summaryrefslogtreecommitdiff
path: root/www/p5-CGI-Session-Driver-memcached
diff options
context:
space:
mode:
authorryoon <ryoon@pkgsrc.org>2012-12-16 10:37:32 +0000
committerryoon <ryoon@pkgsrc.org>2012-12-16 10:37:32 +0000
commit9bfa9b82e6db2d371ce1d35eb16e35b792ab3ce6 (patch)
tree8e8d9cf569dd0412bf593c8ce4b48d6e71eb849c /www/p5-CGI-Session-Driver-memcached
parent4cf4c174a0c4a5351cbce3ebd777158ebe462519 (diff)
downloadpkgsrc-9bfa9b82e6db2d371ce1d35eb16e35b792ab3ce6.tar.gz
Update to 7.0.34
* CVE-2012-4431 is fixed in 7.0.32 Changelog: Tomcat 7.0.34 (markt) 2012-12-12 Catalina fix 53871: Improve error message if annotation scanning fails during web application start due to poor configuration or illegal cyclic inheritance with the application's classes. (markt) fix Fix unit test for AccessLogValve when using non-GMT time zone. (rjung) fix 54170: Ensure correct registration of Filters and Servlets in the JMX registry if the Filter or Servlet name includes a character that must be quoted if used in an ObjectName value. (markt) add Add new attribute renameOnRotate to the AccessLogValve. (rjung) fix 54190: Correct unit tests for BASIC authentication so that session timeout is correctly tested. Also refactor unit test to make it easier to add additional tests. Patch by Brian Burch. (markt) fix 54220: Ensure the ErrorReportValve only generates an error report if the error flag on the response has been set. (markt) fix Simplify time zone handling in the access log valve and correctly handle various edge cases for non-standard DST changes. (markt) Web applications fix 54198: Clarify that HttpServletResponse.sendError(int) results in an HTML response by default. (markt) fix 54207: Correct JNDI factory package name in Javadoc for org.apache.naming.java.javaURLContextFactory. (markt) jdbc-pool code Fix a handful of Eclipse warnings in the JDBC pool source code including the warnings reported in 53565. (markt) fix 54150: Make sure that SlowQueryReportJmx mbean deregistered during webapp shutdown. Reported by Alex Franken. (kfujino) fix 54194: Make sure that connection pool mbean is not registered when jmxEnabled is false. Patch provided by tobias.gierke. (kfujino) Other update Update to Eclipse JDT Compiler 4.2.1. (markt) Tomcat 7.0.33 (markt) 2012-11-21 Catalina add 53960, 54115: Extensions to HttpClient test helper class. Patches by Brian Burch. (markt/kkolinko) fix 53993: Avoid a possible NPE in the AccessLogValve when the session ID is logged and a session is invalidated. (markt) fix Add support for LAST_ACCESS_AT_START system property to PersistentManager. (kfujino) add Update MIME type mapping with additional / updated mime.types from the Apache web server. (markt) fix 54007: Fix a memory leak that prevented deletion of a context.xml file associated with a Context that had failed to deploy. Also fix the problems uncovered with undeploying such a Context once the leak had been fixed and the file could be deleted. (markt) fix 54044: Correct bug in timestamp cache used by logging (including the access log valve) that meant entries could be made with an earlier timestamp than the true timestamp. (markt) fix 54054: Do not share shell environment variables between multiple instances of the CGI servlet. (markt) fix 54060: Use a simple parser rather than a regular expression to parse HTTP Digest authentication headers so the header is correctly parsed. The new approach is also faster and generates less garbage. (markt) fix 54068: Rewrite the web fragment ordering algorithm to resolve multiple issues that resulted in incorrect ordering or failure to find a correct, valid order. (markt) update The HTTP header parser added to address 52811 has been removed and replaced with the light-weight HTTP header parser created to address 54060. The new parser includes a work-around for a bug in the Adobe Acrobat Reader 9.x plug-in for Microsoft Internet Explorer that was identified when the old parser was introduced (53814). fix 54076: Add an alternative work-around for clients that use SPNEGO authentication and expect the authenticated user to be cached per connection (Tomcat only does this if an HTTP session is available). (markt) fix 54087: Correctly handle (ignore) invalid If-Modified-Since header rather than throwing an exception. (markt) fix 54096: In web.xml, <env-entry> should accept any type that has a constructor that takes a single String or char. (markt) add 54127: Add support for sending a WebSocket Ping. Patch provided by Sean Winterberger. (markt) fix In FormAuthenticator: If