From ddb247a2f7880e988136c9b8f954ac48fb4e234c02dc1238c9e0b1996f2697ce Mon Sep 17 00:00:00 2001 From: Fridrich Strba Date: Thu, 21 Sep 2023 20:06:00 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=273 --- apache-tomcat-9.0.75-src.tar.gz | 3 - apache-tomcat-9.0.75-src.tar.gz.asc | 16 -- apache-tomcat-9.0.80-src.tar.gz | 3 + apache-tomcat-9.0.80-src.tar.gz.asc | 17 ++ tomcat-9.0.75-CVE-2023-41080.patch | 41 ---- tomcat.changes | 169 ++++++++++++++++ tomcat.keyring | 287 +++++++++++++++++++++++----- tomcat.spec | 8 +- 8 files changed, 429 insertions(+), 115 deletions(-) delete mode 100644 apache-tomcat-9.0.75-src.tar.gz delete mode 100644 apache-tomcat-9.0.75-src.tar.gz.asc create mode 100644 apache-tomcat-9.0.80-src.tar.gz create mode 100644 apache-tomcat-9.0.80-src.tar.gz.asc delete mode 100644 tomcat-9.0.75-CVE-2023-41080.patch diff --git a/apache-tomcat-9.0.75-src.tar.gz b/apache-tomcat-9.0.75-src.tar.gz deleted file mode 100644 index 15f46e6..0000000 --- a/apache-tomcat-9.0.75-src.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:35fee3552179eb0ee1ed3b0ec4785d94b9e7402bb23f1aeb223178b7e4645a82 -size 6241477 diff --git a/apache-tomcat-9.0.75-src.tar.gz.asc b/apache-tomcat-9.0.75-src.tar.gz.asc deleted file mode 100644 index ee92a76..0000000 --- a/apache-tomcat-9.0.75-src.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEESPjmn2OQyfJc/tzSaCSJWTWecisFAmRTrhwACgkQaCSJWTWe -cisKuA/+IQFNKHTyMq7uCBmSMpfqzdFH6tE3MiUFAvHfNE7MuYBtyCFkTmryNP2j -wAHuvT8qJYyglhTkP6Ra+4EipLltAZEPF6a5K9PYQEtCmEo0BlpJq8Bln0Re8nzs -z1JEPsPlIlJkx3utfX+QSVn9/roTK+RdP0x4FMxD7Ujg00UOZ1kr5Z+VY4ArT3QC -H2yriYiPAk5WX2ovtyhvnF606TcZGU9wUcUVaQMNDETjmFD4aS7PuhcwpNU/ZbS9 -vB8psCwb75U1iOE9oRfXDQbxvOAUhcAJPPVaS88I0iDNYlp870l/nUCTotFm14yG -uHXEE/XDVN2aojLH302AxZjTbXqXAga5TBT0aFAL3UWzqdz9UA/2sZqbjr0gN4U6 -ggZ6wc8B1CqzuT7xFOI+ugMNokXt4CZdZ4bjFLfRCU8ZEpIoPsW6f6vtVRKUwAU2 -1Fr/XsGnTwVcIvnlD0PrLd4RGRqgdAzhIXZ5+q//1ls/hEXDx63AkYkv0T6AtaFn -tuoLXcF7plWAQXHq+qKtjWIKjLDItZAEpvLI3Jd3Nf9cJgS+qiyCfijh9Z9y24ts -FgcYFPVxbDMsv4nEPdHDRw9rwx0AJzLSw4XofrBiw3uEYvUbV+zJQSxzNa2hPAGd -IJEADr8Ou1JLg5HgH7qVyx94ifeOKocBOoO3RhTMP6lOJN0cJ3E= -=bv2c ------END PGP SIGNATURE----- diff --git a/apache-tomcat-9.0.80-src.tar.gz b/apache-tomcat-9.0.80-src.tar.gz new file mode 100644 index 0000000..8647770 --- /dev/null +++ b/apache-tomcat-9.0.80-src.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f35fa7fe8d9de6ca08972d625c3a51297d367805d6281ff6f6610f612753b62f +size 6272358 diff --git a/apache-tomcat-9.0.80-src.tar.gz.asc b/apache-tomcat-9.0.80-src.tar.gz.asc new file mode 100644 index 0000000..ba2853c --- /dev/null +++ b/apache-tomcat-9.0.80-src.tar.gz.asc @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Comment: GPGTools - http://gpgtools.org + +iQIzBAABCAAdFiEEqcXfTSLpmZjZh1pREMAcWi9gWecFAmTmhA4ACgkQEMAcWi9g +Wef41BAAhMvH7+ycd0O90vsdFd1CkEAOyTeewkbFucuVa+YNGwfvyfLvbYv2pqeP +V/u2V2FO9qssGWXbF1ZHs6YQSnPS2Z6XqcoFUZ1NndbbyTOal2XIdbU7fLsPIHRk +a3HpE0h/TTLRr3LOWGZywD+1vgaQJFMFSihdKRMz+j77OeyphByrUm3Y9w8mw5o2 +pFJvAyq2/ABEhY7rOyqa9qjMaUY0a0QDs13DZSElfQtg9xJh2pML7VXEZtnt6c8E +qhOkgmgro+FcZi1Oyw9ytBIEorZmGnWZSQ/20PqPxLr/AOa+TtVkr8dz+lPZJhfa +vOUZ0EQ1/UoOU8K1yEoVHbzISTW/DXaCCPJKyCHMD0GfgAAaqC8oKxtP8lklC3Hv +OHOae+jskTwRAMxPkCts12pr45DAyw6kHqaSYW7in/xQBv/1wJuYsFtSXlaIup70 +gxOHeqWxZBguFpFsCrnvpAsHEBQ/zaldNkC7XnufuCrZXvzTIkk6bXltnqBVO2CE +l7xNCFAJaqBOR38hsvZgmSSDPJHceYwcU2Y8ZAtgU/RM+UiApI53+kDNIsL9KYlu +7dXmWXY/LCIi8rXbcnbvyYVBOjH6NIcPom27JFY3PlUWAOSMCb9i9tpj5Eu9h68N +y290iYqM/e9/lULx2oA8S8KMGmFzdsMWGVC3yFUIa++br1c79D8= +=xcTN +-----END PGP SIGNATURE----- diff --git a/tomcat-9.0.75-CVE-2023-41080.patch b/tomcat-9.0.75-CVE-2023-41080.patch deleted file mode 100644 index 6d54c25..0000000 --- a/tomcat-9.0.75-CVE-2023-41080.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 77c0ce2d169efa248b64b992e547aad549ec906b Mon Sep 17 00:00:00 2001 -From: Mark Thomas -Date: Tue, 22 Aug 2023 11:31:23 -0700 -Subject: [PATCH] Avoid protocol relative redirects - ---- - .../apache/catalina/authenticator/FormAuthenticator.java | 6 ++++++ - webapps/docs/changelog.xml | 3 +++ - 2 files changed, 9 insertions(+) - -Index: apache-tomcat-9.0.75-src/java/org/apache/catalina/authenticator/FormAuthenticator.java -=================================================================== ---- apache-tomcat-9.0.75-src.orig/java/org/apache/catalina/authenticator/FormAuthenticator.java -+++ apache-tomcat-9.0.75-src/java/org/apache/catalina/authenticator/FormAuthenticator.java -@@ -747,6 +747,12 @@ public class FormAuthenticator extends A - sb.append('?'); - sb.append(saved.getQueryString()); - } -+ -+ // Avoid protocol relative redirects -+ while (sb.length() > 1 && sb.charAt(1) == '/') { -+ sb.deleteCharAt(0); -+ } -+ - return sb.toString(); - } - } -Index: apache-tomcat-9.0.75-src/webapps/docs/changelog.xml -=================================================================== ---- apache-tomcat-9.0.75-src.orig/webapps/docs/changelog.xml -+++ apache-tomcat-9.0.75-src/webapps/docs/changelog.xml -@@ -134,6 +134,9 @@ - file locking protection or the manager servlet. Submitted - by Jack Shirazi. (remm) - -+ -+ Avoid protocol relative redirects in FORM authentication. (markt) -+ - - - diff --git a/tomcat.changes b/tomcat.changes index a342904..7c76647 100644 --- a/tomcat.changes +++ b/tomcat.changes @@ -1,3 +1,172 @@ +------------------------------------------------------------------- +Thu Sep 21 16:41:56 UTC 2023 - Fridrich Strba + +- Update to Tomcat 9.0.80 + * Catalina + + Add RateLimitFilter which can be used to mitigate DoS and + Brute Force attacks + + Move the management of the utility executor from the + init()/destroy() methods of components to the start()/stop() + methods. + + Add org.apache.catalina.core.StandardVirtualThreadExecutor, + a virtual thread based executor that may be used with one or + more Connectors to process requests received by