From 0e5a696eeda1bf7db974e0500ce90593d2e6def6aea3dd76284751b7940d21e4 Mon Sep 17 00:00:00 2001
From: Fridrich Strba <fstrba@suse.com>
Date: Mon, 30 Oct 2023 10:54:18 +0000
Subject: [PATCH] Accepting request 1121130 from
 home:mbussolotto:branches:Java:packages

Add info to the current changelog
  * Fixed CVEs:
    + CVE-2023-45648: Improve trailer header parsing (bsc#1216118)
    + CVE-2023-42794: FileUpload: remove tmp files to avoid DoS
      on Windows (bsc#1216120)
    + CVE-2023-42795: Improve handling of failures during recycle()
      methods (bsc#1216119)

OBS-URL: https://build.opensuse.org/request/show/1121130
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=279
---
 tomcat.changes | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tomcat.changes b/tomcat.changes
index 7c78887..6cc94dc 100644
--- a/tomcat.changes
+++ b/tomcat.changes
@@ -2,6 +2,12 @@
 Fri Oct 13 11:12:07 UTC 2023 - Fridrich Strba <fstrba@suse.com>
 
 - Update to Tomcat 9.0.82
+  * Fixed CVEs:
+    + CVE-2023-45648: Improve trailer header parsing (bsc#1216118)
+    + CVE-2023-42794: FileUpload: remove tmp files to avoid DoS 
+      on Windows (bsc#1216120)
+    + CVE-2023-42795: Improve handling of failures during recycle()
+      methods (bsc#1216119)
   * Catalina
     + Add: 65770: Provide a lifecycle listener that will
       automatically reload TLS configurations a set time before the