Re: NEWS - Tomcat 5 runs on Kaffe

[Alan Tam <Tam@SiuLung.com>]

Hi Arnaud,

On 2004-07-18 07:33, Arnaud Vandyck wrote:

If you don't like the commons-dbcp (>= 1.2.1), commons-pool (>= 1.2)
and (commons-logging >= 1.0.4) dependency, which is not available even
in Debian unstable, you can also try tomcat 5.0.25 and it should also
works as expected.
    

libcommons-dbcp-java 1.2.1 is in Debian since Jul 11:
http://packages.qa.debian.org/libc/libcommons-dbcp-java/news/1.html

commons-pool 1.2 is in Debian since Jul 5:
http://packages.qa.debian.org/c/commons-pool/news/2.html

commons-logging: wishlist bug reported:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=260028
  

I just mean commons-logging. It makes people believe Debian is always late. Just like tomcat5 - do we prefer a bad package uploaded first or waiting until we think we can get all the dependencies right?


Btw, tomcat 4.1 seems not even going to be in sarge as well. It is blocked by:
  - libcommons-dbcp-java (4 days left)
  - libstruts1.1-java
    - jamvm
      - classpath (2:0.9 failed on arm)
    - libcommons-validator-java (6 days left)
      - commons-digester (FTBFS)

Probably "Depends: java2-runtime | j2sdk1.3 | java-virtual-machine-dummy" is also problematic.

[...]

About security:

libgnucrypto-java:
javax.security.auth.callback.*
javax.security.sasl.*
javax.crypto.*
javax.crypto.interfaces.*
javax.crypto.spec.*
org.bouncycastle.asn1.*

libjessie-java:
javax.net.ssl.*
javax.net.*
javax.security.cert.*

Both are available in Debian.
  

Tomcat5 needs javax.security.auth.*, which is not in both list. As mentioned by Casey, it has been in GNU Crypto CVS for 3 months. We have to wait.

-- 
Regards,
Alan