pool/tomcat
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=273

Browse Source
This commit is contained in:
Fridrich Strba 2023-09-21 20:06:00 +00:00 committed by Git OBS Bridge
parent b2fc5bc4ae
commit ddb247a2f7
8 changed files with 429 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
apache-tomcat-9.0.75-src.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:35fee3552179eb0ee1ed3b0ec4785d94b9e7402bb23f1aeb223178b7e4645a82
size 6241477

16
apache-tomcat-9.0.75-src.tar.gz.asc
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEESPjmn2OQyfJc/tzSaCSJWTWecisFAmRTrhwACgkQaCSJWTWe
cisKuA/+IQFNKHTyMq7uCBmSMpfqzdFH6tE3MiUFAvHfNE7MuYBtyCFkTmryNP2j
wAHuvT8qJYyglhTkP6Ra+4EipLltAZEPF6a5K9PYQEtCmEo0BlpJq8Bln0Re8nzs
z1JEPsPlIlJkx3utfX+QSVn9/roTK+RdP0x4FMxD7Ujg00UOZ1kr5Z+VY4ArT3QC
H2yriYiPAk5WX2ovtyhvnF606TcZGU9wUcUVaQMNDETjmFD4aS7PuhcwpNU/ZbS9
vB8psCwb75U1iOE9oRfXDQbxvOAUhcAJPPVaS88I0iDNYlp870l/nUCTotFm14yG
uHXEE/XDVN2aojLH302AxZjTbXqXAga5TBT0aFAL3UWzqdz9UA/2sZqbjr0gN4U6
ggZ6wc8B1CqzuT7xFOI+ugMNokXt4CZdZ4bjFLfRCU8ZEpIoPsW6f6vtVRKUwAU2
1Fr/XsGnTwVcIvnlD0PrLd4RGRqgdAzhIXZ5+q//1ls/hEXDx63AkYkv0T6AtaFn
tuoLXcF7plWAQXHq+qKtjWIKjLDItZAEpvLI3Jd3Nf9cJgS+qiyCfijh9Z9y24ts
FgcYFPVxbDMsv4nEPdHDRw9rwx0AJzLSw4XofrBiw3uEYvUbV+zJQSxzNa2hPAGd
IJEADr8Ou1JLg5HgH7qVyx94ifeOKocBOoO3RhTMP6lOJN0cJ3E=
=bv2c
-----END PGP SIGNATURE-----

3
apache-tomcat-9.0.80-src.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f35fa7fe8d9de6ca08972d625c3a51297d367805d6281ff6f6610f612753b62f
size 6272358

17
apache-tomcat-9.0.80-src.tar.gz.asc Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIzBAABCAAdFiEEqcXfTSLpmZjZh1pREMAcWi9gWecFAmTmhA4ACgkQEMAcWi9g
Wef41BAAhMvH7+ycd0O90vsdFd1CkEAOyTeewkbFucuVa+YNGwfvyfLvbYv2pqeP
V/u2V2FO9qssGWXbF1ZHs6YQSnPS2Z6XqcoFUZ1NndbbyTOal2XIdbU7fLsPIHRk
a3HpE0h/TTLRr3LOWGZywD+1vgaQJFMFSihdKRMz+j77OeyphByrUm3Y9w8mw5o2
pFJvAyq2/ABEhY7rOyqa9qjMaUY0a0QDs13DZSElfQtg9xJh2pML7VXEZtnt6c8E
qhOkgmgro+FcZi1Oyw9ytBIEorZmGnWZSQ/20PqPxLr/AOa+TtVkr8dz+lPZJhfa
vOUZ0EQ1/UoOU8K1yEoVHbzISTW/DXaCCPJKyCHMD0GfgAAaqC8oKxtP8lklC3Hv
OHOae+jskTwRAMxPkCts12pr45DAyw6kHqaSYW7in/xQBv/1wJuYsFtSXlaIup70
gxOHeqWxZBguFpFsCrnvpAsHEBQ/zaldNkC7XnufuCrZXvzTIkk6bXltnqBVO2CE
l7xNCFAJaqBOR38hsvZgmSSDPJHceYwcU2Y8ZAtgU/RM+UiApI53+kDNIsL9KYlu
7dXmWXY/LCIi8rXbcnbvyYVBOjH6NIcPom27JFY3PlUWAOSMCb9i9tpj5Eu9h68N
y290iYqM/e9/lULx2oA8S8KMGmFzdsMWGVC3yFUIa++br1c79D8=
=xcTN
-----END PGP SIGNATURE-----

41
tomcat-9.0.75-CVE-2023-41080.patch
View File

@ -1,41 +0,0 @@
From 77c0ce2d169efa248b64b992e547aad549ec906b Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Tue, 22 Aug 2023 11:31:23 -0700
Subject: [PATCH] Avoid protocol relative redirects
---
.../apache/catalina/authenticator/FormAuthenticator.java | 6 ++++++
webapps/docs/changelog.xml | 3 +++
2 files changed, 9 insertions(+)
Index: apache-tomcat-9.0.75-src/java/org/apache/catalina/authenticator/FormAuthenticator.java
===================================================================
--- apache-tomcat-9.0.75-src.orig/java/org/apache/catalina/authenticator/FormAuthenticator.java
+++ apache-tomcat-9.0.75-src/java/org/apache/catalina/authenticator/FormAuthenticator.java
@@ -747,6 +747,12 @@ public class FormAuthenticator extends A
sb.append('?');
sb.append(saved.getQueryString());
}
+
+ // Avoid protocol relative redirects
+ while (sb.length() > 1 && sb.charAt(1) == '/') {
+ sb.deleteCharAt(0);
+ }
+
return sb.toString();
}
}
Index: apache-tomcat-9.0.75-src/webapps/docs/changelog.xml
===================================================================
--- apache-tomcat-9.0.75-src.orig/webapps/docs/changelog.xml
+++ apache-tomcat-9.0.75-src/webapps/docs/changelog.xml
@@ -134,6 +134,9 @@
file locking protection or the manager servlet. Submitted
by Jack Shirazi. (remm)
</fix>
+ <fix>
+ Avoid protocol relative redirects in FORM authentication. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">

169
tomcat.changes
View File

@ -1,3 +1,172 @@
-------------------------------------------------------------------
Thu Sep 21 16:41:56 UTC 2023 - Fridrich Strba <fstrba@suse.com>
- Update to Tomcat 9.0.80
* Catalina
+ Add RateLimitFilter which can be used to mitigate DoS and
Brute Force attacks
+ Move the management of the utility executor from the
init()/destroy() methods of components to the start()/stop()
methods.
