Sync from SUSE:SLFO:Main tomcat revision b328e4a4307bb0a878cbcc87128b8d9b
This commit is contained in:
parent
ef0b4fbb59
commit
4c7971b1a6
BIN
apache-tomcat-9.0.87-src.tar.gz
(Stored with Git LFS)
BIN
apache-tomcat-9.0.87-src.tar.gz
(Stored with Git LFS)
Binary file not shown.
@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEESPjmn2OQyfJc/tzSaCSJWTWecisFAmXu2nYACgkQaCSJWTWe
|
||||
cis4lg//VHmtdBX2BrPuE8AV2R3ob9KI4uxrBxfjukb/HfvsXT1Zz00R27HVbKln
|
||||
h1hx7PCTrVJq+sHLDiDnYF1FDC5M+atvryoXcFIAEgnkqQ4toSgqBTa85NcRxrKY
|
||||
lBnQrZ5ZF5MJ7h+E8r7PIXwjbKbcvMLnhqvXwIB6TOMgUC3UOwZPN2vvq20XqYHA
|
||||
tevMCDLdMjcAdiOMqkekmq6y8KaEMoEY2rJG3KHCPXKkVQflQoX1bNs88vSd4t4F
|
||||
CQTcLauo9oyT+IaaanJWrawnKxlAD6x8QuFkJWNK2SC7145IGWeo1R32xzPvQdau
|
||||
Lu69YayASXq2nilYCLI3uZQ4tFSjCosi+DZaJVatMi2wbGXheau36vS8WLYkroWt
|
||||
w9deOo+KYiibckgEGbEncAD54sBVKF5Eun751CzSDZC1yV+08oII16koIl0TQlcd
|
||||
ZFhpIgQ5fo19VUReLQ9JlR98vbLnVFGg+3GVzHqfIATrVuulaliw6HOK7UT/ixFX
|
||||
jWNdR+/szFe3gTy+RifMU4C3D0hWEhRQGjnVoUPdck2ANBOm5CPV3R5IL2ej03yj
|
||||
LYXCJ++r+e/O5tftlax2Tnpmxzo0HFrQCSr+1HTsE4VY7Upy0liiV3btBWPcKKVp
|
||||
0e3E2wYv9P1PcTJD+XUOLX1yuYZv0xCS5fQ4t/ZlSR2R20+rUu4=
|
||||
=F+I2
|
||||
-----END PGP SIGNATURE-----
|
BIN
apache-tomcat-9.0.91-src.tar.gz
(Stored with Git LFS)
Normal file
BIN
apache-tomcat-9.0.91-src.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
16
apache-tomcat-9.0.91-src.tar.gz.asc
Normal file
16
apache-tomcat-9.0.91-src.tar.gz.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEESPjmn2OQyfJc/tzSaCSJWTWecisFAmaD9OQACgkQaCSJWTWe
|
||||
cit6cA/+L/gMzNTxjtqsuWDrT1Wkr9MeU6/5oEB/LpUxhWUWam0Ni+eyj51vLO6X
|
||||
7UfHOQt8qClNUsyqz6kpmedPLowrhPk2UM9LdJsn7Sh9ttdbJQzjHD3LqVze9CKu
|
||||
eHggf6KUTJGcbOpP+8/gttwVM7U4wGppzOLi4vQCSI54yO4tinyyaSEk0DH8zlAa
|
||||
Rcb6tJoKEtqtlq1gam9udjPFFcNOcpXEOCLCgLRLqVkna3IVvFUNTx0bccilUDl/
|
||||
vGcD/7W1tsULb4A0sqLhQINzZlBpu2kp/5qdWLFhnJhRp0pZbLDo5/gjW77jLrIx
|
||||
HMmSuPVuswn/OQmAe57YRo2YF3e+7zxjKJ+73aDhfK/xHEInsQMgMCdgYH+d6Inn
|
||||
OT4MrUVEPApOnQPpV2Ag9HEvw3E9zT3dkcNqn3QCF+RaXNtdJgGurRl5UaQapWkH
|
||||
Mj6WbnmWpqTBO1SxxPCb1KqIoO3jLqKMR7h0TAchBH/XdRuafy3Ga632dUYX722J
|
||||
K73vU1fC1pyh0NZMPsDEAwv3V0JDnYzAF4PKxKb2gnQ/2u/e/p/ACBgaVqXRMAD9
|
||||
JFfhgBnt5vj7GOOm5opYoW+B1dtRyJ2CmYmO+g9UstRxYhShH7HPQbyExJo81JgZ
|
||||
S1W7wYlopgIAsL9gy1TlPAofa25SI24UaaC4VivDK2FyyAYk21Y=
|
||||
=1v5b
|
||||
-----END PGP SIGNATURE-----
|
@ -1,13 +1,13 @@
|
||||
Index: apache-tomcat-9.0.85-src/build.xml
|
||||
Index: apache-tomcat-9.0.91-src/build.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.85-src.orig/build.xml
|
||||
+++ apache-tomcat-9.0.85-src/build.xml
|
||||
--- apache-tomcat-9.0.91-src.orig/build.xml
|
||||
+++ apache-tomcat-9.0.91-src/build.xml
|
||||
@@ -107,7 +107,7 @@
|
||||
<!-- Keep in sync with webapps/docs/tomcat-docs.xsl -->
|
||||
<property name="compile.release" value="8"/>
|
||||
