初始提交
diff --git a/tomcat-uidm/webapps/docs/changelog.html b/tomcat-uidm/webapps/docs/changelog.html
new file mode 100644
index 0000000..5620168
--- /dev/null
+++ b/tomcat-uidm/webapps/docs/changelog.html
@@ -0,0 +1,6042 @@
+<html><head><META http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>Apache Tomcat 6.0 (6.0.39) - Changelog</title><meta name="author" content="Remy Maucherat"><meta name="author" content="Yoav Shapira"><meta name="author" content="Filip Hanik"><meta name="author" content="Rainer Jung"><meta name="author" content="Peter Rossbach"><meta name="author" content="Konstantin Kolinko"><meta name="author" content="Jean-Frederic Clere"><meta name="author" content="Keiichi Fujino"><meta name="author" content="Mladen Turk"><meta name="author" content="Tim Whittington"><meta name="author" content="Sylvain Laurent"><meta name="author" content="Christopher Schultz"><style type="text/css" media="print">
+ .noPrint {display: none;}
+ td#mainBody {width: 100%;}
+ </style></head><body bgcolor="#ffffff" text="#000000" link="#525D76" alink="#525D76" vlink="#525D76"><table border="0" width="100%" cellspacing="0"><!--PAGE HEADER--><tr><td><!--PROJECT LOGO--><a href="http://tomcat.apache.org/"><img src="./images/tomcat.gif" align="right" alt="
+ The Apache Tomcat Servlet/JSP Container
+ " border="0"></a></td><td><h1><font face="arial,helvetica,sanserif">Apache Tomcat 6.0</font></h1><font face="arial,helvetica,sanserif">Version 6.0.39, Jan 27 2014</font></td><td><!--APACHE LOGO--><a href="http://www.apache.org/"><img src="./images/asf-logo.gif" align="right" alt="Apache Logo" border="0"></a></td></tr></table><table border="0" width="100%" cellspacing="4"><!--HEADER SEPARATOR--><tr><td colspan="2"><hr noshade="noshade" size="1"></td></tr><tr><!--LEFT SIDE NAVIGATION--><td width="20%" valign="top" nowrap="nowrap" class="noPrint"><p><strong>Links</strong></p><ul><li><a href="index.html">Docs Home</a></li><li><a href="http://wiki.apache.org/tomcat/FAQ">FAQ</a></li></ul><p><strong>User Guide</strong></p><ul><li><a href="introduction.html">1) Introduction</a></li><li><a href="setup.html">2) Setup</a></li><li><a href="appdev/index.html">3) First webapp</a></li><li><a href="deployer-howto.html">4) Deployer</a></li><li><a href="manager-howto.html">5) Manager</a></li><li><a href="realm-howto.html">6) Realms and AAA</a></li><li><a href="security-manager-howto.html">7) Security Manager</a></li><li><a href="jndi-resources-howto.html">8) JNDI Resources</a></li><li><a href="jndi-datasource-examples-howto.html">9) JDBC DataSources</a></li><li><a href="class-loader-howto.html">10) Classloading</a></li><li><a href="jasper-howto.html">11) JSPs</a></li><li><a href="ssl-howto.html">12) SSL</a></li><li><a href="ssi-howto.html">13) SSI</a></li><li><a href="cgi-howto.html">14) CGI</a></li><li><a href="proxy-howto.html">15) Proxy Support</a></li><li><a href="mbeans-descriptor-howto.html">16) MBean Descriptor</a></li><li><a href="default-servlet.html">17) Default Servlet</a></li><li><a href="cluster-howto.html">18) Clustering</a></li><li><a href="balancer-howto.html">19) Load Balancer</a></li><li><a href="connectors.html">20) Connectors</a></li><li><a href="monitoring.html">21) Monitoring and Management</a></li><li><a href="logging.html">22) Logging</a></li><li><a href="apr.html">23) APR/Native</a></li><li><a href="virtual-hosting-howto.html">24) Virtual Hosting</a></li><li><a href="aio.html">25) Advanced IO</a></li><li><a href="extras.html">26) Additional Components</a></li><li><a href="maven-jars.html">27) Mavenized</a></li></ul><p><strong>Reference</strong></p><ul><li><a href="RELEASE-NOTES.txt">Release Notes</a></li><li><a href="config/index.html">Configuration</a></li><li><a href="api/index.html">Javadocs</a></li><li><a href="http://tomcat.apache.org/connectors-doc/">JK 1.2 Documentation</a></li></ul><p><strong>Apache Tomcat Development</strong></p><ul><li><a href="building.html">Building</a></li><li><a href="changelog.html">Changelog</a></li><li><a href="http://wiki.apache.org/tomcat/TomcatVersions">Status</a></li><li><a href="developers.html">Developers</a></li><li><a href="architecture/index.html">Architecture</a></li><li><a href="funcspecs/index.html">Functional Specs.</a></li></ul></td><!--RIGHT SIDE MAIN BODY--><td width="80%" valign="top" align="left" id="mainBody"><h1>Apache Tomcat 6.0</h1><h2>Changelog</h2><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.39 (markt)"><!--()--></a><a name="Tomcat_6.0.39_(markt)"><strong>Tomcat 6.0.39 (markt)</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.39 (markt)/Catalina"><!--()--></a><a name="Tomcat_6.0.39_(markt)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55166">55166</a>: Fix regression that broke XML validation when running
+ on some Java 5 JVMs. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.39 (markt)/Coyote"><!--()--></a><a name="Tomcat_6.0.39_(markt)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Make the HTTP NIO connector tolerant of whitespace in the individual
+ values used for the ciphers attribute. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove dependency introduced on the jsp-api.jar as part of the XML
+ validation changes introduced in 6.0.38. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.39 (markt)/Jasper"><!--()--></a><a name="Tomcat_6.0.39_(markt)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct several errors in jspxml Schema and DTD. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.39 (markt)/Cluster"><!--()--></a><a name="Tomcat_6.0.39_(markt)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="code" class="icon" src="./images/code.gif"></td><td>
+ Remove an empty TestTwoPhaseCommit test from Tribes. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.39 (markt)/Web applications"><!--()--></a><a name="Tomcat_6.0.39_(markt)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix broken link in Jasper How-To documentation. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Align index.html and index.jsp in ROOT web application. Correct links
+ to specifications and to the Tomcat mailing lists. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove second copy of RUNNING.txt from the full-docs distribution. Some
+ unpacking utilities can't handle multiple copies of a file with the same
+ name in a directory. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.39 (markt)/Other"><!--()--></a><a name="Tomcat_6.0.39_(markt)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update sample Eclipse IDE project: use JUnit 4 library and prefer a
+ Java 5 JDK when several JDKs are configured. Cleanup the Ant build
+ files. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct Maven dependencies for individual JAR files. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.38 (markt)"><!--()--></a><a name="Tomcat_6.0.38_(markt)"><strong>Tomcat 6.0.38 (markt)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.38 (markt)/Catalina"><!--()--></a><a name="Tomcat_6.0.38_(markt)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Ensure that when Tomcat's anti-resource locking features are used
+ that the temporary copy of the web application and not the original is
+ removed when the web application stops. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55019">55019</a>: Fix a potential exception when accessing JSPs while
+ running under a SecurityManager. (jfclere)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55052">55052</a>: Make JULI's LogManager to additionally look for
+ logging properties without prefixes if the property cannot be found with
+ a prefix. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55266">55266</a>: Ensure that the session ID is parsed from the request
+ before any redirect as the session ID may need to be encoded as part of
+ the redirect URL. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55404">55404</a>: Log warnings about using security roles in web.xml as
+ warnings. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55268">55268</a>: Added optional --service-start-wait-time
+ command-line option to change service start wait time from default
+ of 10 seconds. (schultz)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correctly associate the default resource bundle with the English locale
+ so that requests that specify an Accept-Language of English ahead of
+ French, Spanish or Japanese get the English messages they asked for.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add missing JavaEE 5 XML schema definitions. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ When Catalina parses TLD files, always use a namespace aware parser to
+ be consistent with how Jasper parses TLD files. The
+ <code>tldNamespaceAware</code> attribute of the Context is now ignored.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ As per section SRV.14.4.3 of the Servlet 2.5 specification, a namespace
+ aware, validating parser will be used when processing <code>*.tld</code>
+ and <code>web.xml</code> files if the system property
+ <code>org.apache.catalina.STRICT_SERVLET_COMPLIANCE</code> is set to
+ <code>true</code>. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Ensure that sessions IDs are not parsed from URLs for Contexts where
+ <code>disableURLRewriting</code> is <code>true</code>. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add an option to the Context to control the blocking of XML external
+ entities when parsing XML configuration files and enable this blocking
+ by default when a security manager is used. The block is implemented via
+ a custom resolver to enable the logging of any blocked entities. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=56016">56016</a>: When loading resources for XML schema validation, take
+ account of the possibility that servlet-api.jar and jsp-api.jar may not
+ be loaded by the same class loader. Patch by Juan Carlos Estibariz.
+ (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.38 (markt)/Coyote"><!--()--></a><a name="Tomcat_6.0.38_(markt)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52811">52811</a>: Fix parsing of Content-Type header in
+ <code>HttpServletResponse.setContentType()</code>. Introduces a new HTTP
+ header parser that follows RFC2616. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54691">54691</a>: Add configuration attribute "sslEnabledProtocols"
+ to HTTP connector and document it. (Internally this attribute has
+ been already implemented but not documented, under names "protocols"
+ and "sslProtocols". Those names of this attribute are now deprecated).
+ (schultz)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54947">54947</a>: Fix the HTTP NIO connector that incorrectly rejected a
+ request if the CRLF terminating the request line was split across
+ multiple packets. Patch by Konstantin Preißer. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55228">55228</a>: Allow web applications to set a HTTP Date header.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Better adherence to RFC2616 for content-length headers. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add support for limiting the size of chunk extensions when using chunked
+ encoding. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55749">55749</a>: Improve the error message when SSLEngine is disabled
+ in the AprLifecycleListener and SSL is configured for an APR/native
+ connector. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Avoid possible NPE if a content type is specified without a character set.
+ (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.38 (markt)/Jasper"><!--()--></a><a name="Tomcat_6.0.38_(markt)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55198">55198</a>: Ensure attribute values in tagx files that include EL
+ and quoted XML characters are correctly quoted in the output. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55671">55671</a>: Consistently use the configuration option name
+ <code>genStringAsCharArray</code> rather than a mixture of
+ <code>genStrAsCharArray</code> and <code>genStringAsCharArray</code> but
+ retain support for <code>genStrAsCharArray</code> as in initialisation
+ parameter for the JSP servlet to retain backwards compatibility with
+ existing configurations. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55691">55691</a>: Fix <code>javax.el.ArrayELResolver</code> to correctly
+ handle the case where the base object is an array of primitives. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55973">55973</a>: Fix processing of XML schemas when validation is
+ enabled in Jasper. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.38 (markt)/Web applications"><!--()--></a><a name="Tomcat_6.0.38_(markt)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add documentation for
+ <code>o.a.c.tribes.group.interceptors.TcpFailureDetector</code>.
+ (kfujino)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Complete the documentation for
+ <code>MessageDispatch15Interceptor</code>. (kfujino)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add to cluster document a description of
+ <code>notifyLifecycleListenerOnFailure</code> and
+ <code>heartbeatBackgroundEnabled</code>. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55746">55746</a>: Add documentation on the <code>allRolesMode</code> to
+ the <code>CombinedRealm</code> and <code>LockOutRealm</code>. Patch by
+ Cédric Couralet. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix the sample configuration of <code>StaticMembershipInterceptor</code>
+ in order to prevent warning log. uniqueId must be 16 bytes. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55119">55119</a>: Avoid CVE-2013-1571 when generating Javadoc. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.38 (markt)/Other"><!--()--></a><a name="Tomcat_6.0.38_(markt)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update Maven Central location used to download dependencies at build
+ time to be <code>repo.maven.apache.org</code>. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55663">55663</a>: Minor correction to the wording of the NOTICE files to
+ align them with the
+ <a href="http://www.apache.org/legal/src-headers.html#notice">requirements
+ for NOTICE files</a>. (violetagg)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add <code>@since</code> markers to the common annotations classes and
+ fix a few specification compliance issues. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update to Eclipse JDT Compiler 4.3.1. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update the Apache Jakarta JSTL implementation used by the exmaples web
+ application to 1.1.2. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.37 (jfclere)"><!--()--></a><a name="Tomcat_6.0.37_(jfclere)"><strong>Tomcat 6.0.37 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2013-05-03</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.37 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.37_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52055">52055</a>: Ensure that filters are recycled. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52184">52184</a>: Reduce log level for invalid cookies. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53481">53481</a>: Added support for SSLHonorCipherOrder to allow
+ the server to impose its cipher order on the client. Based on a patch
+ provided by Marcel Šebek. (schultz)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54044">54044</a>: Correct bug in timestamp cache used by logging
+ (including the access log valve) that meant entries could be made with
+ an earlier timestamp than the true timestamp. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ In FormAuthenticator: If it is configured to change Session IDs,
+ do the change before displaying the login form. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54054">54054</a>: Do not share shell environment variables between
+ multiple instances of the CGI servlet. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54087">54087</a>: Correctly handle (ignore) invalid If-Modified-Since
+ header rather than throwing an exception. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54220">54220</a>: Ensure the ErrorReportValve only generates an error
+ report if the error flag on the response has been set. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix memory leak of servlet instances when running with a
+ SecurityManager and either init() or destroy() methods fail
+ or the servlet is a SingleThreadModel one, and of filter instances
+ if their destroy() method fails with an Error. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54382">54382</a>: Fix NPE when SSI processing is enabled and an empty
+ SSI directive is present. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54483">54483</a>: Correct one of the Spanish translations. Based on a
+ suggestion from adinamita. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54527">54527</a>: Synchronize conf/web.xml mime mapping with Tomcat 7.
+ (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.37 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.37_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54248">54248</a>: Ensure that byte order marks are swallowed when using
+ a Reader to read a request body with a BOM for those encodings that
+ require byte order marks. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54324">54324</a>: Allow APR connector to disable TLS compression
+ if OpenSSL supports it. (schultz)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54456">54456</a>: Ensure that if a client aborts a request when sending
+ a chunked request body that this is communicated correctly to the client
+ reading the request body. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update the native component of the APR/native connector to 1.1.27 and
+ make that version the recommended minimum version. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.37 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.37_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54615">54615</a>: Tomcat 6 doesn't build against ecj 4.x (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.37 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.37_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54045">54045</a>: Make sure getMembers() returns available member when
+ TcpFailureDetector works in static cluster. (kfujino)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.37 (jfclere)/Web applications"><!--()--></a><a name="Tomcat_6.0.37_(jfclere)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=22278">22278</a>: Add a commented out sample configuration of
+ <code>RemoteAddrValve</code> to <code>META-INF/context.xml</code>
+ files of the Manager and Host Manager applications. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54080">54080</a>: Clarify documentation for initial value of
+ <code>internalProxies</code> attribute of <code>RemoteIpValve</code>.
+ (schultz/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54198">54198</a>: Clarify that
+ <code>HttpServletResponse.sendError(int)</code> results in an HTML
+ response by default. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54207">54207</a>: Correct JNDI factory package name in Javadoc for
+ <code>org.apache.naming.java.javaURLContextFactory</code>. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.37 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.37_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Add sample Apache Commons Daemon JSVC wrapper script bin/daemon.sh that
+ can be used with /etc/init.d. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ In the build configuration: introduce property "tomcat.output" that is
+ used to specify location of the build output directory. This simplifies
+ configuration if someone wants to move the <code>output</code> directory
+ elsewhere (e.g. out of the source tree). (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54390">54390</a>: Use 'java_home' on Mac OS X to auto-detect JAVA_HOME.
+ (schultz)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54601">54601</a>: Change catalina.sh to consistently use LOGGING_MANAGER
+ variable to configure logging, instead of modifying JAVA_OPTS one.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=54890">54890</a>: Update to Apache Commons Daemon 1.0.15. (mturk)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.36 (jfclere)"><!--()--></a><a name="Tomcat_6.0.36_(jfclere)"><strong>Tomcat 6.0.36 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2012-10-19</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.36 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.36_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48692">48692</a>: Provide option to parse
+ <code>application/x-www-form-urlencoded</code> PUT requests. (schultz)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50306">50306</a>: New StuckThreadDetectionValve to detect requests that
+ take a long time to process, which might indicate that their processing
+ threads are stuck. Based on a patch provided by TomLu. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50570">50570</a>: Enable FIPS mode to be set in AprLifecycleListener.
+ Based upon a patch from Chris Beckey. Note that this mode requires
+ tomcat-native 1.1.23 or later linked to a FIPS-capable OpenSSL library,
+ which one has to build by themselves. (schultz/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve synchronization and error handling in AprLifecycleListener.
+ Do not allow to change SSL options if SSL has already been initialized.
+ (schultz/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52225">52225</a>: Fix ClassCastException when adding an alias for an
+ existing host via JMX. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52293">52293</a>: Correctly handle the case when
+ <code>antiResourceLocking</code> is enabled at the Context level when
+ <code>unpackWARs</code> is disabled at the Host level. Correctly
+ handle multi-level contexts when <code>antiResourceLocking</code>
+ is enabled. Patch by Justin Miller. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Do not throw IllegalArgumentException from parseParameters() call
+ when chunked POST request is too large, but treat it like an IO error.
+ The <code>FailedRequestFilter</code> filter can be used to detect this
+ condition. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52384">52384</a>: Do not fail with parameter parsing when debug logging
+ is enabled. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Do not flag extra '&' characters in parameters as parse errors.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52488">52488</a>: Correct typos: exipre -> expire. Based on a patch by
+ prockter. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Reduce log level for the message about hitting
+ <code>maxParameterCount</code> limit from WARN to INFO.
+ Fix limit comparison to allow exactly <code>maxParameterCount</code>
+ parameters, as documentation says, instead of
+ <code>(maxParameterCount-1)</code>. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Slightly improve performance of UDecoder.convert(). Align
+ <code>%2f</code> handling between implementations. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add <code>denyStatus</code> attribute to <code>RequestFilterValve</code>
+ (<code>RemoteAddrValve</code>, <code>RemoteHostValve</code> valves).
+ It allows to use different HTTP response code when rejecting denied
+ request. E.g. 404 instead of 403. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add <code>SetCharacterEncodingFilter</code> (similar to the one
+ contained in the examples web application) to the
+ <code>org.apache.catalina.filters</code> package so that it is
+ available for all web applications. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52500">52500</a>: Added configurable mechanism to retrieve user names
+ from X509 client certificates. Based on a patch provided by
+ Michael Furman. (schultz/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52719">52719</a>: Fix a theoretical resource leak in the JAR validation
+ that checks for non-permitted classes in web application JARs. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52830">52830</a>: Correct JNDI lookups when using
+ <code>javax.naming.Name</code> to identify the resource rather than a
+ <code>java.lang.String</code>. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52850">52850</a>: Extend memory leak prevention and detection code to
+ work with IBM as well as Oracle JVMs. Based on a patch provided by
+ Rohit Kelapure. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52996">52996</a>: In <code>StandardThreadExecutor</code>:
+ Add the ability to configure a job queue size
+ (<code>maxQueueSize</code> attribute).
+ Add a variant of execute method that allows to specify a timeout for
+ how long we want to try to add something to the queue.
+ Based on a patch by Rüdiger Plüm. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53047">53047</a>: If a JDBCRealm or DataSourceRealm is configured for
+ an all roles mode that only requires authorization (and no roles) and no
+ role table or column is defined, don't populate the Principal's roles.