+ Add org.apache.catalina.core.StandardVirtualThreadExecutor,
a virtual thread based executor that may be used with one or
more Connectors to process requests received by those
Connectors using virtual threads. This Executor requires a
minimum Java version of Java 21.
+ 66513: Add a per session Semaphore to the PersistentValve that
ensures that, within a single Tomcat instance, there is no
more than one concurrent request per session. Also expand the
debug logging to include whether a request bypasses the Valve
and the reason if a request fails to obtain the per session
Semaphore.
+ 66609: Ensure that the default servlet correctly escapes file
names in directory listings when using XML output.
+ 66618: Add a numeric last modified field to the XML directory
listings produced by the default servlet to enable sorting in
the XSLT.
+ 66621: Attempts to lock a collection with WebDAV may
incorrectly fail if a child collection has an expired lock.
+ 66622: Deprecate the xssProtectionEnabled setting from the
HttpHeaderSecurityFilter and change the default value to false
as support for the associated HTTP header has been removed
from all major browsers.
+ 59232: Add org.apache.catalina.core.ContextNamingInfoListener,
a listener which creates context naming information
environment entries.
+ 66665: Add
org.apache.catalina.core.PropertiesRoleMappingListener, a
listener which populates the context's role mapping from a
properties file.
+ Fix an edge case where intra-web application symlinks would be
followed if the web applications were deliberately crafted to
allow it even when allowLinking was set to false.
+ Add utility config file resource lookup on Context to allow
looking up resources from the webapp (prefixed with webapp:)
and make the resource lookup API more visible.
+ Fix potential database connection leaks in
DataSourceUserDatabase identified by Coverity Scan.
+ Make parsing of ExtendedAccessLogValve patterns more robust.
+ Fix failure trying to persist configuration for an internal
credential handler.
+ 66680: When serializing a session during the session
presistence process, do not log a warning that null Principals
are not serializable.
+ Catch NamingException in JNDIRealm#getPrincipal. It is used in
Java up to 17 to signal closed connections.
+ 66822: Use the same naming format in log messages for
Connector instances as the associated ProtocolHandler instance.
+ The parts count should also lower the actual maxParameterCount
used for parsing parameters if parts are parsed first.
+ If an application or library sets both a non-500 error code
and the javax.servlet.error.exception request attribute, use
the provided error code during error page processing rather
than assuming an error code of 500.
+ Update code comments and Tomcat output to use MiB for
1024 * 1024 bytes and KiB for 1024 bytes rather than
MB and kB.
+ Avoid protocol relative redirects in FORM authentication
(CVE-2023-41080, bsc#1214666).
* Coyote
+ Update the HTTP/2 implementation to use the prioritization
scheme defined in RFC 9218 rather than the one defined in
RFC 7540.
+ 66602: not sending WINDOW_UPDATE when dataLength is ZERO on
call SwallowedDataFramePayload.
+ 66627: Restore the documented behaviour of
MessageBytes.getType() that it returns the type of the
original content rather than reflecting the most recent
conversion.
+ 66635: Correct certificate logging on start-up so it
differentiates between keystore based keys/certificates and
PEM file based keys/certificates and logs the relevant
information for each.
+ Refactor blocking reads and writes for the NIO connector to
remove code paths that could allow a notification from the
Poller to be missed resuting in a timeout rather than the
expected read or write.
+ Refactor waiting for an HTTP/2 stream or connection window
update to handle spurious wake-ups during the wait.
+ Correct a regression introduced in 9.0.78 and use the correct
constant when constructing the default value for the
certificateKeystoreFile attribute of an
SSLHostConfigCertificate instance.
+ Refactor HTTP/2 implementation to reduce pinning when using
virtual threads.
+ Pass through ciphers referring to an OpenSSL profile, such as
PROFILE=SYSTEM instead of producing an error trying to parse
it.
+ 66841: Ensure that AsyncListener.onError() is called after an
error during asynchronous processing with HTTP/2.
+ 66842: When using asynchronous I/O (the default for NIO and
NIO2), include DATA frames when calculating the HTTP/2
overhead count to ensure that connections are not prematurely
terminated.
+ Correct a race condition that could cause spurious RST
messages to be sent after the response had been written to an
HTTP/2 stream.
* WebSocket
+ 66548: Expand the validation of the value of the
Sec-Websocket-Key header in the HTTP upgrade request that
initiates a WebSocket connection. The value is not decoded but
it is checked for the correct length and that only valid
characters from the base64 alphabet are used.
+ Improve handling of error conditions for the WebSocket server,
particularly during Tomcat shutdown.
+ Correct a regression in the fix for 66574 that meant the
WebSocket session could return false for onOpen() before the
onClose() event had been completed.
+ 66681: Fix a NullPointerException when flushing batched
messages with compression enabled using permessage-deflate.
* Web applications
+ Documentation. Expand the security guidance to cover the
embedded use case and add notes on the uses made of the
java.io.tmpdir system property.
+ 66662: Documentation. Fix a typo in the name of the algorithms
attribute in the configuration section for the Digest
authentication value.
+ Documentation. Update documentation to use MiB for
1024 * 1024 bytes and KiB for 1024 bytes rather than
MB and kB.
* jdbc-pool
+ Fix the releaseIdleCounter does not increment when testAllIdle
releases them.
+ Fix the ConnectionState state will be inconsistent with actual
state on the connection when an exception occurs while
writing.
* Other
+ Update to Commons Daemon 1.3.4.
+ Improvements to French translations.
+ Update Checkstyle to 10.12.0.
+ Update the packaged version of the Apache Tomcat Native
Library to 1.2.37 to pick up the Windows binaries built with
with OpenSSL 1.1.1u.
+ Include the Windows specific binary distributions in the files
uploaded to Maven Central.
+ Improvements to French translations.
+ Improvements to Japanese translations.
+ Update UnboundID to 6.0.9.
+ Update Checkstyle to 10.12.1.
+ Update BND to 6.4.1.
+ Update JSign to 5.0.
+ Correct properties for JSign dependency.
+ Align documentation for maxParameterCount to match hard-coded
defaults.
+ Update NSIS to 3.0.9.
+ Update Checkstyle to 10.12.2.
+ Improvements to French translations.
+ Improvements to Japanese translations.
+ 66829: Fix quoting so users can use the _RUNJAVA environment
variable as intended on Windows when the path to the Java
executable contains spaces.
+ Update Tomcat Native to 1.2.38 to pick up Windows binaries
built with OpenSSL 1.1.1v.
+ Improvements to Chinese translations.
+ Improvements to French translations.