those + Connectors using virtual threads. This Executor requires a + minimum Java version of Java 21. + + 66513: Add a per session Semaphore to the PersistentValve that + ensures that, within a single Tomcat instance, there is no + more than one concurrent request per session. Also expand the + debug logging to include whether a request bypasses the Valve + and the reason if a request fails to obtain the per session + Semaphore. + + 66609: Ensure that the default servlet correctly escapes file + names in directory listings when using XML output. + + 66618: Add a numeric last modified field to the XML directory + listings produced by the default servlet to enable sorting in + the XSLT. + + 66621: Attempts to lock a collection with WebDAV may + incorrectly fail if a child collection has an expired lock. + + 66622: Deprecate the xssProtectionEnabled setting from the + HttpHeaderSecurityFilter and change the default value to false + as support for the associated HTTP header has been removed + from all major browsers. + + 59232: Add org.apache.catalina.core.ContextNamingInfoListener, + a listener which creates context naming information + environment entries. + + 66665: Add + org.apache.catalina.core.PropertiesRoleMappingListener, a + listener which populates the context's role mapping from a + properties file. + + Fix an edge case where intra-web application symlinks would be + followed if the web applications were deliberately crafted to + allow it even when allowLinking was set to false. + + Add utility config file resource lookup on Context to allow + looking up resources from the webapp (prefixed with webapp:) + and make the resource lookup API more visible. + + Fix potential database connection leaks in + DataSourceUserDatabase identified by Coverity Scan. + + Make parsing of ExtendedAccessLogValve patterns more robust. + + Fix failure trying to persist configuration for an internal + credential handler. + + 66680: When serializing a session during the session + presistence process, do not log a warning that null Principals + are not serializable. + + Catch NamingException in JNDIRealm#getPrincipal. It is used in + Java up to 17 to signal closed connections. + + 66822: Use the same naming format in log messages for + Connector instances as the associated ProtocolHandler instance. + + The parts count should also lower the actual maxParameterCount + used for parsing parameters if parts are parsed first. + + If an application or library sets both a non-500 error code + and the javax.servlet.error.exception request attribute, use + the provided error code during error page processing rather + than assuming an error code of 500. + + Update code comments and Tomcat output to use MiB for + 1024 * 1024 bytes and KiB for 1024 bytes rather than + MB and kB. + + Avoid protocol relative redirects in FORM authentication + (CVE-2023-41080, bsc#1214666). + * Coyote + + Update the HTTP/2 