+ (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53050">53050</a>: Fix handling of entropy value when initializing
+ session id generator in session manager. Based on proposal by
+ Andras Rozsa. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53056">53056</a>: Add APR version number to tcnative version INFO log
+ message. (schultz)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53057">53057</a>: Add OpenSSL version number INFO log message when
+ initializing. (schultz)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53071">53071</a>: Use the message from the Throwable for the error
+ report generated by the <code>ErrorReportValve</code> if none was
+ specified via <code>sendError()</code>. Use the standard text for HTTP
+ error codes. (markt/rjung)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53230">53230</a>: Change session managers to throw
+ TooManyActiveSessionsException instead of IllegalStateException
+ when the maximum number of sessions has been exceeded and a new
+ session will not be created. (schultz/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53267">53267</a>: Ensure that using the GC Daemon Protection feature of
+ the <code>JreMemoryLeakPreventionListener</code> does not trigger a
+ full GC every hour. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53531">53531</a>: Fix ExpandWar.expand to check the return value of
+ File.mkdir and File.mkdirs. (schultz)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Make the CSRF nonce cache in <code>CsrfPreventionFilter</code>
+ serializable so that it can be replicated across a cluster and/or
+ persisted across Tomcat restarts. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53584">53584</a>: Ignore path parameters when comparing URIs for FORM
+ authentication. This prevents users being prompted twice for passwords
+ when logging in when session IDs are being encoded as path parameters.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Various improvements to the DIGEST authenticator including
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52954">52954</a>, the disabling caching of an authenticated user in the
+ session by default, tracking server rather than client nonces and better
+ handling of stale nonce values. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ CVE-2012-3546: Fix bypass of security constraint checks with FORM
+ authentication. Remove unneeded processing in <code>RealmBase</code>.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53800">53800</a>: <code>FileDirContext.list()</code> did not provide
+ correct paths for subdirectories. Patch provided by Kevin Wooten.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53830">53830</a>: Better handling of <code>Manager.randomFile</code>
+ default value on Windows. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ CVE-2012-4431: Fix bypass of <code>CsrfPreventionFilter</code> when
+ there is no session. Improve session management in the filter.
+ (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.36 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.36_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42181">42181</a>: Better handling of edge conditions in chunk header
+ processing. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51477">51477</a>: Support all SSL protocol combinations in the APR/native
+ connector. This only works when using the native library version 1.1.21
+ or later. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52055">52055</a> (comment 14): Correctly reset
+ <code>ChunkedInputFilter.needCRLFParse</code> flag when the filter
+ is recycled. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52606">52606</a>: Ensure replayed POST bodies are available when using
+ AJP. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52858">52858</a>, CVE-2012-4534: Fix high CPU load with SSL, NIO and
+ sendfile when client breaks the connection before reading all the
+ requested data.
+ (fhanik/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53119">53119</a>: Prevent buffer overflow errors being reported when a
+ client disconnects before the response has been fully written from an
+ AJP connection using the APR/native connector. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve <code>InternalNioInputBuffer.parseHeaders()</code>. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Implement <code>maxHeaderCount</code> attribute on Connector.
+ It is equivalent of LimitRequestFields directive of
+ <a href="http://httpd.apache.org/">Apache HTTPD</a>.
+ Default value is 100. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ In JkCoyoteHandler connector for AJP/1.3 protocol
+ (in <code>JkMain.setProperty()</code>):
+ Fix setting of properties when connector has already started for
+ properties that have aliases. E.g. it now allows to change
+ <code>maxHeaderCount</code> attribute on Connector MBean via JMX.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53725">53725</a>: Fix possible corruption of GZIP'd output. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.36 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.36_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48097">48097</a> (comment 7), <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53366">53366</a> (comment 1):
+ If JSP page unexpectedly fails to initialize PageContext instance,
+ write exception to the logs instead of silent swallowing. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52335">52335</a>: Only handle <code><\%</code> and not
+ <code>\%</code> as escaped in template text. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52666">52666</a>: Correct coercion order in EL when processing the
+ equality and inequality operators. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53001">53001</a>: Revert the fix for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46915">46915</a> since the use case
+ described in the bug is invalid since it breaks the EL specification.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53032">53032</a>: Modify <code>JspC</code> so it extends
+ <code>org.apache.tools.ant.Task</code> enabling it to work with features
+ such as namespaces within build.xml files. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.36 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.36_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Replicate principal in ClusterSingleSignOn. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53513">53513</a>: Fix race condition between the processing of session
+ sync message and transfer complete message. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53606">53606</a>: Fix potential NPE in <code>TcpPingInterceptor</code>.
+ Based on a patch by F. Arnoud. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53607">53607</a>: To avoid NPE, set TCP PING data to ChannelMessage.
+ Patch provided by F.Arnoud (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix a behavior of TcpPingInterceptor#useThread.
+ Do not start a ping thread when useThread is set to false. (kfujino)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.36 (jfclere)/Web applications"><!--()--></a><a name="Tomcat_6.0.36_(jfclere)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52243">52243</a>: Improve windows service documentation to clarify how
+ to include <code>#</code> and/or <code>;</code> in the value of an
+ environment variable that is passed to the service. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52515">52515</a>: Make it clear in the Realm how-to in the documentation
+ web application that digested password storage when using DIGEST
+ authentication requires that MD5 digests are used. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52641">52641</a>: Remove mentioning of ldap.jar from docs.
+ Patch provided by Felix Schumacher. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove obsolete bug warning from windows service
+ documentation page. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52983">52983</a>: Remove unnecessary code that makes switching to
+ other authentication methods difficult. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53158">53158</a>: Fix documented defaults for DBCP.
+ Patch provided by ph.dezanneau at gmail.com. (rjung)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update JavaSE documentation links to point to the current
+ docs.oracle.com site, instead of obsolete ones (download.oracle.com,
+ java.sun.com). (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53289">53289</a>: Clarify <code>ResourceLink</code> example that
+ uses DataSource.getConnection(username, password) method. Not all
+ data source implementations support it. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Prevent the custom error pages for the Manager and Host Manager
+ applications from being accessed directly. Configure custom
+ pages for error codes 401 and 403 in Host Manager application.
+ (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct documentation for <code>enableLookups</code> attribute
+ of a Connector. By default DNS lookups are disabled. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix several HTML markup errors in servlets of examples web application.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Change the index page of ROOT webapp to mention "manager-gui" role
+ instead of "manager" one. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53473">53473</a>: Correct the allowed values for the SSI option
+ <code>isVirtualWebappRelative</code> which are <code>true</code> or
+ <code>false</code>. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53664">53664</a>: Minor JNDI Howto document enhancement concerning mail
+ properties. Patch provided by Mark Eggers. (schultz)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53601">53601</a>: Clarify that to build Apache Tomcat 6 from sources
+ a Java 5 JDK is recommended. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53793">53793</a>: Change links on the list of applications in the
+ Manager to point to <code>/appname/</code> instead of
+ <code>/appname</code>. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.36 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.36_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49402">49402</a>, <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52124">52124</a>: Fix Maven publishing script:
+ make sure it finds tomcat-juli.jar and use later version of
+ wagon-ssh. (jfclere)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Update Apache Commons Daemon to 1.0.10. It resolves <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52548">52548</a>
+ which meant that services created with service.bat did not set the
+ <code>catalina.home</code> and <code>catalina.base</code> system
+ properties. (markt, kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update Apache Commons Pool to 1.5.7. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52579">52579</a>: Add a note about Sun's Charset.decode() bug to the
+ RELEASE-NOTES file. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52805">52805</a>: Update to Eclipse JDT Compiler 3.7.2. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update the native component of the APR/native connectors to 1.1.23
+ and take advantage of the simplified distribution. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ When building a Windows installer do not copy whole "res" folder to
+ output/dist, but only the files that we need. Apply fixcrlf filter
+ only after the files are copied, so that <code>INSTALLLICENSE</code>
+ file had correct line ends. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Remove <code>res/License.rtf</code>. The file that is actually shown
+ by the Windows installer is <code>res/INSTALLLICENSE</code>.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Improve <code>RUNNING.txt</code>. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Align the script that deploys Maven jars for Tomcat
+ (<code>res/maven/mvn-pub.xml</code>) with the Tomcat 7 version,
+ making full use of Nexus. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53034">53034</a>: Add <code>project.url</code> and
+ <code>project.licenses</code> sections to the POMs for the Maven
+ artifacts. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=53454">53454</a>: Return correct content-length header for HEAD requests
+ when content length is greater than 2GB. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.35 (jfclere)"><!--()--></a><a name="Tomcat_6.0.35_(jfclere)"><strong>Tomcat 6.0.35 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2011-12-05</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.35 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.35_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix regression in decoding of parameters that contain spaces.
+ Patch by Willem Fibbe. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.34 (jfclere)"><!--()--></a><a name="Tomcat_6.0.34_(jfclere)"><strong>Tomcat 6.0.34 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.34 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.34_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51550">51550</a>: Display an error page rather than an empty response
+ for an IllegalStateException caused by too many active sessions. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51640">51640</a>: Improve the memory leak prevention for leaks
+ triggered by java.sql.DriverManager. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51688">51688</a>: JreMemoryLeakPreventionListener now protects against
+ AWT thread creation. (schultz)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51758">51758</a>: The digester (used for processing XML files) used the
+ logger name <code>org.apache.commons.digester.Digester</code> rather
+ than the expected <code>org.apache.tomcat.util.digester.Digester</code>.
+ The digester has been changed to use the expected logger name.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51862">51862</a>: Added a <code>classesToInitialize</code> attribute to
+ <code>JreMemoryLeakPreventionListener</code> to allow pre-loading of configurable
+ classes to avoid some classloader leaks. (slaurent)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51872">51872</a>: Ensure that the access log always uses the correct
+ value for the remote IP address associated with the request and that
+ requests with multiple errors do not result in multiple entries in
+ the access log. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Allow to overwrite the check for distributability
+ of session attributes by session implementations. (rjung)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Provide the log format "OneLineFormatter" for JULI that provides the same
+ information as the default plus thread name but on a single line.
+ (markt/rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Ensure the the memory leak protection for the HttpClient keep-alive
+ always operates even if the thread has already stopped. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51940">51940</a>: Do not limit saving of request bodies during FORM
+ authentication to POST requests since any HTTP method may include a
+ request body. Based on a patch by Nicholas Sushkin. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52091">52091</a>: Address performance issues related to lock contention
+ in StandardWrapper. Based on patch provided by Taiki Sugawara.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ In GenericPrincipal, SerializablePrincipal: Do not sort lists of roles
+ that have only one element. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Make configuration issue for CsrfPreventionFilter result in the
+ failure of the filter rather than just a warning message. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Ensure changes to the configuration of RemoteAddrValve and
+ RemoteHostValve via JMX are thread-safe. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Make configuration issue for RemoteAddrValve and
+ RemoteHostValve result in the failure of the valve rather than
+ just a warning message. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ In <code>RequestFilterValve</code> (<code>RemoteAddrValve</code>,
+ <code>RemoteHostValve</code>): refactor value matching logic into
+ separate method and expose this new method <code>isAllowed</code>
+ through JMX. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Improve performance of parameter processing for GET and POST requests.
+ Also add an option to limit the maximum number of parameters processed
+ per request. This defaults to 10000. Excessive parameters are ignored.
+ Note that <code>FailedRequestFilter</code> can be used to reject the
+ request if some parameters were ignored. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ New filter <code>FailedRequestFilter</code> that will reject a request
+ if there were errors during HTTP parameter parsing. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.34 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.34_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50394">50394</a>: Return -1 from read operation instead of throwing an
+ exception when encountering an EOF with the HTTP APR connector.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51698">51698</a>: Fix CVE-2011-3190. Prevent AJP message injection.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Detect incomplete AJP messages and reject the associated request if one
+ is found. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51794">51794</a>: Fix race condition in NioEndpoint selector. Patch
+ provided by dlord. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51905">51905</a>: Fix infinite loop in AprEndpoint shutdown if
+ acceptor unlock fails. Reduce timeout before forcefully closing
+ the socket from 30s to 10s. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52121">52121</a>: Fix possible output corruption when compression is
+ enabled for a connector and the response is flushed. Test
+ case provided by David Marcks. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Replace unneeded call that iterated events queue in NioEndpoint.Poller.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve MimeHeaders.toString(). (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Allow the BIO HTTP connector to be used with SSL when running under Java
+ 7. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve multi-byte character handling in all connectors. (rjung)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.34 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.34_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51220">51220</a>: Correct copy/paste error in original commit for this
+ issue. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52091">52091</a>: Address performance issues related to log creation
+ in TagHandlerPool. Patch provided by Taiki Sugawara. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.34 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.34_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51736">51736</a>: Make rpcTimeout configurable in BackupManager.
+ (kfujino)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ New cluster manager attribute <code>sessionAttributeFilter</code>
+ allows to filter which session attributes are replicated using a
+ regular expression applied to the attribute name. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Avoid an unnecessary session ID change notice.
+ Notice of changed session ID by JvmRouteBinderValve is unnecessary to
+ BackupManager. In BackupManager, change of session ID is replicated by
+ the call of a setId() method. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix unneeded duplicate <code>resetDeltaRequest()</code> call in
+ <code>DeltaSession.setId(String)</code>. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ When Context manager does not exist, no context manager message is
+ replied in order to avoid timeout (default 60 sec) of
+ GET_ALL_SESSIONS sync phase. (kfujino)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.34 (jfclere)/Web applications"><!--()--></a><a name="Tomcat_6.0.34_(jfclere)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct the documentation for the connectionLinger attribute of the HTTP
+ connector. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Show build date and version in the header on every documentation
+ page. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52049">52049</a>: Improve setup instructions for running as a Windows
+ service: correct information on how a JRE is identified and selected.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52172">52172</a>: Clarify Tomcat build instructions. Patch provided
+ by bmargulies. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.34 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.34_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update the native component of the APR/native connectors to 1.1.22.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update the recommended version of the native component of the APR/native
+ connectors to 1.1.22. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update the Eclipse compiler (used for JSPs) to 3.7. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct two typos in the Windows installer. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52059">52059</a>: In Windows uninstaller: Do not forget to remove
+ Tomcat keys from 32-bit registry on deinstallation. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.33 (jfclere)"><!--()--></a><a name="Tomcat_6.0.33_(jfclere)"><strong>Tomcat 6.0.33 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2011-08-18</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.33 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.33_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Allow to search the virtual paths before the webapp or after it. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=27988">27988</a>: Improve reporting of missing files. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=28852">28852</a>: Add URL encoding where missing to parameters in URLs
+ presented by Ant tasks to the Manager application. Based on a patch by
+ Stephane Bailliez. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46252">46252</a>: Allow to specify character set to be used to write
+ the access log in AccessLogValve. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48863">48863</a>: Provide an warning if there is a problem with a class
+ path entry but use debug level logging if it is expected due to catalina
+ home/base split. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49180">49180</a>: Add an option to disable file rotation in JULI
+ FileHandler. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50189">50189</a>: Once the application has finished writing to the
+ response, prevent further reads from the request since this causes
+ various problems in the connectors which do not expect this. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50700">50700</a>: Ensure that the override attribute of context
+ parameters is correctly followed. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50734">50734</a>: Return 404 rather than 400 for requests to the ROOT
+ context when no ROOT context is deployed. Patch provided by Violeta
+ Georgieva. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50751">50751</a>: When authenticating with the JNDI Realm, only attempt
+ to read user attributes from the directory if attributes are required.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50752">50752</a>: Fix typo in debug message in
+ <code>org.apache.catalina.startup.Embedded</code>. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50855">50855</a>: Fix NPE on AuthenticatorBase.register() when debug
+ logging is enabled. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correctly format the timestamp reported by version.[sh|bat]. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove unnecessary whitespace from MIME mapping entries in global
+ web.xml file. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51042">51042</a>: Don't trigger session creation listeners when a
+ session ID is changed as part of the authentication process. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51119">51119</a>: Add JAAS authentication support to the
+ JMXRemoteLifecycleListener. Patch provided by Neil Laurance. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Implement display of multiple request headers in AccessLogValve:
+ print not just the value of the first header, but of the all of them,
+ separated by commas. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct the SSLValve so it returns the SSL key size as an Integer rather
+ than as a String. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51162">51162</a>: Prevent possible NPE when removing a web application.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51249">51249</a>: Improve system property replacement code
+ in ClassLoaderLogManager of Tomcat JULI to cover some corner cases.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51315">51315</a>: Fix IAE when removing an authenticator valve from a
+ container. Patch provided by Violeta Georgieva. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51324">51324</a>: Improve handling of exceptions when flushing the
+ response buffer to ensure that the doFlush flag does not get stuck in
+ the enabled state. Patch provided by Jeremy Norris. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51348">51348</a>: Fix possible NPE when processing WebDAV locks. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add a container event that is fired when a session's ID is changed,
+ e.g. on authentication. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix CVE-2011-2204. Prevent user passwords appearing in log files if a
+ runtime exception (e.g. OOME) occurs while creating a new user for a
+ MemoryUserDatabase via JMX. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51400">51400</a>: Avoid jvm bottleneck on String/byte[] conversion
+ triggered by a JVM bug. Based on patches by Dave Engberg and Konstantin
+ Preißer. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51403">51403</a>: Avoid NPE in JULI FileHandler if formatter is
+ misconfigured. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Create a directory for access log or error log (in AccessLogValve and
+ in JULI FileHandler) automatically when it is specified as a part of
+ the file name, e.g. in the <code>prefix</code> attribute. Earlier this
+ happened only if it was specified with the <code>directory</code>
+ attribute. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Log a failure if access log file cannot be opened. Improve i18n
+ of messages. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve handling of URLs with path parameters and prevent incorrect 404
+ responses that could occur when path parameters were present. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51473">51473</a>: Fix concatenation of values in
+ <code>SecurityConfig.setSecurityProperty()</code>. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51509">51509</a>: Fix potential concurrency issue in CSRF prevention
+ filter that may lead to some requests failing that should not. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51588">51588</a>: Make it easier to extend the AccessLogValve to add
+ support for custom elements. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Unregister DataSource MBeans when web application stops. (kfujino)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ CVE-2011-1184: Add additional configuration options to the DIGEST
+ authenticator. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.33 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.33_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Reduce level of log message for invalid URL parameters from WARNING to
+ INFO. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48208">48208</a>: Provide an option to specify a custom trust manager
+ for BIO and NIO HTTP connectors using SSL. Based on a patch by Luciana
+ Moreira. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49595">49595</a>: Protect against crashes when using the APR/native
+ connector. (jfclere)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49929">49929</a>: Make sure flush packet is not send after END_RESPONSE
+ packet. (mturk/markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50887">50887</a>: Enable the provider to be configured when generating
+ SSL certs. Based on a patch by pknopp. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51073">51073</a>: Throw an exception and do not start the APR connector
+ if it is configured for SSL and an invalid value is provided for
+ SSLProtocol. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix CVE 2011-2526. Protect against infinite loops (HTTP NIO) and crashes
+ (HTTP APR) if sendfile is configured to send more data than is available
+ in the file. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Prevent NPEs when a socket is closed in non-error conditions after
+ sendfile processing when using the HTTP NIO connector. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51515">51515</a>: Prevent immediate socket close when comet is used over
+ HTTPS. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.33 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.33_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=36362">36362</a>: Handle the case where tag file attributes (which can
+ use any valid XML name) have a name which is not a Java identifier.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47371">47371</a>: Correctly coerce the empty string to zero when used as
+ an operand in EL arithmetic. Patch provided by gbt. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50726">50726</a>: Ensure that the use of the genStringAsCharArray does
+ not result in String constants that are too long for valid Java code.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50895">50895</a>: Don't initialize classes created during the
+ compilation stage. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51124">51124</a>: Make Tomcat more robust if an OOME occurs. Usually
+ after an OOME all bets are off but this change appears to help some
+ users and the description of a 'recoverable' OOME in the bug
+ is a plausible one. Based on a patch by Ramiro. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51177">51177</a>: Ensure Tomcat's MapELResolver and ListELResolver
+ always return <code>Object.class</code> for <code>getType()</code> as
+ required by the EL specification. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct possible threading issue in JSP compilation when development
+ mode is used. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51220">51220</a>: Add a system property to enable tag pooling with JSPs
+ that use a custom base class. Based on a patch by Dan Mikusa. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Broaden the exception handling in the EL Parser so that more failures to
+ parse an expression include the failed expression in the exception
+ message. Hopefully, this will help track down the cause of
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51088">51088</a>. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Improve error reporting of Jasper compilation. (schultz)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.33 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.33_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50646">50646</a>: Fix cluster message data corruption if message size
+ exceeds the underlying buffer size. Patch provided by Olivier Costet.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50771">50771</a>: Ensure HttpServletRequest#getAuthType() returns the
+ name of the authentication scheme if request has already been
+ authenticated. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50950">50950</a>: Correct possible NotSerializableException for an
+ authenticated session when running with a security manager. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51306">51306</a>: Avoid NPE when handleSESSION_EXPIRED is processed
+ while handleSESSION_CREATED is being processed. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ The change in session ID is notified to the container event listener on
+ the backup node in cluster. This notification is controlled by
+ notifyContainerListenersOnReplication. (kfujino)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.33 (jfclere)/Web applications"><!--()--></a><a name="Tomcat_6.0.33_(jfclere)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41498">41498</a>: Add the allRolesMode attribute to the Realm
+ configuration page in the documentation web application. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48997">48997</a>: Fixed some typos and improve cross-referencing to the
+ HTTP Connector and APR documentation with the SSL How-To page of the
+ documentation web application. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50804">50804</a>: Update links for Servlet 2.5 and JSP 2.1 Javadoc.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Improve class loading documentation and logging documentation.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Configure Security Manager How-To to include a copy of the actual
+ conf/catalina.policy file when the documentation is built, rather
+ than maintaining a copy of its content. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51147">51147</a>: Fix deployment via HTML Manager that was broken by
+ addition of CRSF protection. Patch provided by Alexis Hassler. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51156">51156</a>: Ensure session expiration option is available in
+ Manager application was running web applications that were defined in
+ server.xml. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct the log4j configuration settings when defining conversion
+ patterns in the documentation web application. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Update Maven repository information in the documentation to reflect
+ current usage. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51346">51346</a>: Update the documentation web application to make clear
+ the circumstances in which the RequestDumperValve will consume the
+ request's InputStream. Based on a patch by pid. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51443">51443</a>: Document the notifySessionListenersOnReplication
+ attribute for the DeltaManager. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51516">51516</a>: Correct documentation web application to show correct
+ system property name for changing the name of the SSO session cookie.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update documentation to be even more explicit about the implications
+ of setting the <code>path</code> attribute on a <code>Context</code>
+ element in <code>server.xml</code>. (markt/kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.33 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.33_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Clarify error messages in *.sh files to mention that if a script is
+ not found it might be because execute permission is needed. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=33262">33262</a>, <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40510">40510</a>, <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50949">50949</a>, <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51135">51135</a>:
+ Various improvements to the Windows installer to be able to install
+ several copies of Tomcat 6 side by side. Allow to configure service
+ name, connector and shutdown ports. Allow to choose whether to install
+ Start menu shortcuts and Apache Tomcat monitor application for all
+ users or for the current one only. Improve auto-detection of JAVA_HOME
+ for 64-bit Windows platforms: autoselect 32-bit JRE if it exists and
+ 64-bit one is not available. Improve server.xml file handling.