+ Improvements to Japanese translations
- Removed patch:
* tomcat-9.0.75-CVE-2023-41080.patch
+ integrated in this version
-------------------------------------------------------------------
Thu Sep 21 13:19:54 UTC 2023 - Michele Bussolotto <michele.bussolotto@suse.com>

287
tomcat.keyring
View File

@ -1,50 +1,237 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFzO4ecBEACVS86VyuTSJmLmApi92R6D3/L3EIBFXhagJbrLkodkTuG9efYo
vM1DJPWEFs5kux8a8UPwn2gbQFPJg1AH77GqjP8gtn0KHQvXgYC9+7cTqDl6C7k9
n3BkB9bRIhHileYyIJfnycjJdrGFEmwGu0pBOEdr01R0kFprqYu9DwcD6oUvmZRn
OMoQQeLEC0cw/VzJ/ZqzJwO0t+rMCozqJ9/BfJZUqwijDZnJAZWnIVxjqxrUgyYA
5/0g9X8YHrIz09XuzaE64VAl0q3nrFJWvDCwE/ZM7w8jlUqtQgLu4K2U82G0YXw3
KJ1EbigEmtEohu6HVnAToCJuOnQ8m0rZxbyNMeYF9pyohdFEca4I0B8Evy2dYFnJ
Y2gghuU80vct54536WWz9mAjKwBFQUtxX0EjYrYN9ckzCK6fRqrnVv0USVp7N/ZY
PQkOEJSdmRdpvTMwfCuAyT0/3cxuC7NyAWiZDXJv7OVcDr/REfWAA7XMQOErwdGJ
gViG58YhLw0Pgdumg+prqQXowzlRzGAsV5VntCh+4LV8/ESmvWAE3V+jgZFB3cSp
g58NKjp1EwKwX6BCICyX+Oe03cnlC0UJ7S9FccrjNrkiwxxOVAnmy4kxX/P3Cuqc
C/b6BeeUA1hBNWNe42mr6YczS+dhpCSUVWQJp/TxdoXA2fGG1OS1FMaICwARAQAB
tCBSZW15IE1hdWNoZXJhdCA8cmVtbUBhcGFjaGUub3JnPokCOAQTAQIAIgUCXM7h
5wIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQaCSJWTWecisVSA/9Eh3h
0jeyy51rA1nqq9imbH0YC85A/wZjhb06UXwWBPozJR8UJsOJZ7kBzCW4gfkC9zTD
GStSHHAej9o96FHVRLzCyjaaZVuRUl2qCz9U+pnGMxb5aRNVAQ/wE10hHu3Yc+48
cc0sPCCPMdshAj1VOHczTU/LSv21TWBaKO3NMV9KilPzKvXHdPFYssVcUt2NgQLm
2Bx/ELTCVj5c9Ih2cz3T7kxf8LKsGALIfjcp8g9DlvMjVLKBFZqU94C4V0mba2Fd
6xHpdmcgMbSNo6poQ0M0O7CN5qVJFm/v4ZDooLNWRMeL66oen3LrZ8HRpPxfic77
JLKn60dywuYU8WYp7cV+3AnaDn/ggvC1x79LSmX4PFyG9/F5M7gp0HFrVdyc0nBo
UTejZXehwKrfvF/isPf7pUv2fGXwg07zTz8OMLQo4h9poB5YuuinjuxjBfmc2AvB
WbRcKNvHXHUlaVeK+VvohfPuetJESS4YB7fLMQPdGIckDFQub4SvXPNPPToLsbDB
2GGguqhwWD9ECa2o1RqX8LnCdB71uBcyiW8UIkLxwaygsciVm7SFz+pqAKJgzWwI
AsVYVOIKdq0GWaLDtMGJGQFfxuMVmMGGbvueAMcOCSSsGemkElan33VS8Zu1sjeY
P0Jt4ws6gcbUHI27l5Pvk06uWzaN8uyXGA03d4y5Ag0EXM7h5wEQALG3oikRAQqf
um+wW6oW2d1mIk0PtnC3l3/kGTA92kIqJzQ3Ua0mFaVGxdg2J/I1MF7HdlZJbGyP
5b0PdbSjLHFbQfFD6LHsLw9StVrkjbBKYaP0gRWxEIHMN4Qv01I2Lyc9ONlMjUIf
xNK/AG6oT/Ia53VVET78HOj01L7JjBAPuW8UPoy27s2gQ02smbA7iRUeZ3dpN2fy
027aKbimIl1ZrxJbcbxw29PXWJZP+CxJEnqwEw78QbqSsFMAhR9wZHTfEtUzYy6h
hyngwYQ+iBnB+1cYTEB9KbWWpP5n12iuRin77r2RwrHYAW/RUILK2rOJqPcIg6CX
P1o9UKPeN5QE/ScU5427XKZZscaQrvBPoN3G2RWmMuHM2cchXgRRMMaSvufocLjj
gKj/aPUDCkvJ5MyTNtMfVDx0Tw3aQpf2Fr1L1Hu2GyBqifioZGdzLL0LtdeXzkJy
nZGj/L5jzIlNBnQG97rgCuPflbIl2S1izNexnuX2Z1dcyS2MTrj3nnK6HoW+gvCc
oqq01S410wxaAUidJeGwLzgUa9Ig+6BVPT7sZrbc0IoNP+JdoqPxiEkqy4Msy9WJ
RVeJM520Q2T1YM7xm/4E8C7H+Fis5u4GNswk5qsXEOyLcHBzGEik3BDylp+sJ6/F
DuAN7k64RV2m+lKpjngiKZxo9LmqnsWTABEBAAGJAh8EGAECAAkFAlzO4ecCGwwA
CgkQaCSJWTWecishvg//ZDuhkbSUgIIjG9Rzq3cHNxZ4sFrUwL19AtGNktiwt0QA
GCKPnf4SdHZGKSeOqUHeDT/l/5l4Xc/JgRk/t2bEeC3cHE/Xc5V6I2n28HQiJScX
UJdnO3QdTCMEYVedu/9JhmA37eznQhm+UAcxT9tew3nSd0KkkMQyW6YpBEgcdsFd
aLiFPzbySjRWplyCdELPRFtW2ZHnJ5gVGYZ060EOHcdPb/4Gz/mA6dIjQ5N+vKlA
GNdYZgv3w4NRGLmni5T7jDAY6T2CJXxvcgfYfh3oY3aiZaWzKKQyLEVaoZ6dJbsm
mi2if7MZ/SVCMdM3MXiRpCeyyw9MTylGzgwbDYSz2ZkGvy9k+1M75q5QEfvVM8R3
guaBJR+e4fkfsRBUAqwmHy8TrXghf5eOCsJx/9yyRXvK4tnwSBUIzFa1q0POESul
jFWYFkvRjKIYfFWS6cY37sPNLvEQQmP2O07ttaYfIXcMcVF+HsDBUftGRWIkkPn2
LucW7f0Lqlbv/mlJpqByz522jmJRNFLVQh87LYz91FgsLAgDkPpi8mzRrEfb2nHD
+PIKpoO499AKQ8hETMbfzmpJUIV2Bhd7OqKDSf+yHiYSje9evofP+4lDUx3u7tQ3
4OUzLqBRVrhFDI9keHnhOFMJSrnrpXe7Cm9JujvTX/hy2iOpTOuflj0Djsc8dnQ=
=l4Ry
-----END PGP PUBLIC KEY BLOCK-----
This file contains the PGP&GPG keys of various Apache developers.