<property name="min.java.version" value="8"/>
|
||||
- <property name="build.java.version" value="17"/>
|
||||
+ <property name="build.java.version" value="11"/>
|
||||
<property name="release.java.version" value="17"/>
|
||||
<property name="skip.build.java.version" value="false"/>
|
||||
|
||||
<!-- Check Java Build Version -->
|
||||
<fail message="Java version ${build.java.version} or newer is required (${java.version} is installed)">
|
||||
|
@ -1,8 +1,19 @@
|
||||
--- apache-tomcat-9.0.75-src/build.xml 2023-05-22 18:12:16.995658642 +0200
|
||||
+++ apache-tomcat-9.0.75-src/build.xml 2023-05-22 19:41:42.051370923 +0200
|
||||
@@ -215,10 +215,10 @@
|
||||
--- apache-tomcat-9.0.91-src/build.xml 2024-07-08 18:21:26.161496515 +0200
|
||||
+++ apache-tomcat-9.0.91-src/build.xml 2024-07-08 18:30:43.722334075 +0200
|
||||
@@ -226,11 +226,21 @@
|
||||
<!--<defaultexcludes echo="true" />-->
|
||||
|
||||
<!-- Classpaths -->
|
||||
+ <path id="bnd.classpath">
|
||||
+ <fileset file="${bnd.jar}" />
|
||||
+ <fileset dir="${bnd.dir}">
|
||||
+ <include name="**/*.jar"/>
|
||||
+ </fileset>
|
||||
+ <fileset file="${osgiannotation.jar}" />
|
||||
+ <fileset file="${osgicmpn.jar}" />
|
||||
+ <fileset file="${slf4j-api.jar}" />
|
||||
+ </path>
|
||||
+
|
||||
<path id="compile.classpath">
|
||||
- <pathelement location="${bnd.jar}"/>
|
||||
<pathelement location="${jdt.jar}"/>
|
||||
@ -12,16 +23,14 @@
|
||||
</path>
|
||||
|
||||
<path id="tomcat.classpath">
|
||||
@@ -3845,6 +3845,12 @@
|
||||
<!-- Add bnd tasks to project -->
|
||||
<path id="bnd.classpath">
|
||||
<fileset file="${bnd.jar}" />
|
||||
+ <fileset dir="${bnd.dir}">
|
||||
+ <include name="**/*.jar"/>
|
||||
+ </fileset>
|
||||
+ <fileset file="${osgiannotation.jar}" />
|
||||
+ <fileset file="${osgicmpn.jar}" />
|
||||
+ <fileset file="${slf4j-api.jar}" />
|
||||
</path>
|
||||
@@ -3960,10 +3970,6 @@
|
||||
|
||||
<target name="setup-bnd" depends="download-bnd" unless="skip.build.java.version">
|
||||
<!-- Add bnd tasks to project -->
|
||||
- <path id="bnd.classpath">
|
||||
- <fileset file="${bnd.jar}" />
|
||||
- </path>
|
||||
-
|
||||
<taskdef resource="aQute/bnd/ant/taskdef.properties" classpathref="bnd.classpath" />
|
||||
</target>
|
||||
|
||||
|
225
tomcat.changes
225
tomcat.changes
@ -1,3 +1,228 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 8 16:34:38 UTC 2024 - Fridrich Strba <fstrba@suse.com>
|
||||
|
||||
- Modified patch:
|
||||
* tomcat-9.0-osgi-build.patch
|
||||
+ move the definition of bnd.classpath out of the setup-bnd task
|
||||
since it is one component in build.classpath
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 8 14:54:54 UTC 2024 - Ricardo Mestre <ricardo.mestre@suse.com>
|
||||
|
||||
- Update to Tomcat 9.0.91
|
||||
* Fixed CVEs:
|
||||
+ CVE-2024-34750: Improper handling of exceptional conditions
|
||||
(bsc#1227399)
|
||||
* Catalina
|
||||
