Need suggestion in upgrading Apache Tomcat due to security vulnerability in Apache Tomcat 7.0.61

Hi All, Recently we found there is security vulnerability in Apache Tomcat 7.0.61.Please note that now our application runs on Apache Tomcat 7.0.61. Please advice me whether I can upgrade Apache Tomcat to latest Tomcat 7 version(v7.0.82)? Also please let me know when it's expected End of Life fo

Missing 0-length chunk to mark the end of a response

All, Hopefully I can explain this clearly... The short question is that my client is sometimes not getting the 0-length chunk at the end of the response from Tomcat, so my connections don't get reused. My Tomcat server is version 7.0.81. JDK is 1.8.0_144. I have a Jersey client, version 2.2

Consecutive double slashes in URLs

Hi, We've recently upgraded our servers from 8.0.43 to 8.0.45 and URLs with consecutive double slashes that used to work such as http://www.domain.com/auth//signin.html stopped working - getting a 404. This happens on our production environment running Linux but also on our development environment

Re: Response change between 8.5.x and 8.0.x (and earlier versions) W.R.T. Line separator CRLF vs. LF

Profuse apologies.  We are unable reproduce this.  However out tests were failing for another reason.   8.5.23 returns 400 error with header "HTTP/1.1 400" where as version 8.0.47 returns the same as "HTTP/1.1 400 Bad Request".  When the tests check for the legacy header they were failing.  As

More, Re: Weird problem: browsers refusing to connect; more "fun with ciphers clauses on the connector tag"

I just got finished going through 20 other customer Tomcat installations we administer. First, I found that most of them were accepting the DHE ciphers I'd disabled on the problem installation, and SSLLabs was giving them bad ratings for doing so. Second, I found that two of the other instal

Re: Response change between 8.5.x and 8.0.x (and earlier versions) W.R.T. Line separator CRLF vs. LF

On 16/10/17 18:48, Net Dawg wrote: > We are finding line separator has changed on Mac OS X in tomcat 8.5.23 > response relative to all previous versions of tomcat we tested (8.0.47, > 7.0.72 and 7.0.82).  We see nothing in change log to understand this change. > Specifically, 8.5.23 is generating

Re: Weird problem: browsers refusing to connect; more "fun with ciphers clauses on the connector tag"

On 16/10/17 17:57, James H. H. Lampert wrote: > Can somebody explain what just happened? > > This morning, we got a call from a customer whose Tomcat server (on > their own hardware) we administer. > > It seems that suddenly, and without any advance warning, all but the > oldest browsers were ref

Response change between 8.5.x and 8.0.x (and earlier versions) W.R.T. Line separator CRLF vs. LF

We are finding line separator has changed on Mac OS X in tomcat 8.5.23 response relative to all previous versions of tomcat we tested (8.0.47, 7.0.72 and 7.0.82).  We see nothing in change log to understand this change. Specifically, 8.5.23 is generating CRLF in response (showing up as ^M in vim)

Weird problem: browsers refusing to connect; more "fun with ciphers clauses on the connector tag"

Can somebody explain what just happened? This morning, we got a call from a customer whose Tomcat server (on their own hardware) we administer. It seems that suddenly, and without any advance warning, all but the oldest browsers were refusing to connect to the server, without offering any ov

Re: tomcat 8.5.23 dbcp not honoring autocommit = false?

On Fri, Oct 13, 2017 at 5:00 PM, Christopher Schultz wrote: > -BEGIN PGP SIGNED MESSAGE- > When you say you have "autocommit disabled in mysql config" what do > you mean? > /etc/my.cnf : [mysqld] autocommit=0 This turns off autocommit off as a default for all connections. I need this at