it is configured to change Session IDs, do the change before displaying the login form. (kkolinko) fix Ensure AsyncListener.timeout() and AsyncListener.complete() are called with the correct thread context class loader. (fhanik) fix 54123: If an asynchronous request times out without any AsyncListeners defined, a 500 error will be triggered. (markt) fix 54124: Correct provided value of request attribute javax.servlet.async.request_uri and add missing request attribute javax.servlet.async.path_info. (markt) add Add denyStatus initialization parameter to CsrfPreventionFilter, allowing to customize the HTTP status code used for denied requests. (kkolinko) fix 54141: Increase the permitted number of nested Realm levels from 2 to 3 by default and make the limit configurable via a system property. (markt) fix Revert occasional API change in BaseDirContext class that was done in 7.0.32. Methods should not be final. (kkolinko) fix Prevent failures in the AccessLogValve when running under a SecurityManager and the first request received is an asynchronous one. (markt) Coyote fix Correct an issue that prevented WebSockets from being used over SSL when using the HTTP NIO connector. (markt) fix 54022: Ensure the Comet END event is triggered on client disconnect with APR/native on Windows Vista/2k8 or later. Patch provided by Douglas Beachy. (markt) fix 54067: Ensure responses with 1xx response codes are correctly marked as not containing an entity body. This caused an issue for some WebSocket clients when an Transfer-Encoding header was sent with the 101 (HTTP upgrade) response. (markt) Jasper code 53867: Optimise the XML escaping provided by the PageContext implementation. Based on a patch by Sheldon Shao. (markt) code 53896: Use an optimised CompositeELResolver for Jasper that skips resolvers that are known to be unable to resolve the value. Patch by Jarek Gawor. (markt) fix 53986: Correct a regression introduced by the fix for 53713. JSP comments that ended with the sequence ---%> (or any similar sequence with a odd number of - characters) was not correctly parsed. (markt) fix 54011: Fix a bug in the tag plug-in for <c:out> that triggered a JSP compilation error if the escapeXml attribute was used. Patch provided by Sheldon Shao. (markt) code Follow up to 5401. Simplify generated code for <c:out>. Based on a patch by Sheldon Shao. (markt) fix 54012: Fix a bug in the tag plug-in infrastructure that meant the <c:set> triggered a JSP compilation error when used in a tag file. Based on a patch provided byx 54144: Fix a bug in the tag plug-in for <c:out> that meant that if the value of the tag evaluated to a java.io.Reader object then it was not correctly handled. (markt) Cluster fix Add getSessionIdsFull operation to mbeans-descriptor. listSpplications add 54143: Add display of the memory pools usage (including PermGen) to the Status page of the Manager web application. (kkolinko) Tribes fix 54045: Make sure getMembers() returns available member when TcpFailureDetector fix Revert multiple operation support for the JMXProxyServlet pending further discussion. (schultz) fix CVE-2012-4431: Fix bypass of CsrfPreventionFilter when there is no session. Improve session management in the filter. (kkolinko) Web apit servlets (JSP and default) are marked as override-able when using embedded mode. (markt) fix When the DefaultServlet is under heavy load, the HTTP header parser added to address 52811 generates large amounts of garbage and uses significant CPU time. A cache has been added that significantly reduces the overhead of this parser. (markt) fix 53854: Make directory listings work correctly when aliases are used. (markt) Jasper code 53713: Performance improvement of up to four times faster parsing of JSP pages. Patch provided by Sheldon Shao. (markt) Cluster add Make the cluster members and the cluster deployer associated with the cluster accessible via JMX. (markt) fix Fix a behavior of TcpPingInterceptor#uhread. If set to false, ping thread is never started. (kfujino) Web applications add Improve the documentation web application to clarify the difference between the tag and version parameters when using text interface of the Manager web application. (markt) add Make sessions saved in the Store associated with a Manager that extends PersistentManager optionally visible (via the showProxySessions Servlet initialisation parameter in web.xml) to the Manager web application. (markt)
Diffstat (limited to 'www/p5-CGI-Session-Driver-memcached')
0 files changed, 0 insertions, 0 deletions