Please don't use them for email unless you have to. Their main
purpose is code signing.
Apache users: pgp < KEYS
Apache developers:
(pgpk -ll <your name> && pgpk -xa <your name>) >> this file.
or
(gpg --fingerprint --list-sigs <your name>
&& gpg --armor --export <your name>) >> this file.
Apache developers: please ensure that your key is also available via the
PGP keyservers (such as pgpkeys.mit.edu).
pub 1024D/33C60243 2004-09-12
Key fingerprint = DCFD 35E0 BF8C A734 4752 DE8B 6FB2 1E89 33C6 0243
uid Mark E D Thomas <markt@apache.org>
uid Mark E D Thomas <med.thomas@virgin.net>
uid Mark E D Thomas <mark.thomas@springsource.com>
sub 2048g/0BECE548 2004-09-12
pub 4096R/2F6059E7 2009-09-18
Key fingerprint = A9C5 DF4D 22E9 9998 D987 5A51 10C0 1C5A 2F60 59E7
uid Mark E D Thomas <markt@apache.org>
sub 4096R/5E763BEC 2009-09-18
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.9 (MingW32)
mQGiBEFEjegRBADocGttfROvtLGrTOW3xRqZHmFWybmEaI6jmnRdN/1gGXmb3wQL
rHsS3fLFIIOYLPph0Kov9q4qNq36LekShIvjMBDFoj2/wRxaUtFq81asaRZg8Mcw
4kVeIoe8OIOuWmvYhU8SH2jJNUnVVrpTPAa6QWquTmseNi6UJMjLxuL7DwCg//9u
k2yj0vk6e4WSO6Fe5+EkQDED/AjQsy0kj9TpNHkKSSUR2evRlWPYA0YtxBSbsgON
tT0cYipAp5IcYt6Zq5QzHiZreyQXLAjItDS2oGCIXfNbTYJ3kxxJTCU/3wlefVdq
LBh4ttm7gmWaiTDTgG4axLF5oMpAb3m4v6s1KvXVVj2pqkhBknfuoRh1wPqbtwks
7HOIBADVezl1/vny5YzdoqsDx1ByXMLi7CuMexQPllhRbdN+an+ZiJ5YP8J9rPdl
NCELsCCcDKLGLjlp43XfMxsgYAPEZNG2ObjKTarhk3uGYN3aJrx7s+G+c2bu8o2n
SyAFQ1iDsjS87PgSPCONA2/36ZShmv1OjLWz5Vo7hGSPcW4ZdLQiTWFyayBFIEQg
VGhvbWFzIDxtYXJrdEBhcGFjaGUub3JnPohGBBARAgAGBQJJEoLqAAoJEJsf2p88
BiIx2ssAnjsjHqeIOdOQYuNjDxVIqfAQN8vaAJwLv/HLCQwTZdxOFqwt/Pf/Ae5L
6IhGBBARAgAGBQJJE0bmAAoJEJA4TZo1x+lCCH0Anj1yuBFfP+bNK+51xQhqFsSN
cB1vAKCzK5HbowxZd2MjzMU31USprksZTIhGBBARAgAGBQJJGG7wAAoJELDgGPyz
tNmL35kAniTaqQ+uSzJgX1o7Bp8BAFYoQ+o0AKCm4eD3gf06AK20FZwSck8ibIQ2
3ohGBBARAgAGBQJJGekxAAoJEC0hq2VlRht59xoAnRcmnR1vJZsRCGcSuxKv+0nA
FrKsAJ9R7Gdc25unU6zF/UwUs7LdWTIFN4hGBBARAgAGBQJJGjZhAAoJEFuWgBDg
T5qJQLAAniDrgK53AhSBmZRGLU6HaI4jPO6jAJ4gWQWhnovMkAKqLRtc18Z1Q60N
vYhGBBARAgAGBQJJHtOZAAoJEFMmz0Afnhe7pzMAnAu/W6rzeOXe7SoMtbPF4mg/
OycXAJoDQfqJpGoUFEjsoePDY0WOd5hI9YhGBBARAgAGBQJJVjbUAAoJELlbvT+k
PESS4lIAniLTQ0XnArkk0TCIBeSWWRL2SvWjAJ4+9XuK0Mg5Pk2454JbWxXqv0cW
i4hGBBARAgAGBQJJXgPpAAoJEA9FCiZiEL/ADcsAnAns0QDk3Iwb0X1GbhRfRHFf
GeV2AJ9+8rA4UfTtUnFMZZCEdyohyunM5YhKBBARAgAKBQJDme2qAwUDeAAKCRAM
PU85FKClKanOAKCIBOdqECQwSoSS6Bsw/j0rhhhOHQCfTCp+IgPx+uJ9YhhgKDyr
U3psooeIagQQEQIAKgIZAQUbAwAAAAUeAQAAAAUCSrQLBwULCQgHAwUVCgkICwUW
AgMBAAIXgAAKCRBvsh6JM8YCQ/3tAKDTsnK90MamPgLtqRxEDmCMu6mX7ACg5rF4
05TH5JA7h23YfJCsC9ZTeoCIqQQQEQIAaQUCSVsZ6iAcU2FuZGVyIFRlbW1lIDxz
YW5kZXJAdGVtbWUubmV0PiIcU2FuZGVyIFRlbW1lIDxzY3RlbW1lQGFwYWNoZS5v
cmc+HhxTYW5kZXIgVGVtbWUgPHNhbmRlckBtYWMuY29tPgAKCRCyvrxAFSkkr91K
AJ93ymf/0iywAVIno5/T8/QUJSKVBgCfe4UPcLtISs3GI8mpYyjCXq35OEmJARsE
EAECAAYFAkkSbKQACgkQW+YxwZmV0krHkgf407SOW6qaU4nqHUJ5kFPWgcLcVVo2
w4gQ1u6s+HzEXNTmvKZrOIzKJMnttyM2RDklmCwaI/lkJApyMbQoMW5UksTGVgnF
WHKyiYx03SnVNPH+QID9IhPzAvp2rLH9IQUtfu1vxvfsQQEZGNmKXUgaG0OduXTY
J+EkhaIFotOa6pLBcUuqjmbSI840IjnVV5a5wLyonDGFFJ7FbbHDecOcLzI9jmSd
mLQlgXD8XwYe8XqNknc6C4uOniDc+iuDRqzGFAMs7f8YK6C1fh3mWCjuNNQ64wvm