+ Fix: Allow JAASRealm to use the configuration source to load a configured
|
||||
configFile, for easier use with testing. (remm)
|
||||
+ Fix: Add missing algorithm callback to the JAASCallbackHandler. (remm)
|
||||
+ Fix: 69131: Expand the implementation of the filter value of the
|
||||
Authenticator attribute allowCorsPreflight, so that it applies to all
|
||||
requests that match the configured URL patterns for the CORS filter,
|
||||
rather than only applying if the CORS filter is mapped to /*. (markt)
|
||||
+ Add: Add support for shallow copies when using WebDAV. (markt)
|
||||
+ Code: Deprecate the WebdavFixFilter as it is no longer required. (markt)
|
||||
+ Fix: 69066: Fix regression in SPNEGO authenticator when processing Base64.
|
||||
Submitted by Daniel Lyko. (remm)
|
||||
+ Update: Update minimum recommended version of Tomcat Native to 1.3.0. Pull
|
||||
request #728 provided by Dimitrios Soumis. (markt)
|
||||
+ Update: The system property org.apache.catalina.connector.RECYCLE_FACADES
|
||||
will now default to true if not specified, which will in turn set the
|
||||
default value for the discardFacades connector attribute, thus causing
|
||||
facade objects to be discarded by default. (remm)
|
||||
+ Add: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext) for
|
||||
retrieving extended/additional information from an established GSS
|
||||
context. (michaelo)
|
||||
+ Fix: Correct a regression in the fix for 68721 that caused some instances
|
||||
of LinkageError to be reported as ClassNotFoundException. (markt)
|
||||
+ Fix: Ensure that static resources deployed via a JAR file remain
|
||||
accessible when the context is configured to use a bloom filter. Based on
|
||||
pull request #730 provided by bergander. (markt)
|
||||
+ Add: Introduce reference counting so the AprLifecycleListener is more
|
||||
robust. This particularly targets more complex embedded configurations
|
||||
with multiple server instances with independent lifecycles where more than
|
||||
one server instance requires the AprLifecycleListener. (markt)
|
||||
+ Update: Deprecate and remove sessionCounter (replaced by the addition of
|
||||
the active session count and the expired session count, as a reasonable
|
||||
approximation) and duplicates (which does not represent a possible event
|
||||
in current implementations) statistics from the session manager. (remm)
|
||||
+ Fix: 68890 Align output encoding of JSPs in the Manager webapp with the
|
||||
XML declarations in those same files. (schultz)
|
||||
+ Fix: Update Basic authentication to implement the requirements of RFC 7617
|
||||
including the changing of the trimCredentials setting which is now
|
||||
defaults to false. Note that the trimCredentials setting will be removed
|
||||
in Tomcat 11. (markt)
|
||||
+ Add: Small performance optimization when logging cookies with no values.
