Thanks for reworking this. This is quite the patch set! :)
I can confirm that it run the testsuite with no added failures or errors. Comparing the buildlogs also looks good. In reviewing these:
CVE-2011-3375.patch - ACK
CVE-2011-3376.patch - ACK
CVE-2012-0022.patch - ACK (had some whitespace changes, but ok)
CVE-2012-2733.patch - ACK
CVE-2012-3439.patch - not all commits are mentioned in the patch
CVE-2012-3546.patch - ACK
CVE-2012-4431.patch - ACK
CVE-2012-4534.patch - ACK
Can you comment more on CVE-2012-3439.patch? I compared it to upstream's http://svn.apache.org/viewvc?view=rev&rev=1377807 as per your DEP-3 comments, but there were quite a few changes. You mentioned that you "Cherrypicked changes in TesterDigestAuthenticatorPerformance.java to adapt to the changes made in the other files since test cases for 7.0.30 are completely different to the one in 7.0.21", which is fine, but those cherrypicked commits should also be listed.
Thanks for all your hard work on this. We're close! :)
Thanks for reworking this. This is quite the patch set! :)
I can confirm that it run the testsuite with no added failures or errors. Comparing the buildlogs also looks good. In reviewing these:
CVE-2011-3375.patch - ACK
CVE-2011-3376.patch - ACK
CVE-2012-0022.patch - ACK (had some whitespace changes, but ok)
CVE-2012-2733.patch - ACK
CVE-2012-3439.patch - not all commits are mentioned in the patch
CVE-2012-3546.patch - ACK
CVE-2012-4431.patch - ACK
CVE-2012-4534.patch - ACK
Can you comment more on CVE-2012- 3439.patch? I compared it to upstream's http:// svn.apache. org/viewvc? view=rev& rev=1377807 as per your DEP-3 comments, but there were quite a few changes. You mentioned that you "Cherrypicked changes in TesterDigestAut henticatorPerfo rmance. java to adapt to the changes made in the other files since test cases for 7.0.30 are completely different to the one in 7.0.21", which is fine, but those cherrypicked commits should also be listed.
Thanks for all your hard work on this. We're close! :)