JqvxWinFKh6BpTBecqtXwta1Vzfa3tGKSrWCPfODAUHqXni+hhdEqMftiEYEEBEC
AAYFAkoVTuwACgkQarqkr5Czi1hBvACeLUdijz+jB9K9XGL1O5ZhPv8bEWwAoIIw
5uol5zSFoHcK1WHJI5D9CUhgtCdNYXJrIEUgRCBUaG9tYXMgPG1lZC50aG9tYXNA
dmlyZ2luLm5ldD6IYQQTEQIAIQIbAwIeAQIXgAUCSrQLFgULCQgHAwUVCgkICwUW
AgMBAAAKCRBvsh6JM8YCQ/rAAKCcgX1TjaeqTP62LIxml8Z1hL0cSQCeOZiYPXub
vNxwTWh01BOrh5oztDqIRgQQEQIABgUCSRKC6gAKCRCbH9qfPAYiMTeJAKCfTgLW
8OR8o1SY8DHu5/Lw/QyffQCfefq9NCLX99dWBqQqQhX8Ov/vt1yIRgQQEQIABgUC
SRNG5gAKCRCQOE2aNcfpQsvGAKDh7MWTZaEaEe9zBbiHiUQOtZYsSQCgqdqu199/
TDjuXF+frwmzaZqOB3qIRgQQEQIABgUCSRnpMQAKCRAtIatlZUYbeZNCAJ9e6ogA
O4ZpKrEQHuuJnpPnDYT5fgCaAgyY2X29cnP+r79XpqngCGqKR6iIRgQQEQIABgUC
SRo2ZwAKCRBbloAQ4E+aicu/AJ9w90lBNZNBRpoQ6BpSGi88e7GrOgCfe9sD/Qbj
xJJ4FifW8I0/sHbpaNeIRgQQEQIABgUCSR7TmQAKCRBTJs9AH54XuxYdAJ46GTR8
lGoMPK/hUnjeTZ0neTacyACcC6y/DMgkUi499c/zqq9PbIfq7+2IRgQQEQIABgUC
SVY21AAKCRC5W70/pDxEkvlHAKCKieHMrMKnD2U+43ryLJa1S1hr9gCcDnBl6uvO
7qcTozf9k/S8lYvOGs+IRgQQEQIABgUCSV4D6QAKCRAPRQomYhC/wGLfAKCp+OYb
ANzRA7CKs/3bcGjGmFet+gCffHlkrqm7ZgaBVl/2thvldg+obqmISgQQEQIACgUC
Q5ntuwMFA3gACgkQDD1PORSgpSm/uQCfUdtXgb+/jBVYS9zEFy5MNEssdsIAnRv5
oMNzdqDJ7F/UuU6hUm1QhdkUiKkEEBECAGkFAklbGeogHFNhbmRlciBUZW1tZSA8
c2FuZGVyQHRlbW1lLm5ldD4iHFNhbmRlciBUZW1tZSA8c2N0ZW1tZUBhcGFjaGUu
b3JnPh4cU2FuZGVyIFRlbW1lIDxzYW5kZXJAbWFjLmNvbT4ACgkQsr68QBUpJK/d
SgCfd8pn/9IssAFSJ6Of0/P0FCUilQYAn3uFD3C7SErNxiPJqWMowl6t+ThJiQEc
BBABAgAGBQJJEmykAAoJEFvmMcGZldJKI50H/iCJKvk1gi9oIiL6EISeuSngzsis
Jzcg951BN0GVCvLvvVwKNHD7+myiB2gkKKp2yv/A1DVPaZ7ZNkB4KEPLlorLw7iK
gb4QrqgezJaRcJ3zisTh6JslOKuV/7Ojy4DZOXVFsr7LSFXPgl6O29AEPD6SHjOH
0x6RTJPqrsccQ49/KBAUAm1oMmRhcE7jsMl6Y3gQGIkSxG7Pag9zj5qxeqljdhf+
QbM4cb9a8jPCSvU3RfXH531PILENGpprvH1oFforY7sNyI8AOMQ1on7Pnk09zbNx
lRBq73dV5RCBtg0xF6v4/dA/X1O1cGnXGAYM7Tp6WXifJzPssRySCuwTZvWIRgQQ
EQIABgUCShVO7AAKCRBquqSvkLOLWAz2AKCfHh162MhNPvfzMtvqR3Vz+x92WgCf
e16LZToIN8IUA2Sqyru9Y6J5Hlm0Lk1hcmsgRSBEIFRob21hcyA8bWFyay50aG9t
YXNAc3ByaW5nc291cmNlLmNvbT6IRgQQEQIABgUCSRKC6gAKCRCbH9qfPAYiMUdj
AJ41QcpKYNSt1tHNV3YATFcYf/XIKgCg7MFeSGbpvW1W1/weqnraMzFzLfeIRgQQ
EQIABgUCSRNG5gAKCRCQOE2aNcfpQnTyAKCdCXp8TBXMKajXNbepnP/8AcxuvwCf
ZABpYIEZ2up4mOTpQCKtAfuj3XaIRgQQEQIABgUCSRnpMQAKCRAtIatlZUYbeY7m
AJ4hT6Y9bnDyS2ZQgxDoe0q1KmeLEACfTNOmAvfFCPpJd5jefNSAg5hblpaIRgQQ
EQIABgUCSRo2ZwAKCRBbloAQ4E+aiXu8AJ9+n0GqPb0pLsFd1bHAnbUFE7wQAgCf
YuHmCCO1a7o1ZhOMmTqjQY8znMaIRgQQEQIABgUCSR7TmQAKCRBTJs9AH54Xu8TF
AJ46JXUYFXbZocbqNxfhfusocDncxQCg180xr/NoOPTmUqne1xT3CNb2gJSIRgQQ
EQIABgUCSVY21AAKCRC5W70/pDxEkm2rAJ9sBYuejJ4w8CXwSSiH56j26JnqqACf
dwaQ5K/fBzZCZO3XeHq/CGF+uQmIRgQQEQIABgUCSV4D6QAKCRAPRQomYhC/wJ8p
AKChOJ08LU1Ji+c0TdCrUS3xHPusvACfX4b7m9UU4KPSjFBt86Wy+7Tl/1iIYQQT
EQIAIQIbAwIeAQIXgAUCSrQLFgULCQgHAwUVCgkICwUWAgMBAAAKCRBvsh6JM8YC
QyLIAKDfzPcdTFN6Iu7MENRKHRgkhlWwcwCg4WwimtdbIuNUaJlHAaDCkXDOK66I
qQQQEQIAaQUCSVsZ6iAcU2FuZGVyIFRlbW1lIDxzYW5kZXJAdGVtbWUubmV0PiIc
U2FuZGVyIFRlbW1lIDxzY3RlbW1lQGFwYWNoZS5vcmc+HhxTYW5kZXIgVGVtbWUg
PHNhbmRlckBtYWMuY29tPgAKCRCyvrxAFSkkr91KAJ93ymf/0iywAVIno5/T8/QU
JSKVBgCfe4UPcLtISs3GI8mpYyjCXq35OEmJARwEEAECAAYFAkkSbKQACgkQW+Yx
wZmV0krGSgf/RlmcEUwth7OQkmpIGPeGbrfjpbuK/AV0+Q8nBJAsAWiMl1ydBo9m
L3oSh2D+0G3gLCyckgA1bcsNdtxMPctxJdmju3rWbq0cEVG26U/qeRDjkZafLa8n