|
||||
(schultz)
|
||||
+ Fix: Correct error handling for asynchronous requests. If the application
|
||||
performs an dispatch during AsyncListener.onError() the dispatch is now
|
||||
performed rather than completing the request using the error page
|
||||
mechanism. (markt)
|
||||
+ Fix: Fix WebDAV lock null (locks for non existing resources) thread safety
|
||||
and removal. (remm)
|
||||
+ Fix: Add periodic checking for WebDAV locks expiration. (remm)
|
||||
+ Fix: Extend Asn1Parser to parse UTF8Strings. (michaelo)
|
||||
+ Update: Add highConcurrencyStatus attribute to the SemaphoreValve to
|
||||
optionally allow the valve to return an error status code to the client
|
||||
when a permit cannot be acquired from the semaphore. (remm)
|
||||
+ Add: Add checking of the "age" of the running Tomcat instance since its
|
||||
build-date to the SecurityListener, and log a warning if the server is
|
||||
old. (schultz)
|
||||
+ Fix: When using the AsyncContext, throw an IllegalStateException, rather
|
||||
than allowing an NullPointerException, if an attempt is made to use the
|
||||
AsyncContext after it has been recycled. (markt)
|
||||
+ Fix: Change the thread-safety mechanism for protecting
|
||||
StandardServer.services from a simple synchronized lock to a
|
||||
ReentrantReadWriteLock to allow multiple readers to operate
|
||||
simultaneously. Based upon a suggestion by Markus Wolfe. (schultz)
|
||||
+ Fix: Improve Service connectors, Container children and Service executors
|
||||
access sync using a ReentrantReadWriteLock. (remm)
|
||||
+ Fix: Improve handling of integer overflow if an attempt is made to upload
|
||||
a file via the Servlet API and the file is larger than
|
||||
Integer.MAX_VALUE. (markt)
|
||||
+ Fix: 68862: Handle possible response commit when processing read errors.
|
||||
(remm)
|
||||
* Jasper
|
||||
+ Fix: Update the optimisation in jakarta.el.ImportHandler so it is aware of
|
||||
new classes added to the java.lang package in Java 23. (markt)
|
||||
+ Fix: Ensure that an exception in toString() still results in an
|
||||
ELException when an object is coerced to a String using
|
||||
ExpressionFactory.coerceToType(). (markt)
|
||||
+ Add: Add support for specifying Java 24 (with the value 24) as the
|
||||
compiler source and/or compiler target for JSP compilation. If used with
|
||||
an Eclipse JDT compiler version that does not support these values, a
|
||||
warning will be logged and the default will used. (markt)
|
||||
+ Fix: 69135: When using include directives in a tag file packaged in a JAR
|
||||
file, ensure that context relative includes are processed correctly. (
|
||||
markt)
|
||||
+ Fix: 69135: When using include directives in a tag file packaged in a JAR
|
||||
file, ensure that file relative includes are processed correctly. (markt)
|
||||
+ Fix: 69135: When using include directives in a tag file packaged in a JAR
|
||||
file, ensure that file relative includes are are not permitted to access
|
||||
files outside of the /META_INF/tags/ directory nor outside of the JAR
|
||||
file. (markt)
|
||||
+ Fix: 68546: Small additional optimisation for initial loading of Servlet
|
||||
code generated for JSPs. Based on a suggestion by Dan Armstrong. (markt)
|
||||
+ Add: Add support for specifying Java 23 (with the value 23) as the
|
||||
compiler source and/or compiler target for JSP compilation. If used with
|
||||
an Eclipse JDT compiler version that does not support these values, a
|
||||
warning will be logged and the default will used. (markt)
|
||||
+ Fix: Handle the case where the JSP engine forwards a request/response to a
|
||||
Servlet that uses an OutputStream rather than a Writer. This was
|
||||
triggering an IllegalStateException on code paths where there was a
|
||||
subsequent attempt to obtain a Writer. (markt)
|
||||
+ Fix: Correctly handle the case where a tag library is packaged in a JAR
|
||||
file and the web application is deployed as a WAR file rather than an
|
||||
unpacked directory. (markt)
|
||||
+ Fix: Prevent the web application's ClassLoader from being pinned by the
|
||||
JSP compiler if an application uses a custom XMLInputFactory. Based upon a
|
||||
suggestion from Simon Niederberger. (schultz)
|
||||
* Web applications
|
||||
+ Fix: Fix status servlet detailed view of the connectors when using
|
||||
automatic port. (remm)
|
||||
+ Add: Add the ability to set a sub-title for the Manager web application
|
||||
main page. This is intended to allow users with lots of instances to
|
||||
easily distinguish them. Based on pull request #724 by Simon Arame.