+ Fix uninstallation icon. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50854">50854</a>: Add additional entries to the default catalina.policy
+ file to support running the manager web application from CATALINA_HOME
+ or CATALINA_BASE. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Update default download sources to use the central Apache Maven 2
+ repository as some libraries have been removed from the central Apache
+ Maven 1 repository. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51155">51155</a>: Add comments to @deprecated tags that have none. Patch
+ provided by sebb. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=51309">51309</a>: Correct logic in catalina.sh stop when using a PID
+ file to ensure the correct message is shown. Patch provided by Caio
+ Cezar. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update Apache Commons Pool to 1.5.6. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update Apache Commons Daemon to 1.0.7. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ At build time use two alternative download locations for components
+ downloaded from apache.org. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.32 (jfclere)"><!--()--></a><a name="Tomcat_6.0.32_(jfclere)"><strong>Tomcat 6.0.32 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2011-02-03</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.32 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.32_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48822">48822</a>: Include context name in reload and stop log statements.
+ Based on the patch provided by Marc Guillemot. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50673">50673</a>: Improve Catalina shutdown when running as a service.
+ Do not call System.exit(). (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50689">50689</a>: Provide 100 Continue responses at appropriate points
+ during FORM authentication if client indicates that they are expected.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve HTTP specification compliance in support of
+ <code>Accept-Language</code> header. This protects from known exploit
+ of the Oracle JVM bug that triggers a DoS, CVE-2010-4476. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.32 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.32_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49795">49795</a>: Backport AprEndpoint shutdown improvements, to make
+ it more robust. (mturk/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50325">50325</a>: When the JVM indicates support for RFC 5746, disable
+ Tomcat's <code>allowUnsafeLegacyRenegotiation</code> configuration
+ attribute and use the JVM configuration to control renegotiation.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50631">50631</a>: InternalNioInputBuffer should honor
+ <code>maxHttpHeadSize</code>. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50651">50651</a>: Fix NPE in InternalNioOutputBuffer.recycle().
+ (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.32 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.32_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Be consistent with locks on sessionCreationTiming,
+ sessionExpirationTiming in DeltaManager.resetStatistics(). (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.31 (jfclere)"><!--()--></a><a name="Tomcat_6.0.31_(jfclere)"><strong>Tomcat 6.0.31 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.31 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.31_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49543">49543</a>: Allow Tomcat to use shared data sources with per
+ application credentials. (fhanik)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50205">50205</a>: Add the deployIgnorePaths attribute to the Host
+ element. Based on a patch by Jim Riggs. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50413">50413</a>: Additional fix that ensures the error page is served
+ regardless of any Range headers in the original request. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50550">50550</a>: When a new directory is created (e.g. via WebDAV)
+ ensure that a subsequent request for that directory does not result in a
+ 404 response. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Provide session creation and destruction rate metrics in the session
+ managers. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50606">50606</a>: Improve CGIServlet: Provide support for specifying
+ empty value for the <code>executable</code> init-param. Provide support
+ for explicit additional arguments for the executable. Those were
+ broken when implementing fix for bug <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49657">49657</a>. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50620">50620</a>: Stop exceptions that occur during
+ <code>Session.endAccess()</code> from preventing the normal completion
+ of <code>Request.recycle()</code>. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.31 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.31_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove a huge memory leak in the NIO connector introduced by the fix
+ for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49884">49884</a>. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.31 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.31_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50600">50600</a>: Prevent a <code>ConcurrentModificationException</code>
+ when removing a WAR file via the FarmWarDeployer. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.30 (jfclere)"><!--()--></a><a name="Tomcat_6.0.30_(jfclere)"><strong>Tomcat 6.0.30 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2011-01-13</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.30 (jfclere)/General"><!--()--></a><a name="Tomcat_6.0.30_(jfclere)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Filter input of manager app servlets. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43960">43960</a>: Expose available property of StandardWrapper via JMX.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update to Commons Daemon 1.0.5. (mturk)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Switch to using the Eclipse compiler JAR directly rather than creating
+ it from the larger JDT download. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Allow the off-line building of the extras package. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update to Commons Pool 1.5.5. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49728">49728</a>, <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50084">50084</a>: Improve PID file handling when
+ another process is managing the PID file and Tomcat does not have write
+ access. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49909">49909</a>, <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50201">50201</a>: Provide a mechanism to log requests
+ rejected before they reach the AccessLogValve to appear in the access
+ log. (markt/kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.30 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.30_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38113">38113</a>: Provide a system property that enables a strict
+ interpretation of the specification for <code>getQueryString()</code>
+ when an empty query string is provided by the user agent. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Return a copy of the current URLs for the <code>WebappClassLoader</code>
+ to prevent modification. This facilitated, although it wasn't the root
+ cause, CVE-2010-1622. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48837">48837</a>: Extend thread local memory leak detection to include
+ classes loaded by subordinate class loaders to the web
+ application's class loader such as the Jasper class loader.
+ Patch provided by Sylvain Laurent. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48973">48973</a>: Avoid creating a SESSIONS.ser file when stopping an
+ application if there's no session. Patch provided by Marc Guillemot.
+ (slaurent)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49030">49030</a>: Failure during start of one connector should not leave
+ some connectors started and some ignored. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49195">49195</a>: Don't report an error when shutting down a Windows
+ service for a Tomcat instance that has a disabled shutdown port. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49209">49209</a>: Fix problem with JDBC driver memory leak prevention
+ when running under a security manager. Patch provided by Sylvain
+ Laurent. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49613">49613</a>: Improve performance when using SSL for applications
+ that make multiple class to <code>Request.getAttributeNames()</code>.
+ Patch provided by Sampo Savolainen. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49657">49657</a>: Handle CGI executables with spaces in the path.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49667">49667</a>: Ensure that using the JDBC driver memory leak
+ prevention code does not cause a one of the memory leaks it is meant to
+ avoid. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49749">49749</a>: Respect <code>httpOnly</code> setting of Context
+ when creating SSO cookie. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Provide better web application state information via JMX. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49811">49811</a>: Add an option to disable URL rewriting on a per
+ Context basis. The option name is <code>disableURLRewriting</code>.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49856">49856</a>: Expose the executor name for the connector via JMX.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49915">49915</a>: Make error more obvious, particularly when accessed
+ via JConsole, if StandardServer.storeConfig() is called when there is
+ no StoreConfig implementation present. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49965">49965</a>: Use correct i18n resources for StringManager in
+ JAASRealm. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49987">49987</a>: Fix potential data race in the population of the
+ Servlet Context initialisation parameters. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Code clean-up. Avoid some casts in StandardContext. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add security policy and token poller protection to the JRE memory leak
+ protection provided in Tomcat 6. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50026">50026</a>: Add support for mapping the default servlet to URLs
+ other than /. (timw)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50128">50128</a>: Improve exception handling in PersistentManagerBase
+ when running with a security manager. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50131">50131</a>: Avoid possible NPE in debug output in PersistentValve.
+ Patch provided by sebb. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50138">50138</a>: Fix threading issues in
+ <code>org.apache.catalina.security.SecurityUtil</code>. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add a new filter, <code>org.apache.catalina.filters.CsrfPreventionFilter</code>,
+ to provide generic cross-site request forgery (CSRF)
+ protection for web applications. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Make sure Contexts defined in server.xml pick up any <code>configClass</code>
+ setting from the parent Host. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50222">50222</a>: Modify memory leak prevention code so it pins the
+ system class loader in memory rather than than the common class loader,
+ which is better for embedded systems. (schultz)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Make memory leak prevention code that clears ThreadLocal instances more
+ robust against objects with <code>toString()</code> methods that throw
+ exceptions. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50282">50282</a>: Load <code>javax.security.auth.login.Configuration</code>
+ with <code>JreMemoryLeakPreventionListener</code> to avoid memory leak
+ when stopping a webapp that would use JAAS.
+ (slaurent)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50413">50413</a>: Ensure 304s are not returned when using static files
+ as error pages. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50453">50453</a>: Correctly handle multiple <code>X-Forwarded-For</code>
+ headers in the RemoteIpValve. Patch provided by Jim Riggs. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50459">50459</a>: Fix thread/classloader binding issues in
+ StandardContext. (slaurent)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50527">50527</a>: Improve an error message shown by HttpServlet. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50556">50556</a>: Improve JreMemoryLeakPreventionListener to prevent
+ a potential class loader leak caused by a thread spawned when the class
+ <code>com.sun.jndi.ldap.LdapPoolManager</code> is initialized and the
+ system property <code>com.sun.jndi.ldap.connect.pool.timeout</code> is
+ set to a value greater than 0. (slaurent)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50642">50642</a>: Move the <code>sun.net.www.http.HttpClient</code>
+ keep-alive thread memory leak protection from the
+ JreMemoryLeakPreventionListener to the WebappClassLoader since the
+ thread that triggers the memory leak is created on demand. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.30 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.30_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47913">47913</a>: Return the IP address rather than null for
+ <code>getRemoteHost()</code> with the APR connector if the IP address
+ does not resolve. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Avoid a NPE for APR connector unlockAccept with default soTimeout.
+ (mturk)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48545">48545</a>: Allow JSSE trust stores to be used without providing
+ a password. Based on a patch by smmwpf54. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48738">48738</a>: Add support for flushing gzipped output. Based on a
+ patch by Jiong Wang. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Avoid a NPE in the DeltaManager when a parallel request invalidates the
+ session before the current request has a chance to send the replication
+ message. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48925">48925</a>: <code>request.getLocalAddr()</code> returns
+ <code>null</code> when using the default Jk AJP/1.3 connector. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49497">49497</a>: Stop accepting new requests (inc keep-alive) once the
+ BIO connector is paused and the current request has finished processing.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49521">49521</a>: Disable scanning for a free port in Jk AJP/1.3
+ connector by default. Do not change <code>maxPort</code> field value of ChannelSocket
+ in its <code>setPort()</code> and <code>init()</code> methods. Add
+ support for <code>maxPort</code> attribute on a <code>Connector</code>
+ element as a synonym for <code>channelSocket.maxPort</code>. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49625">49625</a>: Ensure Vary header is set if response may be
+ compressed rather than only setting it if it is compressed. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49730">49730</a>: Fix race condition in StandardThreadExecutor that can
+ lead to long delays in processing requests. Patch provided by Sylvain
+ Laurent. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49860">49860</a>: Add support for trailing headers in chunked HTTP
+ requests. The header length is limited to 8192 by default and the limit
+ can be changed via a system property. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49972">49972</a>: Fix potential thread safe issue when formatting dates
+ for use in HTTP headers. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50072">50072</a>: NIO connector can mis-read request line if not sent in
+ a single packet. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve recycling of processors in Http11NioProtocol. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50273">50273</a>: Provide a workaround for an HP-UX issue that can
+ result in large numbers of SEVERE log messages appearing in the logs as
+ a result of normal operation. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Make SSL certificate encoding algorithm consistent between connectors by
+ using the JVM default for all connectors. This also fixes an issue with
+ the NIO connector on IBM JVMs. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50467">50467</a>: Protected against NPE triggered by a race condition
+ that causes the NIO poller to fail, preventing the processing of further
+ requests. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.30 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.30_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49217">49217</a>: Ensure that identifiers used in EL meet the
+ requirements of the Java Language Specification. This check is off by
+ default and can be enabled by setting a system property. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49555">49555</a>: Correctly handled Tag Libraries where functions are
+ defined in static inner classes. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49665">49665</a>: Provide better information including JSP file name and
+ location when a missing file is detected during TLD handling. Patch
+ provided by Ted Leung. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49985">49985</a>: Fix thread safety issue in EL parser. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49986">49986</a>: Fix thread safety issue in JSP reloading. (timw))
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49998">49998</a>: Make jsp:root detection work with single quoted
+ attributes as well. (timw)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50066">50066</a>: Compile a recursive tag file if it depends on a JAR.
+ Patch provided by Sylvain Laurent. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50078">50078</a>: Fix threading issues in EL caches and make cache sizes
+ configurable. Threading patch provided by Takayoshi Kimura. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50105">50105</a>: When processing composite EL expressions use
+ <code>Enum.name()</code> rather than <code>Enum.toString()</code> as
+ required by the EL specification. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50228">50228</a>: Improve recycling of <code>BodyContentImpl</code>.
+ This avoids keeping a cached reference to a webapp-provided Writer
+ used in JspFragment.invoke() calls. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50460">50460</a>: Fix memory leak in JspDocumentParser triggered by
+ first access to a jspx page. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50500">50500</a>: Use correct coercions (as per the EL spec) for
+ arithmetic operations involving string values containing '.',
+ 'e' or 'E'. Based on a patch by Brian Weisleder.
+ (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.30 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.30_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49343">49343</a>: When ChannelException is thrown, remove listener from
+ channel. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add Null check when CHANGE_SESSION_ID message received. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ When a cluster node disappears when using the backup manager, handle the
+ failed ping message rather than propagating the exception (which just
+ logs the stack trace but doesn't do anything to deal with the failure).
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49905">49905</a>: Fix potential memory leak when using asynchronous
+ session replication. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49924">49924</a>: When non-primary node changes into a primary node,
+ make sure isPrimarySession is changed to true. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add support for <code>maxActiveSessions</code> attribute to
+ BackupManager. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve sending an access message in DeltaManager.
+ Use <code>maxInactiveInterval</code> not of the Manager, but of the session.
+ If <code>maxInactiveInterval</code> is negative, the access message is not
+ being sent. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50547">50547</a>: Add time stamp for CHANGE_SESSION_ID message and
+ SESSION_EXPIRED message. (kfujino)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.30 (jfclere)/Web applications"><!--()--></a><a name="Tomcat_6.0.30_(jfclere)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49585">49585</a>: Update JSVC documentation to reflect new packaging
+ of Commons Daemon. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Configure the Manager web application to use the new CSRF protection. To
+ take advantage of this protection, the <code>manager</code> role must be
+ removed from all users and the new <code>manager-gui</code> and
+ <code>manager-script</code> roles used instead. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Configure the Host Manager web application to use the new CSRF
+ protection. To take advantage of this protection, the <code>admin</code> role
+ must be removed from all users and the new <code>admin-gui</code> and
+ <code>admin-script</code> roles used instead. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50303">50303</a>: Update JNDI how-to to reflect new JavaMail and JAF
+ download locations and that JAF is now included in Java SE 6. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ CVE-2010-4172: Multiple XSS in Manager application. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Improve Tomcat Logging documentation. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50242">50242</a>: Provide a sample log4j configuration that more
+ closely matches the default JULI configuration. Patch provided by
+ Christopher Schultz. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50294">50294</a>: Add more information to documentation regarding format
+ of configuration files. Patch provided by Luke Meyer. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Configure the Manager and Host-Manager web applications to use HttpOnly
+ flag for their session cookies. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50316">50316</a>: Fix display of negative values in the Manager web
+ application. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Improve documentation of database connection factory. (rjung)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.30 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.30_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48716">48716</a>: Do not call reset if the default LogManager is in use.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Use native line endings for example Eclipse configuration files in
+ source distribution. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49428">49428</a>: Add a work-around for the known namespace issues for
+ some Microsoft WebDAV clients. Based on the patch provided by
+ Panagiotis Astithas. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49861">49861</a>: Fix formatting of log messages in JXM remote listener.
