From 3e36252fe44a5057f5500bb1cd6710d0a92defe104a8b932c41e2466f245e4cc Mon Sep 17 00:00:00 2001 From: Matei Albu Date: Mon, 22 Apr 2019 19:57:57 +0000 Subject: [PATCH] Accepting request 696887 from home:mateialbu:branches:Java:packages - Update to Tomcat 9.0.19. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.19_(markt) Notable packaging changes: - File /usr/share/java/tomcat/catalina-jmx-remote.jar was removed. The classes contained in this jar were merged into /usr/share/java/tomcat/catalina.jar. - Fixed CVEs: - CVE-2019-0199 (bsc#1131055) - Rebased patch: - tomcat-9.0-JDTCompiler-java.patch - tomcat-9.0-javadoc.patch OBS-URL: https://build.opensuse.org/request/show/696887 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=161 --- apache-tomcat-9.0.14-src.tar.gz | 3 -- apache-tomcat-9.0.14-src.tar.gz.asc | 16 --------- apache-tomcat-9.0.19-src.tar.gz | 3 ++ apache-tomcat-9.0.19-src.tar.gz.asc | 16 +++++++++ tomcat-9.0-JDTCompiler-java.patch | 50 +++++++++++++++++----------- tomcat-9.0-javadoc.patch | 51 +++++++++++++++-------------- tomcat.changes | 15 +++++++++ tomcat.spec | 13 +++----- 8 files changed, 94 insertions(+), 73 deletions(-) delete mode 100644 apache-tomcat-9.0.14-src.tar.gz delete mode 100644 apache-tomcat-9.0.14-src.tar.gz.asc create mode 100644 apache-tomcat-9.0.19-src.tar.gz create mode 100644 apache-tomcat-9.0.19-src.tar.gz.asc diff --git a/apache-tomcat-9.0.14-src.tar.gz b/apache-tomcat-9.0.14-src.tar.gz deleted file mode 100644 index 8a91613..0000000 --- a/apache-tomcat-9.0.14-src.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c91d8cc379ad37a16d838fb3049e97d2db92df0f46f10b67ff3010c6b33b651c -size 5472704 diff --git a/apache-tomcat-9.0.14-src.tar.gz.asc b/apache-tomcat-9.0.14-src.tar.gz.asc deleted file mode 100644 index 8e8be81..0000000 --- a/apache-tomcat-9.0.14-src.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEqcXfTSLpmZjZh1pREMAcWi9gWecFAlwJkkgACgkQEMAcWi9g -WechQA/+JcbtAqQC+Dz88Xgzi8RWrsLK8geM+d3PXzE26VZgOlJpRjLMvBM5aGo2 -EJmxXiuaPW8FSoUHUZhcwkx2vVfZR4EIwKoEnBOBqWBXXoQmBM5fq2HazQdeHjKh -3qtzOH54jA72FPJZK/AcKAK0mdB3TwYRclrIAS3OtrW52M/Fbx2JI3SRVhayE53W -Hp/s3+EWf7EGbUsMzhddcqq7auXFHIZIxCJMRI3CjAY5+/6zURMVXwO6Hb0tvzyG -K6wwkkFdb+nDCDsW0PIeRqzv19YSjFXlN7Excb7d2/Beq8v2WLSpQvMyKoKQ34WM -t+60EJC5uxl125GGvxV89up4X//eRqAKNB533b+LWa0X5vqIBe6piqSx7B6oSrve -qHrHzy0eJAX7gIzUaHKG2yUrJk0PKA9J66+QOu0JiCoHNNvy5LVazilPfhekl/2O -xSjLluNn1jZVXpu29jHK5HTffPj/L9L+rw/8mdeFGJ+LHjlTMyNRMULItSAKI4nS -CYvIQrBMxO/1TaiEouKLIR6eS+/X1VfVI2n0uxicsR4sU692BUOUvEbuKZR8n8ur -2afEt951eZAXyjBoA/BWqftNF76LgOMcu97GCnI2Y7PUe9T6r5bR2JVNnL7LlIRA -yaSLBznjXafkMCidPXL4aj7GJejWOr5hXMV9yrET7UEc5XYo3uo= -=Gb8r ------END PGP SIGNATURE----- diff --git a/apache-tomcat-9.0.19-src.tar.gz b/apache-tomcat-9.0.19-src.tar.gz new file mode 100644 index 0000000..d8da9f9 --- /dev/null +++ b/apache-tomcat-9.0.19-src.