|
||||
(markt)
|
||||
+ Fix: Examples: Improve performance of WebSocket chat application when
|
||||
multiple clients disconnect at the same time. (markt)
|
||||
+ Update: Examples: Increase the number of previous messages displayed when
|
||||
using the WebSocket chat application. (markt)
|
||||
+ Fix: Examples: Improve performance of WebSocket snake application when
|
||||
multiple clients disconnect at the same time. (markt)
|
||||
* Coyote
|
||||
+ Fix: Improve the algorithm used to identify the IP address to use to
|
||||
unlock the acceptor thread when a Connector is listening on all local
|
||||
addresses. Interfaces that are configured for point to point connections
|
||||
or are not currently up are now skipped. (markt)
|
||||
+ Fix: 69121: Ensure that the onComplete() event is triggered if
|
||||
AsyncListener.onError() dispatches to a target that throws an exception.
|
||||
(markt)
|
||||
+ Fix: Following the trailer header field refactoring, -1 is no longer an
|
||||
allowed value for maxTrailerSize. Adjust documentation accordingly. (remm)
|
||||
+ Fix: 69068: Ensure read timouts are triggered for asynchronous,
|
||||
non-blocking reads when using HTTP/2. (markt)
|
||||
+ Update: 69133: Add task queue size configuration on the Connector element,
|
||||
similar to the Executor element, for consistency. (remm)
|
||||
+ Fix: Make counting of active HTTP/2 streams per connection more robust.
|
||||
(markt)
|
||||
+ Add: Add support for TLS 1.3 client initiated re-keying. (markt)
|
||||
+ Fix: Align non-secure and secure writes with NIO and skip the write
|
||||
attempt when there are no bytes to be written. (markt)
|
||||
+ Fix: Allow any positive value for socket.unlockTimeout. If a negative or
|
||||
zero value is configured, the default of 250ms will be used. (mark)
|
||||
+ Fix: Reduce the time spent waiting for the connector to unlock. The
|
||||
previous default of 10s was noticeably too long for cases where the unlock
|
||||
has failed. The wait time is now 100ms plus twice socket.unlockTimeout.
|
||||
(markt)
|
||||
+ Fix: Ensure that the onAllDataRead() event is triggered when the request
|
||||
body uses chunked encoding and is read using non-blocking IO. (markt)
|
||||
+ Fix: 68934: Add debug logging in the latch object when exceeding
|
||||
maxConnections. (remm)
|
||||
+ Fix: Refactor trailer field handling to use a MimeHeaders instance to
|
||||
store trailer fields. (markt)
|
||||
+ Fix: Ensure that multiple instances of the same trailer field are handled
|
||||
correctly. (markt)
|
||||
+ Fix: Fix non-blocking reads of chunked request bodies. (markt)
|
||||
+ Fix: When an invalid HTTP response header was dropped, an off-by-one error
|
||||
meant that the first header in the response was also dropped. Fix based on
|
||||
pull request #710 by foremans. (markt)
|
||||
+ Fix: Add threadsMaxIdleTime attribute to the endpoint, to allow
|
||||
configuring the amount of time before an internal executor will scale back
|
||||
to the configured minSpareThreads size. (remm)
|
||||
* WebSocket
|
||||
+ Fix: 68884: Reduce the write timeout when writing WebSocket close messages
|
||||
for abnormal closes. The timeout defaults to 50 milliseconds and may be
|
||||
controlled using the
|
||||
org.apache.tomcat.websocket.ABNORMAL_SESSION_CLOSE_SEND_TIMEOUT property
|
||||
in the user properties collection associated with the WebSocket session.