+ Do not use commas when printing RMI port numbers. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50140">50140</a>: Don't ignore a user specified install directory
+ on 64-bit platforms when using the Windows installer. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=50552">50552</a>: Avoid NPE that hides error message when using Ant
+ tasks. (schultz)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Numerous improvements to the Windows installer: update install/uninstall
+ icons, create an installation log, allow 32-bit JVMs to be selected when
+ installing on a 64-bit platform, replace the .ini files with the script
+ equivalents, use the new manager and host-manager roles, provide the
+ ability to edit the roles for the added user, add support for the
+ <code>/?</code> command line switch, clean up fully after installation,
+ add DetailPrint statements for operations that may take time and
+ improve the descriptions of the components. (kkolinko, mturk, markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.29 (jfclere)"><!--()--></a><a name="Tomcat_6.0.29_(jfclere)"><strong>Tomcat 6.0.29 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2010-07-22</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.29 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.29_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48960">48960</a>: Add a new option to the SSI Servlet and SSI Filter to
+ allow the disabling of the <code>exec</code> command. This is now
+ disabled by default. Based on a patch by Yair Lenga. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49551">49551</a>: Allow default context.xml location to be specified
+ using an absolute path. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49598">49598</a>: When session is changed and the session cookie is
+ replaced, ensure that the new Set-Cookie header overwrites the old
+ Set-Cookie header. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix order when listing Webapp loader search URLs. (rjung)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add support for <code>*.jar</code> pattern in VirtualWebappLoader.
+ (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.28 (jfclere)"><!--()--></a><a name="Tomcat_6.0.28_(jfclere)"><strong>Tomcat 6.0.28 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2010-07-09</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.28 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.28_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>Arrange filter logic. (jfclere)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49230">49230</a>: Enhance JRE leak prevention listener with protection
+ for the keep-alive thread started by
+ <code>sun.net.www.http.HttpClient</code>. Patch provided by Rob Kooper.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49351">49351</a>: Fix possible NPE when embedding and no name is
+ specified for the Service. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49424">49424</a>: Avoid NPE if client provides no data with a chunked
+ POST request. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49414">49414</a>: Improve diagnostic of memory leaks.
+ Differentiate between request threads and application
+ created threads when warning about still running threads when an
+ application stops. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49443">49443</a>: Fix RemoteIpValve documentation. Use remoteIpHeader
+ rather than remoteIPHeader consistently. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add property <code>searchExternalFirst</code> to WebappLoader.
+ If set, the external repositories will be searched before
+ the WEB-INF ones. (rjung)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.28 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.28_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49445">49445</a>: When session ID is changed after authentication,
+ ensure the DeltaManager replicates the change in ID to the other nodes
+ in the cluster. (kfujino)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.28 (jfclere)/Web applications"><!--()--></a><a name="Tomcat_6.0.28_(jfclere)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49213">49213</a>: Grant permissions required by manager application when
+ running under a security manager. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49436">49436</a>: Correct documented default for <code>readonly</code>
+ attribute of the UserDatabase component. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.27 (jfclere)"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)"><strong>Tomcat 6.0.27 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.27 (jfclere)/General"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update DBCP to 1.3. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.27 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix CVE-2010-1157. Prevent possible disclosure of host name or IP
+ address via the HTTP WWW-Authenticate header when using BASIC or DIGEST
+ authentication. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Include context name when reporting memory leaks to aid root cause
+ identification. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve exception handling on session de-serialization to assist in
+ identifying the root cause of <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48007">48007</a>. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48379">48379</a>: Make session cookie name, domain and path configurable
+ per context. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48589">48589</a>: Make JNDIRealm easier to extend. Based on a patch by
+ Candid Dauth. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48629">48629</a>: Allow user names as well as DNs to be used with the
+ nested role search. Add roleNested to the documentation. Patch provided
+ by Felix Schumacher. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48661">48661</a>: Make error page behavior consistent, regardless of how
+ the error page is defined. If a response has been committed, always
+ include the error page. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48729">48729</a>: Return roles defined by both userRoleName and roleName
+ mechanisms. Patch provided by 'eric'. Also make user's role list
+ immutable.(markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48760">48760</a>: Fix potential multi-threading issue in static resource
+ serving where multiple threads could try to use the the same
+ InputStream. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48790">48790</a>: Fix thread safety issue in the count of the maximum
+ number of active session. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48793">48793</a>: Make catalina.sh more robust to different return
+ values on different platforms. Patch provided by Thomas GL. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48840">48840</a>: Swallow output (if any) from use of cd when determining
+ $CATALINA_HOME in catalina.sh and tool-wrapper.sh scripts. Based on patch
+ provided by mdietze. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48895">48895</a>: Make clearing of ThreadLocals that are causing memory
+ leaks on web application stop, reload or undeploy configurable since the
+ process of clearing them is not thread-safe. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48903">48903</a>: Fix deadlock in webapp class loader. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48971">48971</a>: Make stopping of leaking Timer threads optional and
+ disabled by default. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48976">48976</a>: Document JAVA_ENDORSED_DIRS in start-up scripts. Patch
+ provided by Laurent Vaills. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48983">48983</a>: Improve debug logging for situations when
+ <code>RemoteIpValve</code> is bypassed. Patch provided by Cyrille Le
+ Clerc. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49018">49018</a>: Fix processing of time argument in the Expire sessions
+ action in the Manager web application. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49116">49116</a>: If session is already invalid, expire session to
+ prevent memory leak. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49158">49158</a>: Ensure only one session cookie is returned for a
+ single request. (markt/fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49245">49245</a>: Fix session expiration check in cross-context
+ requests. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49398">49398</a>: ByteChunk.indexOf(String, int, int, int) could not
+ find a string of length 1. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix possible overflows when calculating session statistics. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Log unexpected exceptions when providing access to web application
+ resources in ApplicationContext. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve exception handling in CatalinaShutdownHook. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Expose properties of VirtualWebappLoader and WebappClassLoader via JMX.
+ (rjung)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.27 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48839">48839</a>: Correctly handle HTTP header folding in the NIO
+ connector. Patch suggested by Richa Baronia. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48843">48843</a>: Prevent possible deadlock for worker allocation in
+ connectors. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48843">48843</a>: Fix handling of add queues in AprEndpoint.Poller and
+ AprEndpoint.Sendfile. Do not miss wakeups. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48862">48862</a>: Add support for the backlog parameter to the AJP
+ connector. (pero/markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48917">48917</a>: Correct name of mod_jk module in ApacheConfig. Patch
+ provided by Todd Hicks. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49095">49095</a>: AprEndpoint did not wakeup acceptors during shutdown
+ when deferAccept option was enabled. Based on a patch provided by
+ Ruediger Pluem. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Use chunked encoding for http 1.1 requests with no content-length
+ (regardless of keep-alive) so client can differentiate between complete
+ and partial responses. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct the SSL session timeout attribute name so the code agrees with
+ the documentation. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ CoyotePrincipal now implements Serializable. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Enable the BIO AJP connector to run under a security manager. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.27 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45015">45015</a>: Correct a regression in quote handling caused by the
+ re-factoring of attribute parsing. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48701">48701</a>: Add a system property to allow disabling enforcement
+ of JSP.5.3. The specification recommends, but does not require, this
+ enforcement. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48737">48737</a>: Don't assume paths that start with /META-INF/... are
+ always in JARs. This is not true for some IDEs. Patch provided by
+ Fabrizio Giustina. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49081">49081</a>: Correctly handle EL expressions of the form #${...}.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49196">49196</a>: Avoid NullPointerException in PageContext.getErrorData()
+ if an error-handling JSP page is called directly. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.27 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48717">48717</a>: When a node joins a cluster and it receives all the
+ current sessions, ensure the sessionCreated event is fired if the
+ Manager is configured to replicate session events. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48934">48934</a>: Previous fix to handle dropped connections incorrectly
+ permanently disabled session replication. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49051">49051</a>: memberAlive is not called if member has not already
+ existed in membership. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49151">49151</a>: Avoid ClassCastException in BackupManager#stop.
+ (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49170">49170</a>: Do not send duplicated session. (kfujino)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add missing messages and ensure cluster listeners log messages to
+ correct logger. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.27 (jfclere)/Web applications"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Use underscores instead of spaces in anchor names in Tomcat
+ documentation. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add support for displaying the Spring Security user name (if present) in
+ the Manager application. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Improve the ChatServlet <a href="aio.html">Comet</a> example
+ (/examples/jsp/chat/). (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.27 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.27_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>Update to Commons Daemon 1.0.2. Use service launcher (procrun)
+ from the Commons Daemon release. Do not keep a copy of it in our source
+ tree. (mturk/kkolinko)</td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update to NSIS 2.46. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48990">48990</a>: Fix the <code>skip.installer</code> build property
+ so if set, only the Windows installer is skipped. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49178">49178</a>: Provide in catalina.policy an example of additional
+ permissions that might be needed for code located in
+ <code>$CATALINA_BASE/lib</code>. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=49236">49236</a>: Do not use indexing when packing Tomcat JARs.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove unused code from org.apache.tomcat.util.buf classes. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Rearrange tomcat-juli.jar permissions and wrap long lines in the
+ <code>conf/catalina.policy</code> file, to make the text more readable
+ when cited in documentation. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Do not evaluate the <code>execute.installer</code> property when building
+ a release. The <code>skip.installer</code> property is used instead.
+ (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.26 (jfclere)"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)"><strong>Tomcat 6.0.26 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2010-03-11</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.26 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Close security hole in unreleased 6.0.25 by ensuring new find leaks
+ functionality is protected by a security constraint. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48831">48831</a>: Improve logging shutdown behaviour. Use Catalina's
+ shutdown hook to shutdown JULI. This enables them to be shutdown in the
+ correct order. Do not shutdown global handlers several times.
+ (markt/kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.26 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48584">48584</a>: Prevent the APR connector logging an error if the
+ acceptor fails during shutdown since this is expected. (mturk)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48660">48660</a>: Using compression should not overwrite any Vary header
+ set by a web application. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.26 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48371">48371</a>: Ensure generated servlet mappings are inserted at the
+ correct location when using JspC and allow the option that controls this
+ to be configured on the command line. Also allow the encoding of web.xml
+ to be configured when using JspC and deprecate some unused JspC methods.
+ (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48498">48498</a>: Avoid ArrayIndexOutOfBoundsException triggered by a
+ Java 6/7 XML parser bug. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48668">48668</a>: Additional fixes to ensure deferred syntax is handled
+ correctly. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48827">48827</a>: Correct a regression in the fix for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47977">47977</a>
+ that caused an incorrect non-empty body error to be reported for valid
+ JSP documents. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.26 (jfclere)/Web applications"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Make changelog.xml be directly rendered as HTML by certain browsers.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add support for automated generation of TOC tables and for links to svn
+ revisions to tomcat-docs.xsl in documentation. (kkolinko/fhanik)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Move Manager application JSPs that are not intended to be accessed
+ directly under the WEB-INF directory. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve the messages displayed by the find leaks diagnostic in the
+ Manager application. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.26 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.26_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Encode all property files using ascii escaped UTF-8. Also fixes
+ deployment problem when using French locale. (jfclere/rjung)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.25 (jfclere)"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)"><strong>Tomcat 6.0.25 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.25 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48039">48039</a>: Return immediately if start() is called on an already
+ started StandardService. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48109">48109</a>: Ensure InputStream is closed on error condition in web
+ application class loader. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48179">48179</a>: Clean up dead code that was used to read tldCache
+ file. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48318">48318</a>: Handle case where WebDAV resource is in directory
+ listing but is not accessible. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48384">48384</a>: Add a per context xslt option for directory listings.
+ Make the fallback options work as described in the documentation.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48577">48577</a>: Filter URL when displaying missing included page.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48612">48612</a>: Prevent exception on shutdown if the address attribute
+ is specified for a connector. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48613">48613</a>: Further fixes to ensure APRLifecycleListener is only
+ used if defined in server.xml. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48614">48614</a>: Correct JULI log file buffering so default behaviour
+ is no buffering. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48625">48625</a>: Provide an option to exit if an error occurs during
+ the initialization phase. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48645">48645</a>: Use specified encoding rather than null in calls to
+ <code>RequestUtil.URLDecode(byte[] bytes, String enc)</code> (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48653">48653</a>: Force request.secure and request.scheme to
+ <code>false</code> and <code>http</code> if the X-Forwarded-Proto header
+ has the value http. Patch provided by Cyrille Le Clerc. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48678">48678</a>: Remove duplicate server field from
+ <code>org.apache.catalina.startup.Catalina</code>. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48694">48694</a>: Remove potential deadlock in web application class
+ loader. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48716">48716</a>: Provide additional configuration options for JULI.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48726">48726</a>: Prevent OOME when uploading large WAR files with the
+ deployer. Patch provided by adam. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Improve memory leak protection by safely stopping threads started via
+ <code>java.util.Timer</code> that an application starts but fails to
+ stop and by clearing references retained due to the use of
+ <code>java.util.ResourceBundle</code>. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Modify ThreadLocal memory leak detection to not report false positives
+ and to simplify implementation. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Basic memory leak detection was added to the standard Host
+ implementation and exposed via JMX to detect memory leaks on web
+ application reload. (markt/kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.25 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update the native/APR library version bundled with Tomcat to 1.1.20.
+ (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.25 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add some debug logging to the compiler where exceptions were previously
+ swallowed. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48170">48170</a>: Remove unnecessary synchronization that is causing
+ issues under load. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48580">48580</a>: Prevent AccessControlException if first access is to a
+ JSP that uses a FunctionMapper. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48582">48582</a>: Avoid NPE on background compilation failure. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48616">48616</a>: Don't declare or synchronize scripting variables for
+ JSP fragments since they are scriptless. This is an alternative fix for
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42390">42390</a> that avoids both the original problem and the
+ regression in the first fix. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48627">48627</a>: Fix regression in re-factored EL parsing. Keep
+ literals as literals and handle deferredSyntaxAllowedAsLiteral.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48668">48668</a>: When parsing JSPs only parse EL as EL if EL is enabled
+ else strings such as ${ will be silently dropped. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Various EL TCK failures. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.25 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Force a disconnect if an error occurs during replication such as
+ a firewall dropping the connection. (fhanik)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.25 (jfclere)/Web applications"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add new "Find leaks" command to the Manager application. It allows to
+ detect web applications that have caused memory leaks on stop,
+ reload or undeploy. (markt/kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.25 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.25_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Ensure files in conf directory have CRLF line endings when using the
+ Windows installer. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Allow special characters recognized by the Windows command-line shell to
+ be present in the names of CATALINA_HOME/_BASE and the current directory
+ used to call the Tomcat scripts. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Don't use @Deprecated annotations in
+ <code>javax.servlet.jsp.JspContext</code> since the specification does
+ not include them in the API definition. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Improve the information in the JAR manifest files. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.24 (jfclere)"><!--()--></a><a name="Tomcat_6.0.24_(jfclere)"><strong>Tomcat 6.0.24 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2010-01-21</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.24 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.24_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct TCK failures with security manager caused by the original fix
+ for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47774">47774</a>. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.24 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.24_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove broken link in README.html. (jfclere)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add <code>.notice</code> files to the set of files that have their line
+ endings changed. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <code>.zip</code> distributions should have windows line endings.
+ (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.23 (jfclere)"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)"><strong>Tomcat 6.0.23 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.23 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47774">47774</a>: Ensure web application class loader is used when
+ calling session listeners. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48006">48006</a>: Add additional information to the optional
+ X-Powered-By header to align with the content suggested in the Servlet
+ specification. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48345">48345</a>: Sessions timed out too early when using
+ PersistentManager. Patch provided by Keiichi Fujino. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48398">48398</a>: Make objects used as locks final to ensure correct
+ operation. Patch provided by sebb. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48417">48417</a>: Update French translations. Patch provided by André
+ Warnier. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48421">48421</a>: Fix file descriptor and potential memory leak when a
+ web application uses a local logging.properties file. Allow a web
+ application's log files to be deleted once the web application has been
+ stopped. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48454">48454</a>: Ensure stderr is completely read before terminating
+ the CGI process. Patch provided by Markus Grieder. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48516">48516</a>: Prevent NPE in JNDIRealm if requested user does not
+ exist. Patch provided by Kevin Conaway. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix implementation of log buffer size and provide a cleaner interface.
+ (fhanik/kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.23 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update version of native bundled in Windows installer to 1.1.19. (mturk)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update recommended version for native to 1.1.19. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48004">48004</a>: All web applications to set the http
+ <code>Server</code> header. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48470">48470</a>: Ensure Tomcat does not lock up if shut down under
+ load. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.23 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47977">47977</a>: Using a body with a tag that has an empty body should
+ cause an error. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48112">48112</a>: Correct handling of } character in literals when parsing
+ expressions. This also improves the fix for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47413">47413</a>. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.23 (jfclere)/Web applications"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48530">48530</a>: Add information on the Manager Server Status page to
+ the Manager How-To in the documentation webapp. Based on a patch by
+ Arnaud Espy. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48532">48532</a>: Add information to the BIO/NIO SSL configuration page
+ in the documentation web application to specify how the defaults for the
+ various trust store attributes are determined. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.23 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.23_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove hard coded version numbers and instead apply version filter
+ already defined in ant scripts. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47609">47609</a>: Correct regression in previous fix. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48464">48464</a>: Provide an option to specify the command window title
+ in catalina.bat on Windows. Patch provided by LiuYan. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add some missing deprecation markers for
+ <code>javax.servlet.jsp.JspContext</code>. (markt/kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.22 (jfclere)"><!--()--></a><a name="Tomcat_6.0.22_(jfclere)"><strong>Tomcat 6.0.22 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.22 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.22_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Log errors if a web application starts a thread but fails to stop the
+ thread when the web application stops or is reloaded. Failure to stop a
+ thread is very likely to result in a memory leak. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Provide an option to stop any threads a web application starts but fails
+ to stop when the web application stops or is reloaded. Using this option
+ is very likely to result in instability and should be viewed as a last
+ resort in development and is not recommended at all in production.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Log errors if a web application creates a ThreadLocal but fails to clear
+ it when the web application stops or is reloaded. Failure to clear a
+ ThreadLocal is very likely to result in a memory leak. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Clear any unintentional references remaining in
+ <code>sun.rmi.transport.Target</code> when the web application stops or
+ is reloaded. Failure to clear these is very likely to result in a memory
+ leak. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.22 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.22_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove unneeded line from the method that normalizes decodedURI.
+ (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.22 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.22_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct MD5 generation in the build process. (jfclere/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47609">47609</a>: Provide fail-safe EOL conversion for build process.
+ Based on patches by sebb/kkolinko. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.21 (jfclere)"><!--()--></a><a name="Tomcat_6.0.21_(jfclere)"><strong>Tomcat 6.0.21 (jfclere)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.21 (jfclere)/Catalina"><!--()--></a><a name="Tomcat_6.0.21_(jfclere)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix issues with expression language when running under a
+ SecurityManager. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove duplicate mime-mapping entries in web.xml. Re-order entries
+ alphabetically to make it easier to identify duplicates. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Use a more sensible default (webapps) for a Host's appBase.
+ (markt/idarwin)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37794">37794</a>: Support the parsing of parameters from chunked POSTs.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37984">37984</a>: Strip {MD5} as well as {SHA} if present in digest
+ passwords in LDAP directories. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38352">38352</a>: Allow JSPs to write to the directory defined by
+ <code>javax.servlet.context.tempdir</code> when running under a security
+ manager. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39231">39231</a>: Call LoginContext.logout() when using JAAS realm and
+ session expires. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40380">40380</a>: Fix potential synchronization issue in
+ StandardSession.expire(). (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41059">41059</a>: Reduce chances of errors when ENABLE_CLEAR_REFERENCES
+ is used. Patch provided by Curt Arnold. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43343">43343</a>: Fix additional concurrency issues identified with the
+ persistent session manager. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44041">44041</a>: Fix threading issue in WebappClassLoader that can lead
+ to duplicate class definition under high load. (markt/fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44943">44943</a>: Use the same engine name in server.xml comments to
+ reduce copy and pastes issues. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45255">45255</a>: Provide protection against session fixation by
+ changing session ID automatically on authentication. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45403">45403</a>: Add additional checks on web application deployment
+ and do not swallow IO errors. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45785">45785</a>: Additional fix required for the extension validator.