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7c6754ec97952af5d6c6f26c9b174539f9de8872821a479a4120fd751a18b4b0 +size 5692733 diff --git a/apache-tomcat-9.0.19-src.tar.gz.asc b/apache-tomcat-9.0.19-src.tar.gz.asc new file mode 100644 index 0000000..92d8d4c --- /dev/null +++ b/apache-tomcat-9.0.19-src.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEqcXfTSLpmZjZh1pREMAcWi9gWecFAlywoI0ACgkQEMAcWi9g +WefXaQ/+Nza3NLb9JYQYU6WuJJiFcO2P0BXsXnagKkN0iMe632fm8turA9B2KCDz +qglkPI3tGPf+LjXyZK2EJVvWTzBNVNRA7iPRBOwU3W+c3xvjlHsrhOZzL8FOiVi3 +gDELgtLWUXhhMPD5ve+lXTXDF8MiYr/plw0ec/M6qTARqcSYTpH+gaqqqYal5CTX +TE6c7/UE3ZvUVRXMiwSelHQZcciYn94iJGVF1BJr4HirXUEBkpyDKX5hK4+WPVLx +R7FrMSerD5yUZVEa8RmWgzzvBfHTSMpNtiEndpii3pudl89xFbVfGqOrr5PPmWBj +wZHj+PKsSvDC+pvbzc3OiB2gAYzahN5l6oZAqiULqrR/5W9RKVt6P/um8+YPY5hZ +kNSB5lA21RASp0UO19kMy08io5dyfd9T91BoiWDGtwnz/h6pjtDDmgsR82s3J1I1 +3gXzzhySWnD7cED3XF+8kCZWt+sW8ZnRptkBamCZlk7eHfW2lT1NNTs32bC6NEr1 +zx3MKb2pp7XsGMaUW/NrG/MWDpiA7ZI16NHtCGhwapaC/LjZDfd6eRdw9ooTHZQ7 +cAbXMAscGzq+GxArCvfBvbg3mjNW1nB4xD828Ngm98sisP5XYhpJXShXkjN23Yh3 +hRTxvpxG+3BDB76n9SvbQOqkPGXjIZ8fdF8IJIE6i6O9sNXSQ2Y= +=UMwe +-----END PGP SIGNATURE----- diff --git a/tomcat-9.0-JDTCompiler-java.patch b/tomcat-9.0-JDTCompiler-java.patch index 89ec32f..259759b 100644 --- a/tomcat-9.0-JDTCompiler-java.patch +++ b/tomcat-9.0-JDTCompiler-java.patch @@ -1,11 +1,8 @@ -Index: java/org/apache/jasper/compiler/JDTCompiler.java -IDEA additional info: -Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP -<+>UTF-8 +Index: apache-tomcat-9.0.19-src/java/org/apache/jasper/compiler/JDTCompiler.java =================================================================== ---- java/org/apache/jasper/compiler/JDTCompiler.java (revision 6bbf738a0e56d1793022b15e9aca9b690699216b) -+++ java/org/apache/jasper/compiler/JDTCompiler.java (date 1534261527000) -@@ -312,15 +312,16 @@ +--- apache-tomcat-9.0.19-src.orig/java/org/apache/jasper/compiler/JDTCompiler.java ++++ apache-tomcat-9.0.19-src/java/org/apache/jasper/compiler/JDTCompiler.java +@@ -312,18 +312,18 @@ public class JDTCompiler extends org.apa CompilerOptions.VERSION_1_7); } else if(opt.equals("1.8")) { settings.put(CompilerOptions.OPTION_Source, @@ -16,18 +13,24 @@ Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP } else if(opt.equals("9") || opt.equals("1.9")) { settings.put(CompilerOptions.OPTION_Source, - CompilerOptions.VERSION_9); -+ "9"); ++ "9"); // CompilerOptions.VERSION_9 } else if(opt.equals("10")) { settings.put(CompilerOptions.OPTION_Source, - CompilerOptions.VERSION_10); -+ "10"); -+ - } else { - log.warn("Unknown source VM " + opt + " ignored."); ++ "10"); // CompilerOptions.VERSION_10 + } else if(opt.equals("11")) { settings.put(CompilerOptions.OPTION_Source, -@@ -366,19 +367,19 @@ +- CompilerOptions.VERSION_11); ++ "11"); // CompilerOptions.VERSION_11 + } else if(opt.equals("12")) { + // Constant not available in latest ECJ version shipped with + // Tomcat. May be supported in a snapshot build. +@@ -377,26 +377,26 @@ public class JDTCompiler extends org.apa + CompilerOptions.VERSION_1_7); + } else