|
||||
(markt)
|
||||
* Other
|
||||
+ Update: Add test-only build target to allow running only the testsuite,
|
||||
supporting Java versions down to the minimum supported to run Tomcat.
|
||||
(rjung)
|
||||
+ Update: Update UnboundID to 7.0.1. (markt)
|
||||
+ Update: Update to SpotBugs 4.8.6. (markt)
|
||||
+ Update: Remove cglib dependency as it is not required by the version of
|
||||
EasyMock used by the unit tests. (markt)
|
||||
+ Update: Update EasyMock to 5.3.0. This adds a test dependency on
|
||||
Byte-Buddy 1.14.17. (markt)
|
||||
+ Add: Improvements to Czech translations by Vladimír Chlup. (markt)
|
||||
+ Add: Improvements to French translations. (remm)
|
||||
+ Add: Improvements to Japanese translations by tak7iji. (markt)
|
||||
+ Add: Improvements to Chinese translations by fangzheng. (markt)
|
||||
+ Update: Revert Derby to 10.16.1.1 as that is the latest version of Derby
|
||||
that runs on Java 17. (markt)
|
||||
+ Update: Update to Commons Daemon 1.4.0. (markt)
|
||||
+ Update: Update to Objenesis 3.4. (markt)
|
||||
+ Update: Update to Checkstyle 10.17.0. (markt)
|
||||
+ Update: Update to SpotBugs 4.8.5. (markt)
|
||||
+ Add: Improvements to French translations. (remm)
|
||||
+ Add: Improvements to Japanese translations by tak7iji. (markt)
|
||||
+ Update: Switch to using the Base64 encoder and decoder provided by the JRE
|
||||
rather than the version provided by Commons Codec. The internal fork of
|
||||
Commons Codec has been deprecated and will be removed in Tomcat 11.
|
||||
(markt)
|
||||
+ Update: Update NSIS to 3.10. (mark0t)
|
||||
+ Update: Update UnboundID to 7.0.0. (markt)
|
||||
+ Update: Update Checkstyle to 10.16.0. (markt)
|
||||
+ Update: Update JaCoCo to 0.8.12. (markt)
|
||||
+ Update: Update SpotBugs to 4.8.4. (markt)
|
||||
+ Update: Update the internal fork of Apache Commons BCEL to 6.9.0. (markt)
|
||||
+ Update: Update the internal fork of Apache Commons DBCP to 2.12.0. (markt)
|
||||
+ Add: Improvements to Japanese translations by tak7iji. (markt)
|
||||
+ Update: Update Checkstyle to 10.14.1. (markt)
|
||||
+ Update: Update the internal fork of Apache Commons BCEL to 6.8.2. (markt)
|
||||
+ Update: Update the internal fork of Apache Commons Codec to 1.16.1.
|
||||
(markt)
|
||||
+ Add: Improvements to French translations. (remm)
|
||||
+ Add: Improvements to Japanese translations by tak7iji. (remm)
|
||||
+ Add: Improvements to Chinese translations by leeyazhou. (remm)
|
||||
- Modified patch:
|
||||
* tomcat-9.0-build-with-java-11.patch
|
||||
+ rediff to changed context
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 5 14:24:14 UTC 2024 - Ricardo Mestre <ricardo.mestre@suse.com>
|
||||
|
||||
|
@ -22,7 +22,7 @@
|
||||
%define elspec 3.0
|
||||
%define major_version 9
|
||||
%define minor_version 0
|
||||
%define micro_version 87
|
||||
%define micro_version 91
|
||||
%define packdname apache-tomcat-%{version}-src
|
||||
# FHS 2.3 compliant tree structure - http://www.pathname.com/fhs/2.3/
|
||||
%global basedir /srv/%{name}
|
||||
|
Loading…
Reference in New Issue
Block a user