+ Based on a patch by Rolf Wojtech. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46908">46908</a>: Try and support java encoding names when using an xml
+ parser provided via the endorsed mechanism. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46967">46967</a>: Better handling of errors when trying to use
+ Manager.randomFile. Based on a patch by Kirk Wolf. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47046">47046</a>: Unregister all MBeans, including when non-default
+ engine names are used. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Use native2ascii to ensure non-ASCII characters in property files are
+ handled correctly in all circumstances. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47050">47050</a>: Remove unnecessary filtering of error messages.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47080">47080</a>: Fix NPE in RealmBase when uri is null. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47158">47158</a>: Fix some thread safety issues in the AccessLogValve.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47228">47228</a>: Correct French translations. Patch provided by sebb.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47299">47299</a>: Simplify code and make embedding easier. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47316">47316</a>: Allow different values for Service name and Engine
+ name. This corrects a regression introduced by the fix for
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42707">42707</a>. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47343">47343</a>: Editing context.xml for a directory should not delete
+ the directory. This was a regression caused by the fix for
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42747">42747</a>. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47364">47364</a>: Improve Javadoc for
+ org.apache.catalina.connector.Request.getAttributeNames() to include
+ information on the handling of Tomcat's internal request attributes.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47451">47451</a>: Don't throw an NPE if the various response.setHeader()
+ methods are called with null header name, zero length header name or
+ null value. Silently ignore the calls in the same way they are ignored
+ if the response has already been committed. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47462">47462</a>: Allow individual web applications to override metadata
+ complete if set in the global web.xml. Patch provided by Keiichi Fujino.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47495">47495</a>: Provide a more meaningful error message is server.xml
+ is not readable and exit immediately if a server cannot be created.
+ (funkman/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47518">47518</a>: Correct reference in Valve Javadoc that referred to an
+ old method. Patch provided by Christopher Schultz. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47537">47537</a>: Return an error page rather than a zero length 200
+ response if the forward to the login or error page fails during FORM
+ authentication. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47718">47718</a>: Fix file descriptor leak on context stop/reload. Patch
+ provided by George Sexton. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47796">47796</a>: Fix OpenEJB integration. Reset annotation processor on
+ context stop. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47826">47826</a>: Correct error in debug message in
+ org.apache.catalina.Bootstrap (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47836">47836</a>: Clear cached TLD information on context reload.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47841">47841</a>: When using the CombinedRealm, if one of the nested
+ Realms fails to start, skip that Realm rather than preventing the
+ CombinedRealm from starting. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47881">47881</a>: Fix processing of startd and stopd arguments. Patch
+ provided by Qingyang Xu. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47918">47918</a>: Correct mbean descriptors for the host deployer. Patch
+ provided by Uwe Günther. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47930">47930</a>: Fix thread safety issues on session swap-in in the
+ persistent session manager. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47976">47976</a>: Correct usage message and Javadoc for
+ <code>org.apache.catalina.startup.Catalina</code>. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47997">47997</a>: Ensure the NamingContextListener applies to all naming
+ contexts, not just the global one. Patch provided by Michael Allman.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48049">48049</a>: Fix copy and paste error so
+ <code>NamingContext.destroySubContext()</code> works correctly.
+ Patch provided by gingyang.xu (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48097">48097</a>: Make WebappClassLoader to do not swallow
+ AccessControlException. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48097">48097</a>: Avoid throwing an AccessControlException which can
+ lead to a NoClassDefFoundError on first access of first jsp.
+ (kkolinko/markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48257">48257</a>: Correct error in Spanish translations. Patch provided
+ by Guillermo Gutiérrez. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48306">48306</a>, <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48307">48307</a>: Correct French translations. Patches
+ provided by Marc Paquette. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48322">48322</a>: Single quote characters are not HTTP separators and
+ should not be treated as such in the cookie handling. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48413">48413</a>: Correct some French translations. Patch provided by
+ André Warnier. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Deprecate the <code>caseSensitive</code> option on the
+ <code>StandardContext</code> which will be removed in Tomcat 7 onwards.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Log deployments consistently for WAR, directory and descriptor
+ deployments. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Better logging for parameter decoding issues to help identify broken
+ requests. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update Apache Commons Pool from 1.4 to 1.5.4. This update includes
+ various fixes to prevent deadlocks, reduces synchronization and makes
+ object allocation occur fairly - i.e. objects are allocated to threads
+ in the order that the threads request them. This update fixes a number
+ of issues in Tomcat's built-in copy of DBCP. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Allow log file encoding to be configured for JULI FileHandler. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Provide debug logging for JNDI lookups. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct JDBC driver de-registration on web application stop and fix NPE
+ that is exposed by the fix. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Ensure JDBC driver de-registration works with a security manager.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48214">48214</a>: Ensure JDBC driver de-registration is not too zealous.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Various JNDI realm improvements for Active Directory. These include the
+ ability to specify a default role, optional handling for nested roles
+ and an option to ignore PartialResultExceptions (markt).
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Expose Servlet Filters via JMX. Based on a patch by Xie Xiaodong as part
+ of GSOC2009. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Tomcat now uses the Platform MBean server by default so all MBeans
+ registered by Tomcat will be exposed via JMX (eg via JConsole) without
+ requiring any additional configuration. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ The JMX Remote Lifecycle Listener allows the ports used by JMX to be
+ fixed, making it easier to configure firewalls to all JMX traffic to
+ pass through. Part of the extras package. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Make context deployment error message for fixDocBase() more meaningful.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add an additional permission required by JULI when running under newer
+ JDKs and a security manager. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove unnecessary reference to tomcat-coyote.jar from the bootstrap JAR
+ manifest. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Use correct method to create URLs in VirtualWebappLoader. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Provide a new listener to protect against a memory leak caused by a
+ change in the Sun JRE from version 1.6.0_15 onwards. Also include
+ protection against locked JAR files, memory leaks triggered by
+ XML parsing and the GC Daemon. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Don't swallow exceptions in ApplicationContextFacade.doPrivileged()
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Close resource stream in WebappClassLoader after read error. (pero)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Include attribute name into the text of Non-serializable exception
+ that might be thrown by Session.setAttribute() in distributable
+ applications. (mturk)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add RemoteIpValve, a port of mod_remoteip. Patch provided by Cyrille Le
+ Clerc. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Allow per instance configuration of JULI or log4j for core Tomcat
+ logging when using CATALINA_BASE. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Prevent NPE in JULI during shutdown when resources try to log messages
+ after JULI has been shutdown. (fhanik/kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Make the JULI FileHandler easier to extend. (fhanik)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Make buffer size for FileHandler configurable. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Make JULI FileHandler thread safe. (fhanik)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Provide an option to disable buffering in the JULI FileHandler.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Ensure log messages are not lost on shutdown. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44679">44679</a>: Provide an option to allow the equals character in
+ unquoted cookie values. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add support for a connectionTimeout parameter to the JNDIRealm. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Various (un)deployment related improvements including better handling of
+ failed (un)deployment, additional checking for valid zip entries that
+ don't make sense in a WAR and improved validation of WAR file names.
+ (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.21 (jfclere)/Coyote"><!--()--></a><a name="Tomcat_6.0.21_(jfclere)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>Implement <code>socket.unlockTimeout</code> attribute for NIO connector.</td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update version of native bundled in Windows installer
+ to 1.1.18. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update minimum required version for native to 1.1.17. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46950">46950</a>: Fix doing SSL renegotiation when a resource with CLIENT-CERT
+ auth is requested. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Align tcnative native and Java method names. (rjung)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>Dont report thread count from connector if an external executor is used.</td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39637">39637</a>: Enable the AJP connectors to correctly handle client
+ certificate chains. Patch by Patrik Schnellmann. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46985">46985</a>: Clean up code and remove impossible condition.
+ (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47225">47225</a>: Fix error in calculation of a buffer length in the
+ mapper. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47320">47320</a>: Don't rely on the platform default encoding being
+ suitable to parse the session ID. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47499">47499</a>: Don't swallow bind exceptions. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47744">47744</a>: Prevent a medium term memory leak if using SSL with
+ the JSSE provider and also using a security manager. Based on a patch by
+ Greg Vanore. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47963">47963</a>: Ensure that any HTTP status messages are compliant
+ with RFC2616. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47987">47987</a>: Limit size of not found resources cache. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48009">48009</a>: Protect against the situation where editing a
+ context.xml file may result in the file disappearing for a very short
+ time. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Use correct connector attribute (SSLEnabled) rather than secure to
+ determine if SSL should be used. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Provide a workaround for CVE-2009-3555, the TLS renegotiation issue, for
+ the default Blocking IO Java connector.
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48252">48252</a>: Fix stack overflow exception when setting jkHome on
+ NIO connector. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48311">48311</a>: Only the APR lifecycle listener should try and
+ initialise APR. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.21 (jfclere)/Jasper"><!--()--></a><a name="Tomcat_6.0.21_(jfclere)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38797">38797</a>: Fix a regression in the previous patch for
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37933">37933</a>. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38897">38897</a>: Add uri of broken TLD to error message to aid
+ debugging. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41661">41661</a>: Fix thread safety issue with JspConfig.init() (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41824">41824</a>: Need to use canonical rather than binary form when
+ writing code. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42390">42390</a>: Fix compilation issue with some nested tag files and
+ simple tags. (kkolinko/markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43656">43656</a>: Correctly coerce <code>null</code> to zero when the
+ target type is <code>Number</code>. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46907">46907</a>: Don't swallow input stream when debug logging is
+ enabled. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47318">47318</a>: Process directives found in include preludes and
+ codas. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47331">47331</a>: Treat uninterpreted tags as template text for JSP.2.2.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47413">47413</a>: Ensure expressions of the form "${a}${b}"
+ are correctly coerced to String. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47453">47453</a>: Handle void return types for deferred methods.
+ (funkman)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Remove the code that auto-detects the value for compilerSourceVM,
+ compilerTargetVM options of Jasper, because we know that this version
+ of Tomcat cannot run on JDK 1.4 and thus the value is always "1.5".
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Change default values for JDK version compliance options of JspC
+ (-source and -target when running from command line)
+ to be "1.5", to be the same as the ones used by Jasper servlet.
+ (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Make constants in the TagHandlerPool really constant. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ When development mode is enabled and a JSP is deleted, ensure next
+ request for that JSP is consistent with the JSP having been removed.
+ (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48019">48019</a>: Be more careful about skipping content that does not
+ need to be parsed. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Better handling of exception in JSP if parsed JSP source is not
+ available. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.21 (jfclere)/Cluster"><!--()--></a><a name="Tomcat_6.0.21_(jfclere)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ DeltaSession needs endAccess so that CrossContext replication works. (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ DeltaManager needs to replicate changed attributes even if session
+ gets invalidated. Otherwise session listeners will not see the right
+ data on the secondary nodes. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Spurious startup errors during session transfer.
+ Sessions get transferred, but node still waits until timeout. (rjung)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Perform deserializtion events with context class loader. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47515">47515</a>: Correctly replicate timestamp during startup. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47478">47478</a>: Call replication listeners when using BackupManager. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47369">47369</a>: Reset data diff after replication. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40551">40551</a>: Enable the JvmRouteBinderValve to work with
+ PersistentManagers as well as clustering. Based on a patch by Chris
+ Chandler. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47342">47342</a>: Fix potential NPE on replicated context start. Patch
+ provided by Keiichi Fujino. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47389">47389</a>: DeltaManager doesn't do session replication if
+ notifySessionListenersOnReplication=false.
+ Patch by Keiichi Fujino. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47502">47502</a>: Don't replicate session attributes known not to be
+ serializable. (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47554">47554</a>: Include httpOnly attribute when re-writing session
+ cookie after fail over. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47799">47799</a>: Enable the domain to be configured for Membership and
+ DomainFilterInterceptor. Patch provided by Keiichi Fujino. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48113">48113</a>: Display IP addresses using 0 to 255 rather than -128
+ to +127. Based on a patch by Quintin Beukes. (fhanik/kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.21 (jfclere)/Web applications"><!--()--></a><a name="Tomcat_6.0.21_(jfclere)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41564">41564</a>: Add some documentation on installing Tomcat as a
+ service on operating systems with User Account Control, e.g. Vista.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47161">47161</a>: Report thread count correctly in Manager when exectors
+ are used and return -1 when it can not easily be determined. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47235">47235</a>: Remove use of autoReconnect from MySQL examples.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47324">47324</a>: Fix submit URL for session list page so it works
+ behind a reverse proxy. Patch provided by Maik Jablonski. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47425">47425</a>: Add crlFile attribute to the SSL configuration
+ documentation. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47444">47444</a>: Remove Jakarta references from the documentation.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47656">47656</a>: Add information to documentation on system property
+ replacement in configuration files. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47705">47705</a>: Fix division by zero error in the manager when trying
+ to expire sessions when the session timeout is set to infinite.
+ (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix display of session information pages of Manager application
+ in Internet Explorer. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Do not reuse windows (tabs) for session detail pages in Manager
+ application. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47769">47769</a>: Clarify the JNDI docs with repect to use of
+ <resource-ref> and related elements, specifically when they are
+ required and when they may be omitted. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=48381">48381</a>: Add information on how Tomcat treats host names to the
+ host configuration documentation. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.21 (jfclere)/Other"><!--()--></a><a name="Tomcat_6.0.21_(jfclere)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37847">37847</a>: Make location and filename of catalina.out configurable
+ in catalina.sh. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37848">37848</a>: Re-fix not outputting info messages when there is no
+ terminal. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39194">39194</a>: Make classpath configuration consistent in the startup
+ scripts. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update Tomcat Windows service application (procrun) to version 2.0.5.
+ It contains a fix for issue <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41538">41538</a> (mturk)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40786">40786</a>: Include 64-bit Windows service wrapper in
+ distributions. Update the Windows installer to automatically use the
+ correct binary on 64-bit machines. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update Windows Installer to use NSIS 2.45. They say that this version
+ provides support for the upcoming Microsoft Windows 7. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Don't add blank lines to end of files when fixing line-endings for
+ tar.gz distribution. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Use explicit encoding during filtering operations when building Tomcat
+ for distribution. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Remove references to unused commons-collections from the build scripts.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix download task check for commons-pool and commons-dbcp in the
+ build scripts. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Include deployer-howto.html into the deployer distributive. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47149">47149</a>: Build scripts: Explicitly specify encoding when
+ compiling. (kkolinko)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47267">47267</a>: Ensure release notes displayed by Windows installer
+ have CRLF line-endings regardless of which OS the install package is
+ built on. (markt/kkolinko)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Include NOTICE, LICENSE and manifest files in all Tomcat JARs and add a
+ mechanism to the build process to enable these files to be customised
+ per JAR as required. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47699">47699</a>: Provide better handling of PID files. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47824">47824</a>: Make Servlet API an optional dependency for JULI when
+ using Maven. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add support for per instance (using $CATALINA_BASE) log4j.properties
+ files, JDBC drivers etc by adding ${catalina.base}/lib and
+ ${catalina.base}/lib/*.jar to the start of the common loader class
+ path. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct CVE-2009-3548. When installed via the Windows installer and
+ using defaults, don't create an administrative user with a blank
+ password. Additionally, the administrative user is only created if the
+ manager or host-manager web applications are selected for installation.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Further improvements to the administrative user name and password
+ handling in the Windows installer. (kkolinko)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.20 (remm)"><!--()--></a><a name="Tomcat_6.0.20_(remm)"><strong>Tomcat 6.0.20 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2009-06-03</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.20 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.20_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42579">42579</a>: Handle both relative and absolute search results in
+ the JNDIRealm. Patch provided by Brandon DuRette. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46562">46562</a>: Close shtml files after processing to allow other
+ processes to modify the files. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46815">46815</a>: Make the MemoryUserDatabase read-only by default.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46816">46816</a>: Align session manager mbean descriptor with
+ implementation. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix a typo in the OPTIONS response from the default servlet. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46822">46822</a>: Remove unnecessary object creation from
+ StandardContext. Patch provided by Anthony Whitford. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46866">46866</a>: Better initialisation of Random objects. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46875">46875</a>: Catch and handle possible IllegalStateExceptions
+ in CometConnectionManagerValve related to session expiration. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct some errors reported when testing the WebDAV servlet with the
+ Litmus test suite. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46933">46933</a>: Update StringManager to use Java 5 features. Patch
+ provided by Jens Kapitza. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46990">46990</a>: Fix synchronization issues reported by FindBugs. Patch
+ provided by Sebb. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.20 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.20_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Allow huge request body packets for AJP13. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45026">45026</a>: Never return an empty HTTP status reason phrase.
+ mod_jk and httpd 2.x do not like that. (rjung)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Set remote port for AJP connectors from the optional request
+ attribute AJP_REMOTE_PORT. (rjung)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update tc-native to 1.1.16 (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46982">46982</a>: Correct reporting of DST offset in access logs.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46984">46984</a>: Invalid characters in HTTP request method now result
+ in a 400 response. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46991">46991</a>: Fix AJP connector always reporting bytes received as
+ zero. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.20 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.20_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37929">37929</a>: Fix invalidated session causing pageContext methods to
+ fail. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41606">41606</a>: Prevent double initialisation of JSPs. Patch provided
+ by Chris Halstead. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46354">46354</a>: ArrayIndexOutOfBoundsException when using
+ org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER=true
+ Patch provided by Konstantin Kolinko. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46909">46909</a>: Only include semi-colon in type attribute for
+ <jsp:plugin> when it is required. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=47013">47013</a>: Use system property rather than hard-coded string for
+ pre-compilation flag. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.20 (remm)/Cluster"><!--()--></a><a name="Tomcat_6.0.20_(remm)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ A node should ignore its own heartbeat messages. (rjung)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.20 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.20_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46509">46509</a>: Use correct link on error page in JSP security
+ example. Patch provided by Michael Moody. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46599">46599</a>: Document known DAEMON issue. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46807">46807</a>: Correct docs for configuration of tag pooling. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46924">46924</a>: Clarify behaviour when auto deployment is enabled and
+ a WAR, directory or context file is deleted or updated. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46958">46958</a>: All xml manager status output to work regardless of
+ context path. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.20 (remm)/Other"><!--()--></a><a name="Tomcat_6.0.20_(remm)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46351">46351</a>: Refactor the build script. Patch provided by Marc
+ Guillemot. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46910">46910</a>: Properties files corrupted by build process. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46915">46915</a>: When resolving ResourceBundle properties, don't claim
+ to have resolved the property unless we really have resolved it. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix .pdf and .exe corruption in -src.tar.gz distribution. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Enable running Tomcat directly from the build directory on linux
+ systems. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.19 (remm)"><!--()--></a><a name="Tomcat_6.0.19_(remm)"><strong>Tomcat 6.0.19 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.19 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.19_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Manager application prints FAIL if application was deployed but failed to start (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ When shutdown port is disabled, print user friendly message and not a stack trace. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37458">37458</a>: Correct sync issue that leads to NPE in rare
+ circumstances. Patch provided by Konstantin Kolinko. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38553">38553</a>: Return 401 rather than 400 if client does not present
+ a certificate CLIENT-CERT authentication. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38570">38570</a>: When checking docBase against appBase, make sure we
+ check for an exact match against the appBase. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39013">39013</a>: When testing for invalid docBase, test for an exact
+ match with the appBase dir. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39396">39396</a>: Don't include TRACE in OPTIONS response unless we
+ know it hasn't been disabled in the connector. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42747">42747</a>: Ensure context.xml takes effect on first deployment
+ for WAR and DIR deployments. context.xml is now copied to
+ CATALINA_BASE/<engine name>/<host name> for DIR as well as
+ WAR deployments. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43071">43071</a>: Start poller before acceptor (r719267)</td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Fix read/write timeout of async comet operations
+ (r719264)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Implement async close behaviour for Comet/NIO.