iPReRVRuJP9uAgQ19cv7mOYjRiEjTqeA2IJ8J2RWLZSOf/3u4mWwjq6hMXKGxHc4
phKVQyjgRh45DzG3wuXa5FpHaG1gYgkUhIvW+RGPbuvKNKMSRIuXs8GzsTbWvNWG
/aAOG8B3gR48hQCq7Ja//+ebfKWWi0c37X09VHt9VlNrhWvKziDaofwsobbAa2+F
fby/1fBgoMVNdmtvXWlzugkQ+G3xXZkzdIhGBBARAgAGBQJKFU7sAAoJEGq6pK+Q
s4tYOREAn3tCOMDivfkSiyRdAOB8sjd8H76KAKDFbj1BkgeYIzWQhHxR0SHC9eoL
NLkCDQRBRI3pEAgA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTp
j0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39
uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1Y
TknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9
fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCb
AkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwACAggAri0hN7wUjnkzDNOHs7j7
eM2VKdDxUBkC9287maduH9fEvD9wXphgJNldx2WCZs5jYHeC9LyAvcchXbiAhYG4
lfbssyj8B7woEMGrqRbxSxp+0PSydJ5WsBjeyptd7yUxt660/1DCsC05PiDBGEMF
IAYbeh05wWjPlKlcf3geDx6G4preUXnc/Qp0+A65QNDOjod3j1gQ+vTZ4cKNgDeN
nV/1tinJw3tokTbvyRGzmLLLI9Ht1Zh8BJsGtOuE6UKcNXwpclu7H+GljnEL3E9d
kdITb0YU0dU1dKc4yDJG0T5EXs4SGOeQE0yH3Gma8PmLm5psP6af9cCA0cx3sTqv
a4hMBBgRAgAMBQJBRI3pBRsMAAAAAAoJEG+yHokzxgJDfKIAoOLR5oMpV8OGN7ox
fieHH9qJZRmtAJ0ZMl/F/rvzazItoNsYRL6bE2wBlpkCDQRKtA7pARAA+I6Lxzjy
Q8aA/iZztRqNpIsKYEVC2rBpa1SrklHT+sM3Gqlpl6arTiSisFtjEBUC5oO50PUY
ycMt0AmyjQyUAP28G0E9Re1s0ws9kur8QuM8SnJOLekWQatnSbGChdAhIemX2OHZ
ir4avt4rLUqBUXR2KDjxlmabkQ6n2T3Rpv5t9+f+ihh+faMrJ9TRO2tmvpGc4wUh
IL9t/peGdUYO/n6c9SXHR0nQtmfmUcTC9uXlWrUVc+MrwzmSLag1ET9uM1jqHcYG
6JXVemPPAt7/+ykUftb5Jc5LgNhahfEOK/9n9LLuzFFb4kHMtvcv0ZS0g002KFZQ
mdZ4teKhVOx6cONyibYF5nFMKt9U9fkpV3WIzSdWhZFIvAYwhw3EoBPyEXilGp4x
85uF0spig03qqs4nYuJOjww+I8h2/JPL8Yuqk+lHZ5XH6OTQZJFE9U2roRMvJLR4
W5fZOtAb7zAT/ZenFEYiYNVku+3oCOD//NqD288xYhhal8iSlC1YMbXUNyYpAqaH
ad39X4ej5WGcJFuMQiSybnCeTIkKdOxwJDFVucPpPF77pOIuarodzftpMyhzjokA
g5jdLM9F4zhPu1wbzNZb89/lGqy34ElZlvGoXi3e3miJeSLQZPPOOGSetC60PiYi
Kr6iXpsciDOnqaGb2OWt2bIWaXC4pQuYVvEAEQEAAbQiTWFyayBFIEQgVGhvbWFz
IDxtYXJrdEBhcGFjaGUub3JnPokCNwQTAQoAIQUCSrQO6QIbAwULCQgHAwUVCgkI
CwUWAgMBAAIeAQIXgAAKCRAQwBxaL2BZ59mIEACjehSxvyNSI9z1JQv1zZYWrEMT
3hN8Njr7bcHjkD2JG5SfZx7Rh+aTahtv6qBkoZaSNOIycvRsVijqOzVeL+zNJm1Z
Ql1YI3ZbzBVnS+5Z6HIIMCQBXo0HGJVbccobuJudCwbwbpxIcQm0HCp51ppAeznJ
tCHLWqo3PawnNRf2jYVTFKSdMxtZMk6fYcbzek2wkJWnDMeaHE1sy9M5+kGYW1H6
2MH8WCZkp5FWGTmM1yFyLCzebCfUOD/LY2OKloHfm0Lzqj1q5My/S1UZxjq0mCLK
DOc1naI9YNYJTMyv2aiXUaqqgYXuhWE214qc/KF/Ipgnm3GsWZ3y4Roqql/sg2t2
FMA4qqJvrGTnNIlxrypKpbTy6TXhdDFU+2mY2pbEP79mLG9uEUJfRX431pr0/GT1
s/CqK3tQCOFHCCIBVbTPs7i5S/QiLBo4PoBwxNnYWQ2NKn4s5Ry/QqAFlAzN6SH8
TNleAUZ9cTvo/5jKHYY5mC2b5xVc+ChpDTu8EZKHwADSFmKN1iOcfNwRgx9+9bdz
Ua66UkhT9F6UF+vy3mo9o+lOqbgAS9qgcYbHLDunIXN7uP/tNfX3/qXmVbHPbbXE
0F7CiLo5jG/KdrJObrJr+jylV96Fv0QMaW1R1OZGeacdR6u5jEHWXy7OX3+GMplw
R9Ns+P0Zksz2ptF2+bkCDQRKtA7pARAAwjRJMLOWK6AZm7vO/PV39NOoE5eS8w/x
3bd7AKfYgnz4LnDvpe1PsW6NVx0zCUMBFX0vkcd0W2i2ERvoVOxbiS0Af+TWggzU
bqsOSh8kLSVB/s6POCKqnzMxvGjknR4Ncq9sSh+EE5oEDjQbv1tMRGZma6Ok42Dc
JJNqcFytsriJmT1DsvpitahfFpt4U7ZDxPhRUjRSGnhw6Expsf9EYrvyu3TSU6wt
E5UaZ9iunetMwed2GE3PtA2Eg8gdBbqV4gMf/lxBp90O3jYtgVesOdL+a+dUD/M6
bYhX5THxSjQH1fMUuTLXkHffGEuaqnfyz6N4EuRxT0Gki9JN0Uwpb+30DR3GRapr
9DlqYses5tp6WMYarEwxnkmudv7l3oVVxeSbm2BYnzEi6WxlWana5huYa9nMnMbI