if(opt.equals("1.8")) { settings.put(CompilerOptions.OPTION_TargetPlatform, - CompilerOptions.VERSION_1_8); +- CompilerOptions.VERSION_1_8); ++ "1.8"); // CompilerOptions.VERSION_1_8 settings.put(CompilerOptions.OPTION_Compliance, - CompilerOptions.VERSION_1_8); + "1.8"); // CompilerOptions.VERSION_1_8 @@ -36,17 +39,24 @@ Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP } else if(opt.equals("9") || opt.equals("1.9")) { settings.put(CompilerOptions.OPTION_TargetPlatform, - CompilerOptions.VERSION_9); -+ "9"); // CompilerOptions.VERSION_1_9 ++ "9"); // CompilerOptions.VERSION_9 settings.put(CompilerOptions.OPTION_Compliance, - CompilerOptions.VERSION_9); -+ "9"); // CompilerOptions.VERSION_1_9 ++ "9"); // CompilerOptions.VERSION_9 } else if(opt.equals("10")) { settings.put(CompilerOptions.OPTION_TargetPlatform, - CompilerOptions.VERSION_10); -+ "10"); ++ "10"); // CompilerOptions.VERSION_10 settings.put(CompilerOptions.OPTION_Compliance, - CompilerOptions.VERSION_10); -+ "10"); - } else { - log.warn("Unknown target VM " + opt + " ignored."); ++ "10"); // CompilerOptions.VERSION_10 + } else if(opt.equals("11")) { settings.put(CompilerOptions.OPTION_TargetPlatform, +- CompilerOptions.VERSION_11); ++ "11"); // CompilerOptions.VERSION_11 + settings.put(CompilerOptions.OPTION_Compliance, +- CompilerOptions.VERSION_11); ++ "11"); // CompilerOptions.VERSION_11 + } else if(opt.equals("12")) { + // Constant not available in latest ECJ version shipped with + // Tomcat. May be supported in a snapshot build. diff --git a/tomcat-9.0-javadoc.patch b/tomcat-9.0-javadoc.patch index 20877dd..b2e7b96 100644 --- a/tomcat-9.0-javadoc.patch +++ b/tomcat-9.0-javadoc.patch @@ -1,8 +1,8 @@ -Index: apache-tomcat-9.0.12-src/build.xml +Index: apache-tomcat-9.0.17-src/build.xml =================================================================== ---- apache-tomcat-9.0.12-src.orig/build.xml -+++ apache-tomcat-9.0.12-src/build.xml -@@ -1861,10 +1861,11 @@ Apache Tomcat ${version} native binaries +--- apache-tomcat-9.0.17-src.orig/build.xml ++++ apache-tomcat-9.0.17-src/build.xml +@@ -1811,10 +1811,11 @@ Apache Tomcat ${version} native binaries encoding="UTF-8" docencoding="UTF-8" charset="UTF-8" @@ -14,8 +14,22 @@ Index: apache-tomcat-9.0.12-src/build.xml + failonwarning="false"> - -@@ -1882,10 +1883,11 @@ Apache Tomcat ${version} native binaries + +@@ -1830,11 +1831,12 @@ Apache Tomcat ${version} native binaries + bottom="Copyright &#169; 2000-${year} Apache Software Foundation. All Rights Reserved." + encoding="UTF-8" + docencoding="UTF-8" ++ source="${compile.source}" + charset="UTF-8" + additionalparam="-breakiterator -notimestamp" + maxmemory="512m" + failonerror="true" +- failonwarning="true"> ++ failonwarning="false"> + + + +@@ -1851,10 +1853,11 @@ Apache Tomcat ${version} native binaries encoding="UTF-8" docencoding="UTF-8" charset="UTF-8" @@ -27,8 +41,8 @@ Index: apache-tomcat-9.0.12-src/build.xml + failonwarning="false"> - -@@ -1903,10 +1905,11 @@ Apache Tomcat ${version} native binaries + +@@ -1871,10 +1874,11 @@ Apache Tomcat ${version} native binaries encoding="UTF-8" docencoding="UTF-8" charset="UTF-8" @@ -40,21 +54,8 @@ Index: apache-tomcat-9.0.12-src/build.xml + failonwarning="false"> - -@@ -1924,10 +1927,11 @@ Apache Tomcat ${version} native binaries - encoding="UTF-8" - docencoding="UTF-8" - charset="UTF-8" -+ source="${compile.source}" - additionalparam="-breakiterator -notimestamp" - maxmemory="512m" - failonerror="true" -- failonwarning="true"> -+ failonwarning="false"> - - - -@@ -1944,10 +1948,11 @@ Apache Tomcat ${version} native binaries + +@@ -1890,10 +1894,11 @@ Apache Tomcat ${version} native binaries encoding="UTF-8" docencoding="UTF-8" charset="UTF-8" @@ -67,8 +68,8 @@ Index: apache-tomcat-9.0.12-src/build.xml + failonwarning="false"> - -@@ -1957,9 +1962,6 @@ Apache Tomcat ${version} native binaries + +@@ -1902,9 +1907,6 @@ Apache Tomcat ${version} native binaries diff --git a/tomcat.changes b/tomcat.changes index 1b7804b..7e46608 100644 --- a/tomcat.changes +++ b/tomcat.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Mon Apr 22 17:01:17 UTC 2019 - malbu@suse.com + +- Update to Tomcat 9.0.19. See changelog at + http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.19_(markt) + Notable packaging changes: + - File /usr/share/java/tomcat/catalina-jmx-remote.jar was removed. + The classes contained in this jar were merged into + /usr/share/java/tomcat/catalina.jar. +- Fixed CVEs: + - CVE-2019-0199 (bsc#1131055) +- Rebased patch: + - tomcat-9.0-JDTCompiler-java.patch + - tomcat-9.0-javadoc.patch + ------------------------------------------------------------------- Mon Apr 15 13:53:30 UTC 2019 - Fridrich Strba diff --git a/tomcat.spec b/tomcat.spec index 1040be9..3f774e0 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -13,7 +13,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# Please submit bugfixes or comments via http://bugs.opensuse.org/ # @@ -22,7 +22,7 @@ %define elspec 3.0 %define major_version 9 %define minor_version 0 -%define micro_version 14 +%define micro_version 19 %define packdname apache-tomcat-%{version}-src # FHS 2.3 compliant tree structure - http://www.pathname.com/fhs/2.3/ %global basedir /srv/%{name} @@ -260,7 +260,7 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name " -name "*.jar" -o -name "*.war" -o -name "*.zip" \) -print -delete %patch0 %patch1 -%patch2 +%patch2 -p1 %patch3 %patch4 -p1 %patch5 -p1 @@ -303,7 +303,7 @@ ant -Dbase.path="." \ -Dno.build.dbcp=true \ -Dversion="%{version}" \ -Dversion.build="%{micro_version}" \ - deploy dist-prepare dist-source javadoc package embed-jars extras-jmx-remote + deploy dist-prepare dist-source javadoc package embed-jars # remove some jars that we'll replace with symlinks later rm output/build/bin/commons-daemon.jar \ @@ -376,11 +376,6 @@ pushd output/embed cp -a *.jar %{buildroot}%{libdir} popd -# tomcat extras -pushd output/extras - cp -a *.jar %{buildroot}%{libdir} -popd - # javadoc cp -a output/dist/webapps/docs/api/* %{buildroot}%{_javadocdir}/%{name}