+ No-op for APR (same behavior as before)
+ (r719262)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Default thread count for HTTP connectors is 200. (r713186)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Comet should always invoke END and properly invoke READ (r713174)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix class cast exception when shutting down a replicated context but no cluster has been configured in server.xml (r713177)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Dererence socket when its no longer used. Frees up socket buffers and memory. No functional change. (r713175)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct wrong "No role found" debug message,
+ logged in RealmBase even if a role was found. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44809">44809</a>: Improve AprLifecycleListener Error Messages. (jfclere)</td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Log AccessControlException for context specific logging.properties
+ during startup with security manager. (rjung)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41407">41407</a>: Add CLIENT-CERT support to the JAAS Realm. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42409">42409</a>: Make custom and standard error page handling
+ consistent by using resetBuffer() which will not alter previously set
+ headers. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42673">42673</a>: Fix SSI virtual includes for multi-level contexts.
+ Patch provided by Peter Jodeleit. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42707">42707</a>: Make adding a host alias via JMX take effect
+ immediately. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43656">43656</a>: Correct regression in previous fix for this bug. Patch
+ provided by Nils Eckert. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45419">45419</a>: Set Accept-Ranges for static resources served by
+ DefaultServlet. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45441">45441</a>: Correctly map filters for FORWARD and INCLUDE. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45447">45447</a>: Convert Spanish resource files to use UTF-8 and provide
+ translations where previously missing. Patch provided by Jesus Marin.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45453">45453</a>: Remove potential race condition in JDBC Realm.
+ Based on a patch by Santtu Hyrkk. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45576">45576</a>: Add DIGEST support to the JAAS Realm. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45585">45585</a>: Allow Tomcat to start if using
+ <code>$CATALINA_BASE</code> but not JULI. Patch based on a suggestion by
+ Ian Ward Comfort. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ The JAAS Realm did not assign roles to authenticated users. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Provide full stacktrace and message when the ErrorReportValveClass can't
+ be instantiated. (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45608">45608</a>: Make allocated servlet count synchronized to ensure
+ the correct allocated servlet count is available during shutdown.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45628">45628</a>: When checking MANIFEST dependancies, JARs without
+ dependencies should allows be considered to be full-filled. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45735">45735</a>: Improve ETag handling. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45785">45785</a>: Ignore directories named xxx.jar in WEB-INF/lib.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45823">45823</a>: Log missing request headers as '-' not 'null'. Based
+ on a patch by Per Landberg. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45825">45825</a>: Correctly handle annotations in parent classes. Based
+ on a patch by Florent Benoit. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45906">45906</a>: Further ETag handling improvements. Patch provided by
+ Chris Hubick. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add the CombinedRealm that enables authentication to be attempted
+ against multiple realms. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add the LockOutRealm that enables a standard Realm to be wrapped with
+ the functionality to lock out a user after too many failed logins.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Make the upper size limit of the static resource cache configurable
+ since the default of <code>cacheMaxSize/20</code> gave too high a value
+ for large caches. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix HTML decoding error in SSI processing. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix cast error in JULI log factory. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix some thread safety issues in date formatting. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix a String comparison bug in the digester property replacement that
+ resulted in non-optimal operation. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct handle multi-level contexts defined using context.xml files.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45933">45933</a>: Don't use xml parser from web-app to process tld
+ files. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45951">45951</a>: Support changing of JSESSIONID cookie name and
+ jsessionid path parameter name. Based on a patch by Jean-frederic Clere.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46011">46011</a>: Make Principal accessible (if set) via
+ <code>Subject.getSubject(AccessController.getContext())</code> when
+ processing filters. Based on a patch by tsveg1. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46075">46075</a>: When uploading files, don't create buffers at the
+ maximum configured size. Use the default size and let the buffers grow
+ to the maximum size if necessary. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46085">46085</a>: Fix a rare thread safety issue with session
+ expiration. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46096">46096</a>: Support annotation processing whilst running under a
+ security manager. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ The invoker servlet has been deprecated and will be removed in Tomcat 7
+ onwards. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46105">46105</a>: Correctly set URI encoding when replaying a request
+ after FORM authentication. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove unnecessary reference to commons-logging from the bootstrap JAR
+ manifest. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46232">46232</a>: Enabled the XMl parser to be over-ridden using the
+ standard endorsed mechanism. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46261">46261</a>: Treat %2F in a context name literally rather than
+ converting it (inconsistently) to '/' - that is what '#' is for. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46298">46298</a>: Throw an SQLException with a useful message rather
+ than a NPE if the URL for the JDBCRealm is invalid. Based on a patch by
+ Owen Jacobson. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46304">46304</a>: Further fixes to make Principal accessible (if set)
+ via <code>Subject.getSubject(AccessController.getContext())</code> when
+ processing filters. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46403">46403</a>: Provide a workaround for an IE and Safari bug that
+ means the Max-Age attribute of a cookie is ignored. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46408">46408</a>: Fix invalid cast in security utility package. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove duplicate normalisation implementations and make normalise
+ behaviour consistent throughout code base. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46683">46683</a>: Fix typo in French localisation file name for the
+ org.apache.catalina.loader package. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46606">46606</a>: Make the max DEPTH for a WebDAV request configurable.
+ The default is still 3. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44382">44382</a>: Add support for using httpOnly for session cookies.
+ This is disabled by default. (markt/fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix possible NCDFE when using FORM authentication. (jfclere)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix possible synchronisation bottleneck in cookie creation. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix various spelling errors reported on the mailing lists. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Make the logging manager and properties file configurable via
+ environment variables. (fhanik)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.19 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.19_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45154">45154</a>:
+ Implement SEND_FILE behavior for SSL connections using NIO (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Fix file descriptor leak during NIO send file behavior. (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Implement usage of keyAlias attribute for NIO, previously attribute was ignored. (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Prevent server from calling close on an already closed NIO socket. One that had timed out. (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Fix bug with SEND_FILE behavior in NIO. Send file would delay until selector timed out, even though socket was ready to be written. (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Fix possible NPE in NioEndpoint.java (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update tc-native to 1.1.15 in build.properties.default (jfclere)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43327">43327</a>: Socket bind fails when using APR on a system with IPv6
+ enabled but no explicit IPv6 address configured. (markt/jfclere)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44285">44285</a>: Make the SSL session cache size and timeout
+ configurable. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45074">45074</a>: Add configuration parameters to enable the tuning
+ of sendfile and poller thread count in the APR HTTP connector. Patch
+ provided by Alex Barclay. (jfclere/markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45528">45528</a>: Add detection for invalid SSL configuration to prevent
+ infinite logging loop on start-up. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45591">45591</a>: NPE on start-up failure in some cases. Based on a
+ patch by Matt Passell. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46077">46077</a>: Expose deferAccept for configuration. Patch provided
+ by Michael Leinartas. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Don't swallow input if we know the connection is going to be closed. (billbarker)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46125">46125</a>: Return a status code of 400 if the request headers are
+ too large. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Make certain that classes are first loaded by trusted code when working in a sandbox. (billbarker)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Log a message if we reach maxThreads in a connector thread pool. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Enable the thread pool limits to be modified via JMX. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix HTTP/1.0 redirects handling with APR AJP connector. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46666">46666</a>: keepAliveTimeout should be used regardless of setting
+ of disableUploadTimeout. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.19 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.19_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=36923">36923</a>: Treat EL expressions as template text if EL
+ expressions are disabled. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37515">37515</a>: Support 1.6 and 1.7 as source and target for
+ compilation. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ ClassCastException in EL ExpressionBuilder. (rjung)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Use more generics in EL to improve type safety. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Use a lookahead to remove potential ambiguity in EL parsing. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct typo in JSP EL examples. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38197">38197</a>: Take account of jsp:attribute elements when pooling
+ tags. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42077">42077</a>: Ensure the iterator returned by
+ javax.el.CompositeELResolver#getFeatureDescriptor() skips any null
+ FeatureDescriptors. Patch provided by Mathias Broekelmann. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42693">42693</a>: Fix JSP generation error with recursive tag file
+ structure. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45427">45427</a>: Correctly handle unmatched quotes in EL expressions.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45511">45511</a>: The failure of the <code>empty</code> keyword was a
+ regression caused by the previous fix for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42565">42565</a>. The original
+ fix for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42565">42565</a> has been reverted and a new fix applied.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45648">45648</a>: Don't trim the last character when parsing the EL
+ namespace. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45666">45666</a>: Prevent infinite loop on include. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45691">45691</a>: Prevent generation of duplicate variable names when
+ generating code for JSPs. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct signed/unsigned conversion error in ASCII parsing. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix various edge-cases when parsing EL, particularly inside attribute
+ values. Note the the Expert Group has confirmed that JSP.1.6 takes
+ precedence over JSP.1.3.10. Therefore EL in attributes must be escaped
+ twice. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46047">46047</a>: Include the path to the JAR when recording
+ dependencies that are located inside a JAR file. Patch provided by
+ Cédric Mailleux. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46381">46381</a>: Composite expressions used for attribute values must
+ be coerced to Strings. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46397">46397</a>: Don't pool tag instances that implement JspIdConsumer.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46462">46462</a>: Limit package test to just the o.a.jsp package to
+ allow use of packages such as o.a.jspwiki. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46471">46471</a>: Fix naming clash when tags in different libraries have
+ the same name. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46564">46564</a>: Make page encoding check for tagx compilation
+ case-insensitive. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.19 (remm)/Cluster"><!--()--></a><a name="Tomcat_6.0.19_(remm)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Prevent NPE for ReplicationValve (pero)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Provide TCP only start-up option when using static membership. (fhanik)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Document the multicast recovery options. (fhanik)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45261">45261</a>: Add a new SimpleCoordinator for tribes provided by
+ Robert Newson. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45618">45618</a>: Make sure NIO selector is closed when no longer used.
+ Unlikely to be an issue in normal usage. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45851">45851</a>: Fix out of order message processing issues with the
+ FarmWarDeployer. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix small memory leak in FarmWarDeployer. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46357">46357</a>: Corrected test for host's parent must be an engine.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix so that JvmrouteBinderValve can rewrite session suffix with parallel
+ requests from same client. (pero)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.19 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.19_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45940">45940</a>: Correct name of username attribute for JDBC resources
+ in JNDI how to. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46035">46035</a>: Fix multiple typos in monitoring how to. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46067">46067</a>: Fix typos in Advanced IO how to. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46115">46115</a>: Correct Manager UI to show that path is required when
+ using the deploy command. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46121">46121</a>: Add note to manager documentation regarding possible
+ naming clash with new Ant 1.7 resources datatype and how to avoid it.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove unsed parameters from Native/APR example connector configuration
+ in docs. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Use CSS based solution for printer-friendly docs. Patch provided by
+ vitezslav.smid as part of GSoc with additional work by Tim Funk. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Update the FAQ linsk in the docs to refer to the wiki. Use xlst task
+ rather than style task to generate docs. (funkman/markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Document the LifecycleListeners. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix broken URL mapping in the examples. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46563">46563</a>: Update doc for correct default for pollerThreadCount.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46600">46600</a>: Document maxKeepAliveRequests for the NIO connector.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix CVE-2009-0781. XSS in calendar example. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.19 (remm)/Other"><!--()--></a><a name="Tomcat_6.0.19_(remm)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41861">41861</a>: Update service name to Apache Tomcat 6 to prevent
+ conflicts with previous major Tomcat versions. (markt/rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45852">45852</a>: Add special handling for cp932 (aka ms932) when
+ creating tomcat-users.xml with Windows installer. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45878">45878</a>: Restore manifest, licence and notice files to the jsp
+ and servlet jars. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45879">45879</a>: Move NOTICE file from documentation webapp to the
+ installation directory. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add a workaround for DBCP-191. Tomcat will now build without error on a
+ 1.6 JDK but because it does this by skipping DBCP, release builds must
+ be generated with a 1.5 JDK. (costin/markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=46366">46366</a>: Correct information in RUNNING.txt regarding use of
+ CATALINA_HOME and CATALINA_BASE. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Use more useful JPDA defaults in catalina.bat. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct error in 2.5 web-app XSD.
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.18 (remm)"><!--()--></a><a name="Tomcat_6.0.18_(remm)"><strong>Tomcat 6.0.18 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2008-07-31</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.18 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.18_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42727">42727</a>: Correctly handle request lines that are exact
+ multiples of 4096 in length. Patch provided by Will Pugh. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42678">42678</a>: Only ignore docBase if it really is a subdir of
+ appBase. Patch provided by juergen. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42722">42722</a>: Possible NPE in CGI Servlet. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45285">45285</a>: Look for annotations in class hierarchy. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add additional checks for URI normalization. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.18 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.18_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42565">42565</a>: Make EL ternary expression without space before colon
+ work. Patch provided by Lucas Galfaso. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.18 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.18_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45323">45323</a>: Add note that context.xml files can only contain a
+ single Context element. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.18 (remm)/Cluster"><!--()--></a><a name="Tomcat_6.0.18_(remm)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45317">45317</a>: Properly document and log the value of the state transfer timeout flag (fhanik)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.18 (remm)/Other"><!--()--></a><a name="Tomcat_6.0.18_(remm)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45332">45332</a>: Specify the correct encoding (the current Windows code
+ page) rather than assuming UTF-8 when creating tomcat-users.xml with the
+ Windows installer. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.17 (remm)"><!--()--></a><a name="Tomcat_6.0.17_(remm)"><strong>Tomcat 6.0.17 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.17 (remm)/General"><!--()--></a><a name="Tomcat_6.0.17_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45315">45315</a>: Add Unix support for NSIS. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.17 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.17_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45272">45272</a>: Put in work around for Internet Explorer not accepting a quoted Path: value using the Set-Cookie header (fhanik)</td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ APR connector now adds connection to poller after using send file.
+ (remm)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Add ManagerBase session getLastAccessedTimestamp and
+ getCreationTimestamp for better remote JMX access. (pero)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Expose alwaysSend flag for message dispatch interceptor. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=29936">29936</a>: Create digesters and parsers earlier so we aren't
+ using the webapp class loader when we create them. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42662">42662</a>: Properly resolve reflection proxies during session
+ replication. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42750">42750</a>: Request line should be tolerant of multiple
+ whitespaces. (markt/fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42934">42934</a>: Change the order of events on context start so
+ <code>contextInitialized()</code> event is fired before
+ <code>sessionDidActivate()</code>. The spec isn't 100% clear on the
+ required order but this seems more logical than the current behaviour.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43079">43079</a>: Fix identification of suspicious URL patterns. Patch
+ provided by John Kew. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43080">43080</a>: Log suspicious URL patterns to the correct web app.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43117">43117</a>: Setting an empty workDir could result in all of
+ CATALINA_HOME being deleted. Patch provided by Takayuki Kaneko. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43142">43142</a>: Don't assume a directory named xxx.war is a war file.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43150">43150</a>: Allow Tomcat to start correctly when installed on a
+ path that contains a # character. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ The fix for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43285">43285</a> had the side-effect of coercing
+ <code>null</code> values to zero. This side-effect has been made
+ configurable with a system property,
+ <code>org.apache.el.parser.COERCE_TO_ZERO</code> which defaults to
+ <code>true</code>. Patch provided by Nils Eckert. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43343">43343</a>: Correctly handle requesting a session we are in the
+ middle of persisting. Based on a suggestion by Wade Chandler. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43425">43425</a>: Make annotations spec compliant. Patch provided by
+ Dain Sundstrom. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43470">43470</a>: Fix various class cast exceptions. Based on a patch
+ by Lucas Galfaso. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43578">43578</a>: Fix startup when installation path contains a space.
+ Patch provided by Ray Sauers. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43683">43683</a>: Fix 404 that could occur if a Servlet is accessed
+ while the context is reloading. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>ExtendedAccessLogValve cs-uri not print empty querystring. (pero)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ ServletContext.getResource("noslash/resource") only requires forward
+ slash if STRICT_SERVLET_COMPLIANCE flag is set to true. This mimics the
+ behavior of 6.0.15 and earlier. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44021">44021</a>: Add support for using the # character to define
+ multi-level contexts in WARs and directories in the appBase. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44282">44282</a>: Fix TRACE level class loader logging message when a
+ security manager is used. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44337">44337</a>: Dir listing crashes if no readme-file present.
+ (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ If listener declared in web.xml, only add it once. (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix NPE when iterating through sessions for expiration. (fhanik/jim)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44380">44380</a>: Don't scan non-file URLs for TLDs. Patch provided by
+ Florent Benoit. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44389">44389</a>: Fix memory leak that occurred if using a
+ RequestDispatcher. Patch provided by Arto Huusko. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44529">44529</a>: Correct handling of resource constraints so no roles
+ (deny all) overrides no aoth-constraint (allow all). (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44562">44562</a>: HEAD requests cannot use includes. Patch provided by
+ David Jencks. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44595">44595</a>: Add possibility to request the QueueSize of an
+ executor via JMX. (jfclere)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix CGI Servlet so it correctly reads the environment variables on
+ Vista. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44611">44611</a>: DirContextURLConnection didn't implement
+ getHeaderFields(), getHeaderField(String name) was case sensitive and
+ returned "" rather than null for header values that did not exist. Patch
+ provided by Chris Hubick. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44633">44633</a>: Provide a more helpful error message if a class can't
+ be loaded due to a version error. (rjung/markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44646">44646</a>: Correct various issues, including an ISE, in
+ CometConnectionManagerValve. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44673">44673</a>: ServletInputStream is no longer readable once closed.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Better handling of lack of permission for context specific logging.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add permission required to read JDK logging config. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Update web.xml to reflect packaging of SSI and CGI. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add missing access check for ThreadWithAttributes. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44833">44833</a>: Correctly override StandardSession methods from
+ DeltaSession. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44943">44943</a>: Use the same engine name in server.xml comments to
+ reduce copy and pastes issues. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44988">44988</a>: Use Java5 syntax for debug options. Patch provided
+ by Cédrik Lime. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45101">45101</a>: Format header dates obtained from
+ <code>DirContextURLConnection</code> as per the HTTP spec. Patch
+ provided by Chris Hubick. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ A new valve, <code>org.apache.catalina.valves.WebdavFixValve</code>,
+ that forces MS clients connecting to the WebDAV Servlet on port 80 to
+ use a client that works rather than the default broken one. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45195">45195</a>: Passing in null into setAttribute or removeAttribute
+ cause NPE. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.17 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.17_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ NIO: Fix bug in NIO sendfile, symptoms during heavy traffic is that
+ connection don't get closed. For previous versions, one can disable
+ sendfile to work around the problem. (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ APR: Allow to specify the "random device" to use to collect the entropy.