xYmNMyTmkYrZjfyVmzhi4sK3DeLpCjchZ7RRuYz2hZyXcfax38iTXhfXIL/SZWXh
cSelqiAIZSjrh9yvP6ctEjxOmThX0aNGFMb4duSv7IjnDy5utd2jscmO2H0PDBNr
4J+yNJgLYPWpvmBQ2mxqo/N/aHcGXc2b9k9plB58mxUyRQbjFhlimLLWA0unmRJo
bqWz71CpA7oP5jvoHaPqUihfWEugzOUbQnUzSauDWWOdMqQW+UUo/iDRz6HCKdlf
ww0288krLusAEQEAAYkCHwQYAQoACQUCSrQO6QIbDAAKCRAQwBxaL2BZ5y3tD/4t
+KCuXBNi5alBCExHEzveMdRF9FJrSqJEX0NwGFivF3hQ/HJkrcu9oTJC/tXNFf/+
EHOd0lMiyFl5PBSlhe4XS988rgapUW+ee9tQmAt+RgP40fdKdJNb6+9NYGmrdnDU
zlQtP+h/XBOcmF0/szK/U0oigg8DjYYUm5gCWXOl9H4LJgg+yOcVCOVa4oTf1sdA
mQba1xlMhOIYBWmEhqbWZpGOS59XvpyNfOQXWu26S8HACBqyPZ2LVV4H+9cmxinT
z7RX1yKD17nLZ/fTOzZ1gYTbhg5rNmFpDgu3nlgU8SpGQ1kd70ZkcudgehsUe1Ep
Pyl7O8qhj5H0/3OAmRXzrq2VF17gtz7zpntA0JqsBMbSaK5qBuBcurLhBT634WDI
oE8u5Em1UwjgTI0Cx/lPxRTbIb4PfjP2b2ik/tJaUbwUrhuZ4LAtGztMVrF4W+qn
x9oed4OFXMBbwgS+SH6oAHlGwpxhhzXBlqZsHXm+w+2oazWUhxFFGEe5U245GEtN
f0AznBMDWTqg0SCVEDjlKt+e9tVXkTpHYWZjGbRZbEHkCbFqKhq0KP5BGInFZTFT
oI5jjszmuX0W/yKpRpQZ+GuJnt4VrYSy7TMvjjhIpuhDY57VUwUIkz/2Kq8Vg2wp
Gg+29nvcGOTdyZUcTCEB33B2jQ9z0XUEp+6B2F5iZQ==
=hSkx
-----END PGP PUBLIC KEY BLOCK-----
pub rsa4096 2019-05-05 [SC]
48F8 E69F 6390 C9F2 5CFE DCD2 6824 8959 359E 722B
uid [ultimate] Remy Maucherat <remm@apache.org>
sig 3 68248959359E722B 2019-05-05 Remy Maucherat <remm@apache.org>
sub rsa4096 2019-05-05 [E]
sig 68248959359E722B 2019-05-05 Remy Maucherat <remm@apache.org>
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFzO4ecBEACVS86VyuTSJmLmApi92R6D3/L3EIBFXhagJbrLkodkTuG9efYo
vM1DJPWEFs5kux8a8UPwn2gbQFPJg1AH77GqjP8gtn0KHQvXgYC9+7cTqDl6C7k9
n3BkB9bRIhHileYyIJfnycjJdrGFEmwGu0pBOEdr01R0kFprqYu9DwcD6oUvmZRn
OMoQQeLEC0cw/VzJ/ZqzJwO0t+rMCozqJ9/BfJZUqwijDZnJAZWnIVxjqxrUgyYA
5/0g9X8YHrIz09XuzaE64VAl0q3nrFJWvDCwE/ZM7w8jlUqtQgLu4K2U82G0YXw3
KJ1EbigEmtEohu6HVnAToCJuOnQ8m0rZxbyNMeYF9pyohdFEca4I0B8Evy2dYFnJ
Y2gghuU80vct54536WWz9mAjKwBFQUtxX0EjYrYN9ckzCK6fRqrnVv0USVp7N/ZY
PQkOEJSdmRdpvTMwfCuAyT0/3cxuC7NyAWiZDXJv7OVcDr/REfWAA7XMQOErwdGJ
gViG58YhLw0Pgdumg+prqQXowzlRzGAsV5VntCh+4LV8/ESmvWAE3V+jgZFB3cSp
g58NKjp1EwKwX6BCICyX+Oe03cnlC0UJ7S9FccrjNrkiwxxOVAnmy4kxX/P3Cuqc
C/b6BeeUA1hBNWNe42mr6YczS+dhpCSUVWQJp/TxdoXA2fGG1OS1FMaICwARAQAB
tCBSZW15IE1hdWNoZXJhdCA8cmVtbUBhcGFjaGUub3JnPokCOAQTAQIAIgUCXM7h
5wIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQaCSJWTWecisVSA/9Eh3h
0jeyy51rA1nqq9imbH0YC85A/wZjhb06UXwWBPozJR8UJsOJZ7kBzCW4gfkC9zTD
GStSHHAej9o96FHVRLzCyjaaZVuRUl2qCz9U+pnGMxb5aRNVAQ/wE10hHu3Yc+48
cc0sPCCPMdshAj1VOHczTU/LSv21TWBaKO3NMV9KilPzKvXHdPFYssVcUt2NgQLm
2Bx/ELTCVj5c9Ih2cz3T7kxf8LKsGALIfjcp8g9DlvMjVLKBFZqU94C4V0mba2Fd
6xHpdmcgMbSNo6poQ0M0O7CN5qVJFm/v4ZDooLNWRMeL66oen3LrZ8HRpPxfic77
JLKn60dywuYU8WYp7cV+3AnaDn/ggvC1x79LSmX4PFyG9/F5M7gp0HFrVdyc0nBo
UTejZXehwKrfvF/isPf7pUv2fGXwg07zTz8OMLQo4h9poB5YuuinjuxjBfmc2AvB
WbRcKNvHXHUlaVeK+VvohfPuetJESS4YB7fLMQPdGIckDFQub4SvXPNPPToLsbDB
2GGguqhwWD9ECa2o1RqX8LnCdB71uBcyiW8UIkLxwaygsciVm7SFz+pqAKJgzWwI
AsVYVOIKdq0GWaLDtMGJGQFfxuMVmMGGbvueAMcOCSSsGemkElan33VS8Zu1sjeY
P0Jt4ws6gcbUHI27l5Pvk06uWzaN8uyXGA03d4y5Ag0EXM7h5wEQALG3oikRAQqf
um+wW6oW2d1mIk0PtnC3l3/kGTA92kIqJzQ3Ua0mFaVGxdg2J/I1MF7HdlZJbGyP
5b0PdbSjLHFbQfFD6LHsLw9StVrkjbBKYaP0gRWxEIHMN4Qv01I2Lyc9ONlMjUIf
