.xml</code> files if the system property

         <code>org.apache.catalina.STRICT_SERVLET_COMPLIANCE</code> is set to

-        <code>true</code>. (markt) 

+        <code>true</code>. (markt)

       </td></tr>

       <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Fix CVE-2014-0033:

         Ensure that sessions IDs are not parsed from URLs for Contexts where

         <code>disableURLRewriting</code> is <code>true</code>. (markt)

       </td></tr>

       <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>

+        Fix CVE-2013-4590:

         Add an option to the Context to control the blocking of XML external

         entities when parsing XML configuration files and enable this blocking

         by default when a security manager is used. The block is implemented via

@@ -161,11 +369,12 @@
         (markt)

       </td></tr>

       <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Fix CVE-2013-4286:

         Better adherence to RFC2616 for content-length headers. (markt)

       </td></tr>

       <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

-        Add support for limiting the size of chunk extensions when using chunked

-        encoding. (markt)

+        Fix CVE-2013-4322: Add support for limiting the size of chunk extensions

+        when using chunked encoding. (markt)

       </td></tr>

       <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

         <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55749">55749</a>: Improve the error message when SSLEngine is disabled

@@ -277,6 +486,7 @@
         an earlier timestamp than the true timestamp. (markt) 

       </td></tr>

       <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        Fix CVE-2013-2067:

         In FormAuthenticator: If it is configured to change Session IDs,

         do the change before displaying the login form. (kkolinko)

       </td></tr>

@@ -552,6 +762,7 @@
         (markt)

       </td></tr>

       <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        CVE-2012-3439:

         Various improvements to the DIGEST authenticator including

         <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52954">52954</a>, the disabling caching of an authenticated user in the

         session by default, tracking server rather than client nonces and better

@@ -610,6 +821,7 @@
         AJP connection using the APR/native connector. (kkolinko)

       </td></tr>

       <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>

+        CVE-2012-2733:

         Improve <code>InternalNioInputBuffer.parseHeaders()</code>. (kkolinko)

       </td></tr>

       <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
commit	7189829bb2c240044551576d8e7a5404b9798f64	[log] [tgz]
author	Hongqing Liu <hongqing.liu@supwisdom.com>	周三 10月 15 13:31:32 2014 +0800
committer	Hongqing Liu <hongqing.liu@supwisdom.com>	周三 10月 15 13:31:32 2014 +0800
tree	9b868dcfb2c0883ed30dcf777c59c493c3303eed
parent	fd5ee81fec460cbe9ad65f300b0faf1bf03c19bc [diff] [blame]