+ (jfclere)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Fix NIO/SSL live lock during client disconnect. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix possible ArrayIndexOutOfBoundsException. Patch provided by Charles R
+ Caldarale. (markt/jim)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Add support for keystore types that do not need a file. Based on a patch
+ by Bruno Harbulot. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43094">43094</a>: Allow specification of keystore providers. Based on a
+ patch by Bruno Harbulot. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43191">43191</a>: Make it possible to override the defaults with the
+ compressableMimeType attribute. Based on a patch by Len Popp. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44391">44391</a>: Correct handling of escaped values in SSI processing.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44392">44392</a>: HTML entities now handled correctly in SSI processing.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44558">44558</a>: Improve error message so address is included if
+ binding fails. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44494">44494</a>: Character input limited to 8KB. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44620">44620</a>: Infinite loop in NIO connector. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44785">44785</a>: Correctly document default maxThreads for AJP
+ connector. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Log errors for AJP signoffs at DEBUG level,
+ since it is harmless if mod_jk has hung up the phone. (billbarker)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44968">44968</a>: Provide more information when the load of a keystore
+ fails. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.17 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.17_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=31257">31257</a>: Quote endorsed dirs if they contain a space. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42943">42943</a>: Make sure nested element is inside <jsp:text>
+ element before throwing exception. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43617">43617</a>: Correctly escape attribute values in tag files.
+ Based on a patch by Lucas Galfaso. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43656">43656</a>: Fix various numeric coercion bugs. Includes a patch by
+ Nils Eckert and fixes related issues identified in a test case provided
+ by Konstantin Kolinko. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43741">43741</a>: Correctly handle dependencies for tag files in JARs.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44408">44408</a>: Reduce synchronisation when evaluating EL expressions.
+ Patch provided by Robert Andersson. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44428">44428</a>: Fix possible NPE during serialization. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44766">44766</a>: EL doesn't coerce custom Number subclasses. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44877">44877</a>: Prevent collisions on tag pool names. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44986">44986</a>: Make page encoding consistency checks
+ case-insensitive. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44994">44994</a>: Enable nested conditional expressions in JSP EL. Patch
+ provided by James Manger. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45015">45015</a>: You can't use an unescaped quote if you quote the
+ value with that character. (markt/fhanik)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add HTML filtering of error messages for included resources in case the
+ app has tried to include an unsafe URL that does not exist. This is
+ really an app responsibility but the filtering has been added for XSS
+ safety. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.17 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.17_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update documentation to use correct version number, correct file paths
+ and to use $CATALINA_BASE rather than $CATALINA_HOME where applicable.
+ (markt/jim)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add a section on available system property configuration options.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Amend the JNDI datasource doc to reflect new value for no limit used by
+ updated commons-pool and commons-DBCP. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43333">43333</a>: Fix errors in sendfile documentation. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43366">43366</a>: Provide backwards compatibility for manager sessions
+ command. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44541">44541</a>: Document packetSize attribute for AJP connector.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44715">44715</a>: Document secret attribute for AJP connector. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix some links in the ROOT application that are broken if ROOT is
+ renamed. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Align the Realm documentation so that both the configuration and the
+ how-to are consistent. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45277">45277</a>: Fix typo in logging docs. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.17 (remm)/Cluster"><!--()--></a><a name="Tomcat_6.0.17_(remm)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45212">45212</a>: AbstractReplicatedMap.entrySet() now returns entries
+ rather than vaules. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=45279">45279</a>: Properly close multicast socket.</td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Fix session replication dead lock during non sticky load balancing.
+ (fhanik)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.17 (remm)/Other"><!--()--></a><a name="Tomcat_6.0.17_(remm)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Improve the Tests for unit tests for the cookie issues. (jfclere)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix build for JavaDoc. Patch provided by Stephen Bannasch. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44955">44955</a>: Use correct location for endorsed directory in Windows
+ installer. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.16 (remm)"><!--()--></a><a name="Tomcat_6.0.16_(remm)"><strong>Tomcat 6.0.16 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2008-02-08</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.16 (remm)/General"><!--()--></a><a name="Tomcat_6.0.16_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update commons-logging to version 1.1.1 and the NSIS installer to 2.34.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update to commons-pool version 1.4, native version 1.1.12 and update
+ the download location for the commons libraries. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Change chunked input parsing, always parse CRLF directly after a chunk has been
+ received, except if data is not available. If data is not available for CRLF
+ parsing, we run into BZ 11117, and must defer the parsing of CRLF to the next read event.
+ This fixes the incorrect blocking when using CometProcessor and the draining data during the READ event
+ where it before would block incorrectly waiting for the next chunk (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ The CometProcessor interface now extends the javax.servlet.Servlet interface(fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix CVE-2007-5342 by limiting permissions granted to JULI. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Fix handling of CometEvent.close when called during BEGIN event (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43594">43594</a>: Use setenv from CATALINA_BASE (if set) in preference
+ to the one in CATALINA_HOME. Patch provided by Shaddy Baddah.
+ (markt/jim)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43692">43692</a>: Clean up unused entries from build scripts. Patch
+ provided by Paul Shemansky. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43775">43775</a>: Don't try to change line endings of binary files in
+ the source distribution. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43846">43846</a>:
+ Fix block simulated read and writes causing timeouts.
+ Add non blocking parsing of HTTP request headers.
+ Perf improvements(fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43957">43957</a>: Service.bat doesn't configure logging correctly. Patch
+ provided by Richard Fearn. (markt/jim)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Cookie handling/parsing changes!
+ The following behavior has been changed with regards to Tomcat's cookie handling
+ a) Cookies containing control characters, except 0x09(HT), are rejected using an InvalidArgumentException <br>
+ b) If cookies are not quoted, they will be quoted if they contain tspecials(ver0), tspecials2(ver1) characters<br>
+ c) Escape character '\\' is allowed and respected as a escape character, will be unescaped during parsing
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Cookie parsing of $Version regression from 6.0.15 has been fixed
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ The script that builds the windows installer was including additional
+ files due to the way it processes recurrsive file selectors. The
+ selectors have been modified to only include the intended files. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.16 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.16_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix ManagerServlet.expireSessions throws Exceptions as iterate longer
+ session lists at production servers. (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38131">38131</a>: WatchedResource doesn't work if app is outside host appbase webapps.
+ Patch provided by Peter Lynch (pero)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>Add -Dorg.apache.catalina.tribes.dns_lookups=false as default. The ability to turn off reverse DNS lookups for membership.(fhanik)</td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Set correct StandardManager.sessionCounter after reload/restart. (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42503">42503</a>: ServletContext.getResourceAsStream() could return
+ stale data. Patch provided by Arvind Srinivasan. (funkman/jim)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43236">43236</a>: When resetting the response, also reset the flags
+ associated with using a writer or an output stream to allow the user to
+ change character set after the reset. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43241">43241</a>: Make ServletContext.getResourceAsStream() conform to
+ the specification. Patch provided by John Kew. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43530">43530</a>: doc link fixes provided by Paul Shemansky (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43675">43675</a>: Fix a possible logging related classloader leak.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43687">43687</a>: Remove conditional headers on Form Auth replay,
+ since the UA (esp. FireFox) isn't expecting it.
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43706">43706</a>: WebDAV copy/move now returns 201 on success. Based on
+ a patch by Panagiotis Astithas. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43840">43840</a>: Include user principal if possible when serializing /
+ de-serializing sessions. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43868">43868</a>: MBean methods getInvoke and getSetter were broken.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43887">43887</a>: Make error messages much more helpful when illegal
+ Servlet names are used. Based on a patch provided by Mike Baranczak.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix a bug that causes CGI Servlet to fail when it is included. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Improve the webDAV Servlet Javadocs to make clear that the WebDAV
+ Servlet can not be used as the default servlet. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43993">43993</a>: mime mapping for WS-Policy. Patch by Fabian Ritzmann (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44041">44041</a>: Fix duplicate class definition under load. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44084">44084</a>: JASSRealm was broken for application provided
+ Principals. Patch provided by Noah Levitt. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44223">44223</a>: Use the javax.net.ssl.trustStoreType setting if no
+ explicit connector configuration is provided and the property is set.
+ (markt/jim)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44268">44268</a>: Log a warning if a duplicate listener configuration is
+ ignored. (markt/jim)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.16 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.16_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43622">43622</a>: Don't overwrite the min compression size set by the
+ compression attribute with the default. (markt/jim)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43839">43839</a>: URL based session tracking failed when a session
+ cookie from a parent context was present. Based on a patch by Yuan
+ Qingyun. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43914">43914</a>: URLs in location headers should be encoded. Patch
+ provided by Ivan Todoroski. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.16 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.16_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43285">43285</a>: Missing EL Coercion causes argument type mismatch.
+ Patch provided by Bernhard Huemer. (funkman/jim)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43675">43675</a>: Fix a possible logging related classloader leak.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43702">43702</a>: Inner class files have unnecessarily long names.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43743">43743</a>: Fix NPE when compiling nest tag files packaged in a
+ JAR. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43757">43757</a>: Rather than use string matching to work out the line
+ in the JSP with the error, use the SMAP info and the knowledge that for
+ a scriptlet there is a one to one line mapping. (markt/jim)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43758">43758</a>: Fix NPE when scripting elements are empty. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43909">43909</a>: Make sure locale maps to wrapped ELContext. Patch
+ provided by Tuomas Kiviaho. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43944">43944</a>: Fix a missing resource exception. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve docs for Jasper configuration. Put options in alphabetcial
+ order, add some missing options, deprecate an unused one and address
+ feedback about the page provided on the users list.
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.16 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.16_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43173">43173</a>: Fix typo in logging documentation regarding location
+ of logging.properties. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43344">43344</a>: Fix typo in if.jsp example. Patch provided by Tim
+ Nowaczyk. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43468">43468</a>: Fix possible NPE when listing contexts in the Manager
+ application. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43515">43515</a>: Fix bug in Manager application that may have caused
+ problems when listing contexts. Patch provided by Lucas Galfaso. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43611">43611</a>: Provide an error message if user tries to upload a war
+ for a context defined in server.xml rather than failing silently.
+ (markt/jim)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43800">43800</a>: Make relationship between APR and the native connector
+ clearer. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44088">44088</a>: Fix expire session button in manager. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=44094">44094</a>: Add a note about the side effects of configuring a
+ context as privileged. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update JNDI documentation to refer to configuring contexts via
+ context.xml rather than server.xml. (markt/jim)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.16 (remm)/Cluster"><!--()--></a><a name="Tomcat_6.0.16_(remm)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix FarmWarDeployer can be only configured as host subelement (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix wrong && at ReplicationValve (pero)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Add get/set methods for properties in the Tcp Failure detector.
+ (fhanik/jim)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.15 (remm)"><!--()--></a><a name="Tomcat_6.0.15_(remm)"><strong>Tomcat 6.0.15 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.15 (remm)/General"><!--()--></a><a name="Tomcat_6.0.15_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>Fix the MD5 file contents in distribution</td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Add ANT script to be able to publish signed Tomcat JAR's to ASF Maven repo (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Use Eclipse JDT 3.3.1. (pero)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.15 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.15_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>Guess java location from the PATH environment and improve fix for 37284</td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>Add NIO connector to server.xml parsing warning, remove Connector as exception case</td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43653">43653</a>: Fix SSL buffer mixup when response is unable to write more than socket buffer can handle</td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43643">43643</a>: If connector doesn't support external executor, display warning</td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43641">43641</a>: Property bind multicast address for cluster membership</td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42693">42693</a>: Fix JSP compiler bug</td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>Add mbean descriptor for virtual webapp loader</td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td><a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43487">43487</a>:
+ Fix request processing stats
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43435">43435</a>: Don't iterate and relocate sessions if they are not part of the map.
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43356">43356</a>: Keystore parameter is relative to CATALINA_BASE,
+ Truststore is either defined as parameter, javax.net.ssl.trustStore or if empty
+ defaults to the keystore.
+ SSL Client cert authentication changed from boolean to "true|false|want" (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=30949">30949</a>: Improve previous fix. Ensure requests are re-cycled
+ on cross-context includes and forwards when an exception occurs in the
+ target page. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42944">42944</a>: Correctly handle servlet mappings that use a '+'
+ character as part of the url pattern. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42951">42951</a>: Don't use CATALINA_OPTS when stopping Tomcat. This
+ allows options for starting and stopping to be set on JAVA_OPTS and
+ options for starting only to be set on CATALINA_OPTS. Without this
+ fix, some startup options (eg the port for remote JMX) would cause
+ stop to fail. Based on a fix suggested by Michael Vorburger.
+ Port of r454193 (<a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=36976">36976</a>) from Tomcat 5.5.x. (markt,rjung)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Validation of attributes and elements used in server.xml. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43175">43175</a>: Fix typos in servlet XSD files. Patch provided by
+ Takayuki Kaneko. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43216">43216</a>: Set correct StandardSession#accessCount as StandardSession.ACTIVITY_CHECK is true.
+ Patch provided by Takayuki Kaneko (pero)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Made session createTime accessible for all SessionManager via JMX (pero)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43129">43129</a>: Support logging of all response header values at AccessLogValve (ex. add %{Set-Cookie}o to your pattern). (pero)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Support logging of all response header values at ExtendedAccessLogValve (ex. add x-O(Set-Cookie) to your pattern). (pero)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Support logging of current thread name at AccessLogValve (ex. add %I to your pattern).
+ Usefull to compare access logging entry later with a stacktraces. (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve large-file support (more then 4 Gb) at all AccessLogValves, backport from 5.5.25. (pero)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Optimized JDBCAccessLogValve combined pattern request attribute access. (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ o.a.juli.ClassLoaderLogManager handle more then one system property replacement at file logging.properties. (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43338">43338</a>: Support '*' servlet-name mapping at filter-mapping.
+ Patch provided by Keiichi Fujino. (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41797">41797</a>: CNFE/NPE thrown from function mapper when externalizing
+ Patch by Tuomas Kiviaho- tuomas.kiviahos at ikis fi (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43453">43453</a>: ClassCastException at
+ org.apache.catalina.core.StandardContext.findStatusPage(int)
+ (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix important vulnerability when webdav is enabled for write. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Call stopAwait in StandardServer.stop if port == -1. (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43668">43668</a>: Fix NPE when the outer most wrapper is a ServletRequest/ResponseWrapper, but not a HttpServletRequest/ResponseWrapper on a Forward. (billbarker)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.15 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.15_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Harmonize with HTTP java.io code. Otherwise the socket is not closed.
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ In the APR connector, start accepting connections after fully starting
+ the connector, to prevent possible exceptions due to non initialized fields. (remm)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Cookie parser refactoring, submitted by John Kew. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Make cookie escaping / unescaping consistent. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43479">43479</a>: Memory leak cleaning up sendfile connections, submitted by Chris Elving. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42925">42925</a>: Add maintain for sendfile. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix explicit flush before response commit in the org.apache.jk AJP connector. (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=43621">43621</a>: Fix possible Dos condition when using the experimental NIO/AJP Connector (billbarker)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.15 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.15_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37326">37326</a>: No error reported when an included page does not
+ exist. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.15 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.15_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix WebDAV Servlet so it works correctly with MS clients. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix CVE-2007-5461, an important information disclosure vulnerability in
+ the WebDAV Servlet. Based on a patch by Marc Schoenefeld. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42979">42979</a>: Update sample.war to include recent security fixes
+ in the source code. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Minor connector doc fix. (jfclere)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.15 (remm)/Cluster"><!--()--></a><a name="Tomcat_6.0.15_(remm)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Set correct BioReceiver transfer buffer size. (pero)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.15 (remm)/Other"><!--()--></a><a name="Tomcat_6.0.15_(remm)/Other"><strong>Other</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Tests for unit tests for the cookie issues. (jfclere)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.14 (remm)"><!--()--></a><a name="Tomcat_6.0.14_(remm)"><strong>Tomcat 6.0.14 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2007-08-13</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.14 (remm)/General"><!--()--></a><a name="Tomcat_6.0.14_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="docs" class="icon" src="./images/docs.gif"></td><td>
+ Correct j.u.l log levels in JULI docs. (rjung)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.14 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.14_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Handle special case of ROOT when re-loading webapp after ROOT.xml has
+ been modified. In some circumstances the reloaded ROOT webapp had no
+ associated resources. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove invalid attribute "encoding" of MBean MemoryUserDatabase,
+ which lead to errors in the manager webapp JMXProxy output. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=33774">33774</a>: Retry JNDI authentiction on ServiceUnavailableException
+ as at least one provider throws this after an idle connection has been
+ closed. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39875">39875</a>: Fix BPE in RealmBase.init(). Port of yoavs's fix from
+ Tomcat 5. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41722">41722</a>: Make the role-link element optional (as required by
+ the spec) when using a security-role-ref element. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42361">42361</a>: Handle multi-part forms when saving requests during
+ FORM authentication process. Patch provided by Peter Runge. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42401">42401</a>: Update RUNNING.txt with better JRE/JDK information.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42444">42444</a>: prevent NPE for AccessLogValve
+ Patch provided by Nils Hammar (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42449">42449</a>:
+ JNDIRealm does not catch NullPointerException for Sun's
+ LDAP provider (See bug for details) (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42497">42497</a>: Ensure ETag header is present in a 304 response.
+ Patch provided by Len Popp. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix XSS security vulnerability (CVE-2007-2450) in the Manager and Host
+ Manager. Reported by Daiki Fukumori. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42547">42547</a>: Fix NPE when a ResourceLink in context.xml tries to
+ override an env-entry in web.xml. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Avoid some casting in ErrorReportValve (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix persistence API annotation, submitted by Bill Burke (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ In Comet mode, if bytes are not read, send an error event (otherwise,
+ fields referring to the connection could remain) (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix Comet when running Tomcat with the security manager (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.14 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.14_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39425">39425</a>: Add additional system property permission to
+ catalina.policy for pre-compiled JSPs. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42438">42438</a>: Duplicate temporary variables were created when
+ jsp:attribute was used in conjunction with custom tags. Patch provided
+ by Brian Lenz. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42643">42643</a>: Prevent creation of duplicate JSP function mapper
+ variables. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.14 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.14_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Separate sequence increment from getter in ThreadPool to avoid
+ misleading increments during monitoring via JMX. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add back missing socketBuffer attribute in the java.io HTTP connector (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.14 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.14_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Don't write error on System.out, use log() instead. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39813">39813</a>: Correct handling of new line characters in JMX
+ attributes. Patch provided by R Bramley. Ported from tc5.5.x r415029. (markt,rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42459">42459</a>: Fix Tomcat Web Application Manager table error. (rjung)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix XSS security vulnerabilities (CVE-2007-2449) in the examples.
+ Reported by Toshiharu Sugiyama. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.13 (remm)"><!--()--></a><a name="Tomcat_6.0.13_(remm)"><strong>Tomcat 6.0.13 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2007-05-15</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.13 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.13_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ More accurate available() method. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add recycle check in the event object, since it is a facade like the others. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ When processing a read event, enforce that the servlet consumes all available bytes. (remm)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Add a flag in ContainerBase which could be used in embedded scenarios to avoid a double start
+ of contexts (this problem generally occurs when adding contexts to a started host). (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42309">42309</a>: Ability to create a connector using a custom protocol specification for embedded.
+ (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add SSL engine flag to AprLifecycleListener. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Improve event processing, so that an END event is generated when encountering EOF, and an
+ ERROR is always generated on client disconnects. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add declarations for the new XSD files. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.13 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.13_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add heartbeatBackgroundEnabled flag to SimpleTcpCluster.