xNK/AG6oT/Ia53VVET78HOj01L7JjBAPuW8UPoy27s2gQ02smbA7iRUeZ3dpN2fy
027aKbimIl1ZrxJbcbxw29PXWJZP+CxJEnqwEw78QbqSsFMAhR9wZHTfEtUzYy6h
hyngwYQ+iBnB+1cYTEB9KbWWpP5n12iuRin77r2RwrHYAW/RUILK2rOJqPcIg6CX
P1o9UKPeN5QE/ScU5427XKZZscaQrvBPoN3G2RWmMuHM2cchXgRRMMaSvufocLjj
gKj/aPUDCkvJ5MyTNtMfVDx0Tw3aQpf2Fr1L1Hu2GyBqifioZGdzLL0LtdeXzkJy
nZGj/L5jzIlNBnQG97rgCuPflbIl2S1izNexnuX2Z1dcyS2MTrj3nnK6HoW+gvCc
oqq01S410wxaAUidJeGwLzgUa9Ig+6BVPT7sZrbc0IoNP+JdoqPxiEkqy4Msy9WJ
RVeJM520Q2T1YM7xm/4E8C7H+Fis5u4GNswk5qsXEOyLcHBzGEik3BDylp+sJ6/F
DuAN7k64RV2m+lKpjngiKZxo9LmqnsWTABEBAAGJAh8EGAECAAkFAlzO4ecCGwwA
CgkQaCSJWTWecishvg//ZDuhkbSUgIIjG9Rzq3cHNxZ4sFrUwL19AtGNktiwt0QA
GCKPnf4SdHZGKSeOqUHeDT/l/5l4Xc/JgRk/t2bEeC3cHE/Xc5V6I2n28HQiJScX
UJdnO3QdTCMEYVedu/9JhmA37eznQhm+UAcxT9tew3nSd0KkkMQyW6YpBEgcdsFd
aLiFPzbySjRWplyCdELPRFtW2ZHnJ5gVGYZ060EOHcdPb/4Gz/mA6dIjQ5N+vKlA
GNdYZgv3w4NRGLmni5T7jDAY6T2CJXxvcgfYfh3oY3aiZaWzKKQyLEVaoZ6dJbsm
mi2if7MZ/SVCMdM3MXiRpCeyyw9MTylGzgwbDYSz2ZkGvy9k+1M75q5QEfvVM8R3
guaBJR+e4fkfsRBUAqwmHy8TrXghf5eOCsJx/9yyRXvK4tnwSBUIzFa1q0POESul
jFWYFkvRjKIYfFWS6cY37sPNLvEQQmP2O07ttaYfIXcMcVF+HsDBUftGRWIkkPn2
LucW7f0Lqlbv/mlJpqByz522jmJRNFLVQh87LYz91FgsLAgDkPpi8mzRrEfb2nHD
+PIKpoO499AKQ8hETMbfzmpJUIV2Bhd7OqKDSf+yHiYSje9evofP+4lDUx3u7tQ3
4OUzLqBRVrhFDI9keHnhOFMJSrnrpXe7Cm9JujvTX/hy2iOpTOuflj0Djsc8dnQ=
=l4Ry
-----END PGP PUBLIC KEY BLOCK-----

8
tomcat.spec
View File

@ -22,7 +22,7 @@
%define elspec 3.0
%define major_version 9
%define minor_version 0
%define micro_version 75
%define micro_version 80
%define packdname apache-tomcat-%{version}-src
# FHS 2.3 compliant tree structure - http://www.pathname.com/fhs/2.3/
%global basedir /srv/%{name}
@ -66,7 +66,7 @@ Source33: tomcat-serverxml-tool.tar.gz
Source34: tomcat-serverxml-tool.sh.in
Source1000: tomcat-rpmlintrc
Source1001: https://archive.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz.asc
Source1002: %{name}.keyring
Source1002: https://downloads.apache.org/tomcat/tomcat-9/KEYS#/%{name}.keyring
#PATCH-FIX-UPSTREAM: from jpackage.org package
Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch
#PATCH-FIX-UPSTREAM: from jpackage.org package
@ -83,7 +83,6 @@ Patch5: %{name}-%{major_version}.%{minor_version}-jdt.patch
Patch6: tomcat-9.0.75-secretRequired-default.patch
Patch7: tomcat-9.0-fix_catalina.patch
Patch8: tomcat-9.0-logrotate_everything.patch
Patch9: tomcat-9.0.75-CVE-2023-41080.patch
BuildRequires: ant >= 1.8.1
BuildRequires: ant-antlr
BuildRequires: apache-commons-collections
@ -256,7 +255,6 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name "
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
# remove date from docs
sed -i -e '/build-date/ d' webapps/docs/tomcat-docs.xsl
@ -641,7 +639,7 @@ fi
%postun servlet-4_0-api
if [ $1 -eq 0 ] ; then
if [ ! -f %{_sysconfdir}/alternatives/servlet ]; then
# /etc/alternatives/servlet was removed on uninstall.
# %{_sysconfdir}/alternatives/servlet was removed on uninstall.
# Create a broken symlink to make sure update-alternatives works correctly and falls back
# to servletapi5 or servletapi4 if they're installed.
ln -s %{_javadir}/%{name}-servlet-%{servletspec}-api.jar %{_sysconfdir}/alternatives/servlet