+ Enable this flag don't forget to disable the channel heartbeat thread (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Possible memory leak when using comet, caused by adding the socket to the poller before
+ cleaning up the connection tracking structure. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42308">42308</a>: nextRequest recycles the request, which caused issues with statistics. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix non recycled comet flag in the APR connector. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.13 (remm)/Cluster"><!--()--></a><a name="Tomcat_6.0.13_(remm)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add heartbeatBackgroundEnabled flag to SimpleTcpCluster.
+ Enable this flag don't forget to disable the channel heartbeat thread (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Method name cleanup. (fhanik)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.13 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.13_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Some examples webapp fixes. Submitted by Frank McCown. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.12 (remm)"><!--()--></a><a name="Tomcat_6.0.12_(remm)"><strong>Tomcat 6.0.12 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.12 (remm)/General"><!--()--></a><a name="Tomcat_6.0.12_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ License source headers. Submitted by Niall Pemberton. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.12 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.12_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42039">42039</a>: Log a stack trace if a servlet throws an
+ UnavailableException. Patch provided by Kawasima Kazuh. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41990">41990</a>: Add some additional mime-type mappings. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41655">41655</a>: Fix message translations. Japanese translations
+ provided by Suzuki Yuichiro. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add enabled attribute to AccessLogValve (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42085">42085</a>: Avoid adding handlers for the root logger twice when they are explicitly
+ specified. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Reduce thread local manipulation in the request dispatcher. Submitted by
+ Arvind Srinivasan. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Avoid keeping references to loggers tied to the webapp classloaders after a reload in
+ a couple more places. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42202">42202</a>: Fix container parsing of TLDs in webapps when Tomcat is installed in
+ a URL encodable path. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.12 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.12_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42119">42119</a>: Fix return value for request.getCharacterEncoding() when
+ Content-Type headers contain parameters other than charset. Patch by
+ Leigh L Klotz Jr. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Move away from using a thread local processor for the APR and java.io
+ connectors, as this does not work well when using an executor. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove Comet timeout hack in the APR connector. Comet connections will now
+ use the regular timeout or the keepalive timeout if specified. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.12 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.12_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42025">42025</a>: Update valve documentation to refer to correct regular
+ expression implementation. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix various paths in the manager webapps (remm)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Session viewer and editor for the HTML manager. Submitted by Cédrik Lime. (remm)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Session handling tools for the manager. Submitted by Rainer Jung. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.12 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.12_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41869">41869</a>: TagData.getAttribute() should return
+ TagData.REQUEST_TIME_VALUE when the attribute value is an EL expression.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42071">42071</a>: Fix IllegalStateException on multiple requests to
+ an unavailable JSP. Patch provided by Kawasima Kazuh. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ After a JSP throws an UnavailableException allow it to be accessed once
+ the unavailable period has expired. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.12 (remm)/Cluster"><!--()--></a><a name="Tomcat_6.0.12_(remm)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add toString method to better logging session replication message at tribes MESSAGES (pero)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.11 (remm)"><!--()--></a><a name="Tomcat_6.0.11_(remm)"><strong>Tomcat 6.0.11 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.11 (remm)/General"><!--()--></a><a name="Tomcat_6.0.11_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update DBCP to 1.2.2, pool to 1.3, JDT to 3.2.2 and remove collections
+ build dependency (pero, remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.11 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.11_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Don't log pattern subtoken at ExtendedAccesLogValve (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add some missing JMX attributes for new AccessLogValve (pero)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41786">41786</a>: Incorrect reference to catalina_home in catalina.sh/bat Patch provided by Mike Hanafey (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41703">41703</a>: SingleSignOnMessage invalid setter, patch provided by Nils Hammar (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41682">41682</a>: ClassCastException when logging is turned on (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41530">41530</a>: Don't log error messages when connector is stopped (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41166">41166</a>: Invalid handling when using replicated context (fhanik)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Added SENDFILE support for the NIO connector. (fhanik) <br>
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Added support for shared thread pools by adding in the <Executor>
+ element as a nested element to the <Service> element. (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41666">41666</a>: Correct handling of boundary conditions for
+ If-Unmodified-Since and If-Modified-Since headers. Patch provided by
+ Suzuki Yuichiro. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41739">41739</a>: Correct handling of servlets with a load-on-startup
+ value of zero. These are now the first servlets to be started. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41747">41747</a>: Correct example ant script for deploy task. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41752">41752</a>: Correct error message on exception in MemoryRealm.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39883">39883</a>: Add documentation warning about using antiResourceLocking
+ on a webapp outside the Host's appBase. (yoavs)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40150">40150</a>: Ensure user and roll classnames are validated on startup. Patch by
+ Tom. (yoavs)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Refactor extend access log valve using the optimized access log valve. Submitted by
+ Takayuki Kaneko. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Possible deadlock in classloading when defining packages. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove excessive syncing from listener support. (remm)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Web services support. The actual factory implementations are implemented in the
+ extras. Submitted by Fabien Carrion. (remm)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Add logging to display APR capabilities on the platform. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Expose executors in JMX. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ CRLF inside a URL pattern is always invalid. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Tweak startup time display. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Adjustments to handling exceptions with Comet. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ If the event is closed asynchronously, generate an end event for cleanup on the
+ next event. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Cleanup hello webapp from the docs and fix a XSS issue in the JSP. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Examples webapp cleanup. Submitted by Takayuki Kaneko and Markus Schönhaber. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41289">41289</a>: Create configBase, since it is no longer created elsewhere.
+ Submitted by Shiva Kumar H R. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.11 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.11_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Fixed NIO memory leak caused by the NioChannel cache not working properly.
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Added flag to enable/disable the usage of the pollers selector instead of a Selector pool
+ when the serviet is reading/writing from the input/output streams
+ The flag is <code>-Dorg.apache.tomcat.util.net.NioSelectorShared=true</code>
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Requests with multiple content-length headers are now rejected. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41675">41675</a>: Add a couple of DEBUG-level logging statements to Http11Processors
+ when sending error responses. Patch by Ralf Hauser. (yoavs)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Reuse digester used by the modeler. (remm)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ When the platform does not support deferred accept, put accepted sockets in the
+ poller. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix problem with blocking reads for keepalive when using an executor (the number
+ of busy threads is always 0). (remm)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ The poller now has good performance, so remove firstReadTimeout. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=42119">42119</a>: Fix return value for request.getCharacterEncoding() when
+ Content-Type headers contain parameters other than charset. Patch by
+ Leigh L Klotz Jr. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.11 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.11_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix previous update to servlet 2.5 xsd to use correct declaration.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update host configuration document for new behaviour for directories
+ in appBase. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39540">39540</a>: Add link to httpd 2.2 mod_proxy_ajp docs in AJP connector doc. (yoavs)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.11 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.11_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41227">41227</a>: Add a bit of DEBUG-level logging to JspC so users know
+ which file is being compiled. (yoavs)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Remove some dead utility code, and refactor stream capture as part of the Ant compiler. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Support the trim directive of JSP 2.1 as an equivalent of Jasper's own parameter. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41790">41790</a>: Close file stream used to read the Java source. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix reporting of errors which do not correspond to a portion of the JSP source. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove try/catch usage for annotation processing in classic tags. The usage
+ of the log method might have been questionable as well. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Cleanup of the message that is displayed for compilation errors. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Skip BOM when reading a JSP file. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ </blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.10 (remm)"><!--()--></a><a name="Tomcat_6.0.10_(remm)"><strong>Tomcat 6.0.10 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>released 2007-02-28</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.10 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.10_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Unify usage of security manager flag, submitted by Arvind Srinivasan. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix formatting of CGI variable SCRIPT_NAME. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41521">41521</a>: Support * for servlet-name, submitted by Paul McMahan. (remm)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Cache getServletContext value, submitted by Arvind Srinivasan. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add options for handling special URL characters in paths, and disallow '\' and encoded '/'
+ due to possible differences in behavior between Tomcat and a front end webserver. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix bad comparison for FORM processing, submitted by Anil Saldhana. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41608">41608</a>: Make log levels consistent when Servlet.service()
+ throws an exception. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.10 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.10_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Reduce usage of MessageBytes.getLength(), submitted by Arvind Srinivasan. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.10 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.10_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41558">41558</a>: Don't call synced method on every request, submitted by Arvind Srinivasan. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Switch to a thread local page context pool. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.9 (remm)"><!--()--></a><a name="Tomcat_6.0.9_(remm)"><strong>Tomcat 6.0.9 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>beta, 2007-02-08</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.9 (remm)/General"><!--()--></a><a name="Tomcat_6.0.9_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Use 2.5 xsd in Tomcat webapps. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Compression filter improvements, submitted by Eric Hedström. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.9 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.9_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Properly return connector names. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Remove logging of the XML validation flag. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Correct error messages for context.xml. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41217">41217</a>: Set secure flag correctly on SSO cookie, submitted by
+ Chris Halstead. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40524">40524</a>: request.getAuthType() now returns CLIENT_CERT rather
+ than CLIENT-CERT. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40526">40526</a>: Return support for JPDA_OPTS to catalina.bat and add
+ a new option JPDA_SUSPEND, submitted by by Kurt Roy. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41265">41265</a>: In embedded, remove the code that resets checkInterval
+ values of zero to 300. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.9 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.9_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37869">37869</a>: Fix getting client certificate, submitted by Christophe Pierret. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40960">40960</a>: Throw a timeout exception when getting a timeout rather than a
+ generic IOE, submitted by Christophe Pierret. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.9 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.9_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ EL validation fixes for attributes. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41327">41327</a>: Show full URI for a 404. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ JspException now uses getCause() as the result for getRootCause(). (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.9 (remm)/Cluster"><!--()--></a><a name="Tomcat_6.0.9_(remm)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41466">41466</a>: When using the NioChannel and SecureNioChannel its
+ important to use the channels buffers. (fhanik)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.8 (remm)"><!--()--></a><a name="Tomcat_6.0.8_(remm)"><strong>Tomcat 6.0.8 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>alpha</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.8 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.8_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Make provided instances of RequestDispatcher thread safe. (markt)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Optional development oriented loader implementation. (funkman)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Optimized access log valve, submitted by Takayuki Kaneko. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix error messages when parsing context.xml that incorrectly referred to
+ web.xml. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41217">41217</a>: Set secure attribute on SSO cookie when cookie is
+ created during a secure request. Patch provided by Chris Halstead.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40524">40524</a>: HttpServletRequest.getAuthType() now returns
+ CLIENT_CERT rather than CLIENT-CERT for certificate authentication
+ as per the spec. Note that web.xml continues to use CLIENT-CERT to
+ specify the certificate authentication should be used. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41401">41401</a>: Add support for JPDA_OPTS to catalina.bat and add a
+ JPDA_SUSPEND environment variable to both startup scripts. Patch
+ provided by Kurt Roy. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.8 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.8_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Use the tomcat-native-1.1.10 as recommended version.
+ OpenSSL detection on some platforms was broken 1.1.8 will continue to work,
+ although on some platforms there can be JVM crash if IPV6 is enabled and
+ platform doesn't support IPV4 mapped addresses on IPV6 sockets.
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.8 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.8_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ When displaying JSP source after an exception, handle included files.
+ (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Display the JSP source when a compilation error occurs and display
+ the correct line number rather than start of a scriptlet block. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix NPE when processing dynamic attributes. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ More accurate EL usage validation. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix regression for implicit taglib and page data version numbers. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41265">41265</a>: Allow JspServlet checkInterval init parameter to be
+ explicitly set to the stated default value of zero by removing the
+ code that resets it to 300 if explicitly specified as zero. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41327">41327</a>: Show full URI for a 404. Patch provided by Vijay.
+ (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.8 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.8_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="docs" class="icon" src="./images/docs.gif"></td><td>
+ Add a virtual hosting how-to contributed by Hassan Schroeder. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update all webapps to use the servlet 2.5 xsd. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=39572">39572</a>: Improvements to CompressionFilter example provided by
+ Eric Hedström. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.7 (remm)"><!--()--></a><a name="Tomcat_6.0.7_(remm)"><strong>Tomcat 6.0.7 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>beta, 2007-01-10</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.7 (remm)/General"><!--()--></a><a name="Tomcat_6.0.7_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix installer's bitmap (mturk)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.7 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.7_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Refactor logging of errors which may occur when reading a post body (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.7 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.7_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37869">37869</a>: Also use the SSL_INFO_CLIENT_CERT field if the chain is empty,
+ submitted by Grzegorz Grzybek (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.6 (remm)"><!--()--></a><a name="Tomcat_6.0.6_(remm)"><strong>Tomcat 6.0.6 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>alpha</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.6 (remm)/General"><!--()--></a><a name="Tomcat_6.0.6_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix tagging which did not include 6.0.5's changelog (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.5 (remm)"><!--()--></a><a name="Tomcat_6.0.5_(remm)"><strong>Tomcat 6.0.5 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.5 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.5_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40585">40585</a>: Fix parameterised constructor for o.a.juli.FileHandler
+ so parameters have an effect. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Escape invalid characters from request.getLocale. (markt, remm)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update required version for native to 1.1.8. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Do not log broken pipe errors which can occur when flushing the content of an error page. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.5 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.5_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix firstReadTimeout behavior for the AJP connector. (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.5 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.5_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41057">41057</a>: Make jsp:plugin output XHTML compliant. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.5 (remm)/Cluster"><!--()--></a><a name="Tomcat_6.0.5_(remm)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Cluster interface cleanup. (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Refactoring to allow usage of executors. (fhanik)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.4 (remm)"><!--()--></a><a name="Tomcat_6.0.4_(remm)"><strong>Tomcat 6.0.4 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>alpha</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.4 (remm)/General"><!--()--></a><a name="Tomcat_6.0.4_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update to NSIS 2.22 (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix regression in 6.0.3 with Windows wrapper (mturk)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.3 (remm)"><!--()--></a><a name="Tomcat_6.0.3_(remm)"><strong>Tomcat 6.0.3 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>not released</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.3 (remm)/General"><!--()--></a><a name="Tomcat_6.0.3_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.3 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.3_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37509">37509</a>: Do not remove whitespace from the end of values
+ defined in logging.properties files. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38198">38198</a>: Add reference to Context documentation from Host
+ documentation that explains how Context name is obtained from the
+ Context filename. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40844">40844</a>: Missing syncs in JDBCRealm. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40901">40901</a>: Encode directory listing output. Based on a patch
+ provided by Chris Halstead. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40929">40929</a>: Correct JavaDoc for StandardClassLoader. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41008">41008</a>: Allow POST to be used for indexed queries with CGI
+ Servlet. Patch provided by Chris Halstead. (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix usage of print on the servlet output stream if the processor never used
+ a writer (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix logic of sameSameObjects used to determine correct wrapping of request and
+ response objects (fhanik)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Update TLD scan lists, and disable caching for now (remm)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Add system property to WebappClassLoader to allow disabling setting references
+ to null when stopping it (remm)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add clustered SSO code, submitted by Fabien Carrion (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.3 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.3_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40860">40860</a>: Log exceptions and other problems during parameter
+ processing. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Enable JMX for trust store attributes for SSL connector. (markt)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Port memory usage reduction changes to the java.io HTTP connector. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ MessageBytes.setString(null) will remove the String value. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41057">41057</a>: Caching large strings is not useful and takes too much
+ memory, so don't cache these (remm)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Add keepAliveTimeout attribute to most connectors (mturk, remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.3 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.3_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Relax EL type validation for litterals. (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Update some version numbers to 2.1. (funkman, remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Add xsds for JSP 2.1 (remm)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41106">41106</a>: Update validation checks for EL to also include
+ legacy 1.2 tags (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.3 (remm)/Web applications"><!--()--></a><a name="Tomcat_6.0.3_(remm)/Web_applications"><strong>Web applications</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40677">40677</a>: Update SSL documentation to indicate that PKCS11
+ keystores may be used. (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.2 (remm)"><!--()--></a><a name="Tomcat_6.0.2_(remm)"><strong>Tomcat 6.0.2 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>beta, 2006-11-23</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.2 (remm)/General"><!--()--></a><a name="Tomcat_6.0.2_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Various tweaks to distribution (remm, funkman)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update Tomcat native to 1.1.7 (mturk)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Update to JDT 3.2.1 (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.2 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.2_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix EJB annotation interface (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.2 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.2_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ Fix passing of the keystore password for the NIO connector (fhanik)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.1 (remm)"><!--()--></a><a name="Tomcat_6.0.1_(remm)"><strong>Tomcat 6.0.1 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>alpha</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.1 (remm)/General"><!--()--></a><a name="Tomcat_6.0.1_(remm)/General"><strong>General</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37439">37439</a>, <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40823">40823</a>: Documentation cleanup (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.1 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.1_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Refactor exception processing using Throwable.getCause to improve exception chaining (remm)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Remove dead code involving the Logger (funkman)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=37458">37458</a>: Fix some exceptions which could happen during classloading (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=40817">40817</a>: Fix CGI path (markt)
+ </td></tr>
+ <tr><td><img alt="fix" class="icon" src="./images/fix.gif"></td><td>
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=34956">34956</a>: Add the possibility to enforce usage of request and response
+ wrapper objects (markt)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.1 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.1_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Many fixes for JSP 2.1 compliance, invloving tag files handling, deferred expressions
+ validation, bom encoding support (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.1 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.1_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Many HTTP NIO connector fixes and refactorings (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ HTTP NIO connector performance improvements (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Add packetSize option for the classic AJP connector (jfclere)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Implement explicit flushing in AJP (mturk)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.0 (remm)"><!--()--></a><a name="Tomcat_6.0.0_(remm)"><strong>Tomcat 6.0.0 (remm)</strong></a></font></td><td align="right" bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><strong>alpha</strong></font></td></tr><tr><td colspan="2"><blockquote>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.0 (remm)/Catalina"><!--()--></a><a name="Tomcat_6.0.0_(remm)/Catalina"><strong>Catalina</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ SSLEngine attribute added to the AprLifecycleListener(fhanik)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Add API for Comet IO handling (remm, fhanik)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Servlet 2.5 support (remm)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.0 (remm)/Jasper"><!--()--></a><a name="Tomcat_6.0.0_(remm)/Jasper"><strong>Jasper</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ JSP 2.1 support (jhook, remm)
+ </td></tr>
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ Unifed EL 2.1 support (jhook)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.0 (remm)/Coyote"><!--()--></a><a name="Tomcat_6.0.0_(remm)/Coyote"><strong>Coyote</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ SSLEnabled attribute required for SSL to be turned on, on all HTTP connectors (fhanik)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Memory usage reduction for the HTTP connectors, except java.io (remm)
+ </td></tr>
+ <tr><td><img alt="update" class="icon" src="./images/update.gif"></td><td>
+ Modeler update to use dynamic mbeans rather than model mbeans, which consume more
+ resources (costin)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+ <table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Tomcat 6.0.0 (remm)/Cluster"><!--()--></a><a name="Tomcat_6.0.0_(remm)/Cluster"><strong>Cluster</strong></a></font></td></tr><tr><td><blockquote>
+ <table border="0" cellpadding="2" cellspacing="2">
+ <tr><td><img alt="add" class="icon" src="./images/add.gif"></td><td>
+ New cluster configuration and new documentation (fhanik)
+ </td></tr>
+ </table>
+ </blockquote></td></tr></table>
+</blockquote></td></tr></table></td></tr><!--FOOTER SEPARATOR--><tr><td colspan="2"><hr noshade="noshade" size="1"></td></tr><!--PAGE FOOTER--><tr><td colspan="2"><div align="center"><font color="#525D76" size="-1"><em>
+ Copyright © 1999-2014, Apache Software Foundation
+ </em></font></div></td></tr></table></body></html>
\ No newline at end of file