implementation to use the prioritization + scheme defined in RFC 9218 rather than the one defined in + RFC 7540. + + 66602: not sending WINDOW_UPDATE when dataLength is ZERO on + call SwallowedDataFramePayload. + + 66627: Restore the documented behaviour of + MessageBytes.getType() that it returns the type of the + original content rather than reflecting the most recent + conversion. + + 66635: Correct certificate logging on start-up so it + differentiates between keystore based keys/certificates and + PEM file based keys/certificates and logs the relevant + information for each. + + Refactor blocking reads and writes for the NIO connector to + remove code paths that could allow a notification from the + Poller to be missed resuting in a timeout rather than the + expected read or write. + + Refactor waiting for an HTTP/2 stream or connection window + update to handle spurious wake-ups during the wait. + + Correct a regression introduced in 9.0.78 and use the correct + constant when constructing the default value for the + certificateKeystoreFile attribute of an + SSLHostConfigCertificate instance. + + Refactor HTTP/2 implementation to reduce pinning when using + virtual threads. + + Pass through ciphers referring to an OpenSSL profile, such as + PROFILE=SYSTEM instead of producing an error trying to parse + it. + + 66841: Ensure that AsyncListener.onError() is called after an + error during asynchronous processing with HTTP/2. + + 66842: When using asynchronous I/O (the default for NIO and + NIO2), include DATA frames when calculating the HTTP/2 + overhead count to ensure that connections are not prematurely + terminated. + + Correct a race condition that could cause spurious RST + messages to be sent after the response had been written to an + HTTP/2 stream. + * WebSocket + + 66548: Expand the validation of the value of the + Sec-Websocket-Key header in the HTTP upgrade request that + initiates a WebSocket connection. The value is not decoded but + it is checked for the correct length and that only valid + characters from the base64 alphabet are used. + + Improve handling of error conditions for the WebSocket server, + particularly during Tomcat shutdown. + + Correct a regression in the fix for 66574 that meant the + WebSocket session could return false for onOpen() before the + onClose() event had been completed. + + 66681: Fix a NullPointerException when flushing batched + messages with compression enabled using permessage-deflate. + * Web applications + + Documentation. Expand the security guidance to cover the + embedded use case and add notes on the uses made of the + java.io.tmpdir system property. + + 66662: Documentation. Fix a typo in the name of the algorithms + attribute in the configuration section for the Digest + authentication value. + + Documentation. Update documentation to use MiB for + 1024 * 1024 bytes and KiB for 1024 bytes rather than + MB and kB. + * jdbc-pool + + Fix the releaseIdleCounter does not increment when testAllIdle + releases them. + + Fix the ConnectionState state will be inconsistent with actual + state on the connection when an exception occurs while + writing. + * Other + + Update to Commons Daemon 1.3.4. + + Improvements to French translations. + + Update Checkstyle to 10.12.0. + + Update the packaged version of the Apache Tomcat Native + Library to 1.2.37 to pick up the Windows binaries built with + with OpenSSL 1.1.1u. + + Include the Windows specific binary distributions in the files + uploaded to Maven Central. + + Improvements to French translations. + + Improvements to Japanese translations. + + Update UnboundID to 6.0.9. + + Update Checkstyle to 10.12.1. + + Update BND to 6.4.1. + + Update JSign to 5.0. + + Correct properties for JSign dependency. + + Align documentation for maxParameterCount to match hard-coded + defaults. + + Update NSIS to 3.0.9. + + Update Checkstyle to 10.12.2. + + Improvements to French translations. + + Improvements to Japanese translations. + + 66829: Fix quoting so users can use the _RUNJAVA environment + variable as intended on Windows when the path to the Java + executable contains spaces. + + Update Tomcat Native to 1.2.38 to pick up Windows binaries + built with OpenSSL 1.1.1v. + + Improvements to Chinese translations. + + Improvements to French translations. + + Improvements to Japanese translations +- Removed patch: + * tomcat-9.0.75-CVE-2023-41080.patch + + integrated in this version + ------------------------------------------------------------------- Thu Sep 21 13:19:54 UTC 2023 - Michele Bussolotto diff --git a/tomcat.keyring b/tomcat.keyring index df9bc1a..b0667cf 100644 --- a/tomcat.keyring +++ b/tomcat.keyring @@ -1,50 +1,237 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBFzO4ecBEACVS86VyuTSJmLmApi92R6D3/L3EIBFXhagJbrLkodkTuG9efYo -vM1DJPWEFs5kux8a8UPwn2gbQFPJg1AH77GqjP8gtn0KHQvXgYC9+7cTqDl6C7k9 -n3BkB9bRIhHileYyIJfnycjJdrGFEmwGu0pBOEdr01R0kFprqYu9DwcD6oUvmZRn -OMoQQeLEC0cw/VzJ/ZqzJwO0t+rMCozqJ9/BfJZUqwijDZnJAZWnIVxjqxrUgyYA -5/0g9X8YHrIz09XuzaE64VAl0q3nrFJWvDCwE/ZM7w8jlUqtQgLu4K2U82G0YXw3 -KJ1EbigEmtEohu6HVnAToCJuOnQ8m0rZxbyNMeYF9pyohdFEca4I0B8Evy2dYFnJ -Y2gghuU80vct54536WWz9mAjKwBFQUtxX0EjYrYN9ckzCK6fRqrnVv0USVp7N/ZY -PQkOEJSdmRdpvTMwfCuAyT0/3cxuC7NyAWiZDXJv7OVcDr/REfWAA7XMQOErwdGJ -gViG58YhLw0Pgdumg+prqQXowzlRzGAsV5VntCh+4LV8/ESmvWAE3V+jgZFB3cSp -g58NKjp1EwKwX6BCICyX+Oe03cnlC0UJ7S9FccrjNrkiwxxOVAnmy4kxX/P3Cuqc -C/b6BeeUA1hBNWNe42mr6YczS+dhpCSUVWQJp/TxdoXA2fGG1OS1FMaICwARAQAB -tCBSZW15IE1hdWNoZXJhdCA8cmVtbUBhcGFjaGUub3JnPokCOAQTAQIAIgUCXM7h -5wIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQaCSJWTWecisVSA/9Eh3h -0jeyy51rA1nqq9imbH0YC85A/wZjhb06UXwWBPozJR8UJsOJZ7kBzCW4gfkC9zTD -GStSHHAej9o96FHVRLzCyjaaZVuRUl2qCz9U+pnGMxb5aRNVAQ/wE10hHu3Yc+48 -cc0sPCCPMdshAj1VOHczTU/LSv21TWBaKO3NMV9KilPzKvXHdPFYssVcUt2NgQLm -2Bx/ELTCVj5c9Ih2cz3T7kxf8LKsGALIfjcp8g9DlvMjVLKBFZqU94C4V0mba2Fd -6xHpdmcgMbSNo6poQ0M0O7CN5qVJFm/v4ZDooLNWRMeL66oen3LrZ8HRpPxfic77 -JLKn60dywuYU8WYp7cV+3AnaDn/ggvC1x79LSmX4PFyG9/F5M7gp0HFrVdyc0nBo -UTejZXehwKrfvF/isPf7pUv2fGXwg07zTz8OMLQo4h9poB5YuuinjuxjBfmc2AvB -WbRcKNvHXHUlaVeK+VvohfPuetJESS4YB7fLMQPdGIckDFQub4SvXPNPPToLsbDB -2GGguqhwWD9ECa2o1RqX8LnCdB71uBcyiW8UIkLxwaygsciVm7SFz+pqAKJgzWwI -AsVYVOIKdq0GWaLDtMGJGQFfxuMVmMGGbvueAMcOCSSsGemkElan33VS8Zu1sjeY -P0Jt4ws6gcbUHI27l5Pvk06uWzaN8uyXGA03d4y5Ag0EXM7h5wEQALG3oikRAQqf -um+wW6oW2d1mIk0PtnC3l3/kGTA92kIqJzQ3Ua0mFaVGxdg2J/I1MF7HdlZJbGyP -5b0PdbSjLHFbQfFD6LHsLw9StVrkjbBKYaP0gRWxEIHMN4Qv01I2Lyc9ONlMjUIf -xNK/AG6oT/Ia53VVET78HOj01L7JjBAPuW8UPoy27s2gQ02smbA7iRUeZ3dpN2fy -027aKbimIl1ZrxJbcbxw29PXWJZP+CxJEnqwEw78QbqSsFMAhR9wZHTfEtUzYy6h -hyngwYQ+iBnB+1cYTEB9KbWWpP5n12iuRin77r2RwrHYAW/RUILK2rOJqPcIg6CX -P1o9UKPeN5QE/ScU5427XKZZscaQrvBPoN3G2RWmMuHM2cchXgRRMMaSvufocLjj -gKj/aPUDCkvJ5MyTNtMfVDx0Tw3aQpf2Fr1L1Hu2GyBqifioZGdzLL0LtdeXzkJy -nZGj/L5jzIlNBnQG97rgCuPflbIl2S1izNexnuX2Z1dcyS2MTrj3nnK6HoW+gvCc -oqq01S410wxaAUidJeGwLzgUa9Ig+6BVPT7sZrbc0IoNP+JdoqPxiEkqy4Msy9WJ -RVeJM520Q2T1YM7xm/4E8C7H+Fis5u4GNswk5qsXEOyLcHBzGEik3BDylp+sJ6/F -DuAN7k64RV2m+lKpjngiKZxo9LmqnsWTABEBAAGJAh8EGAECAAkFAlzO4ecCGwwA -CgkQaCSJWTWecishvg//ZDuhkbSUgIIjG9Rzq3cHNxZ4sFrUwL19AtGNktiwt0QA -GCKPnf4SdHZGKSeOqUHeDT/l/5l4Xc/JgRk/t2bEeC3cHE/Xc5V6I2n28HQiJScX -UJdnO3QdTCMEYVedu/9JhmA37eznQhm+UAcxT9tew3nSd0KkkMQyW6YpBEgcdsFd -aLiFPzbySjRWplyCdELPRFtW2ZHnJ5gVGYZ060EOHcdPb/4Gz/mA6dIjQ5N+vKlA -GNdYZgv3w4NRGLmni5T7jDAY6T2CJXxvcgfYfh3oY3aiZaWzKKQyLEVaoZ6dJbsm -mi2if7MZ/SVCMdM3MXiRpCeyyw9MTylGzgwbDYSz2ZkGvy9k+1M75q5QEfvVM8R3 -guaBJR+e4fkfsRBUAqwmHy8TrXghf5eOCsJx/9yyRXvK4tnwSBUIzFa1q0POESul -jFWYFkvRjKIYfFWS6cY37sPNLvEQQmP2O07ttaYfIXcMcVF+HsDBUftGRWIkkPn2 -LucW7f0Lqlbv/mlJpqByz522jmJRNFLVQh87LYz91FgsLAgDkPpi8mzRrEfb2nHD -+PIKpoO499AKQ8hETMbfzmpJUIV2Bhd7OqKDSf+yHiYSje9evofP+4lDUx3u7tQ3 -4OUzLqBRVrhFDI9keHnhOFMJSrnrpXe7Cm9JujvTX/hy2iOpTOuflj0Djsc8dnQ= -=l4Ry ------END PGP PUBLIC KEY BLOCK----- +This file contains the PGP&GPG keys of various Apache developers. +Please don't use them for email unless you have to. Their main +purpose is code signing. + +Apache users: pgp < KEYS +Apache developers: + (pgpk -ll && pgpk -xa ) >> this file. + or + (gpg --fingerprint --list-sigs + && gpg --armor --export ) >> this file. + +Apache developers: please ensure that your key is also available via the +PGP keyservers (such as pgpkeys.mit.edu). + + +pub 1024D/33C60243 2004-09-12 + Key fingerprint = DCFD 35E0 BF8C A734 4752 DE8B 6FB2 1E89 33C6 0243 +uid Mark E D Thomas +uid Mark E D Thomas +uid Mark E D Thomas +sub 2048g/0BECE548 2004-09-12 + +pub 4096R/2F6059E7 2009-09-18 + Key fingerprint = A9C5 DF4D 22E9 9998 D987 5A51 10C0 1C5A 2F60 59E7 +uid Mark E D Thomas +sub 4096R/5E763BEC 2009-09-18 + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.9 (MingW32) + +mQGiBEFEjegRBADocGttfROvtLGrTOW3xRqZHmFWybmEaI6jmnRdN/1gGXmb3wQL +rHsS3fLFIIOYLPph0Kov9q4qNq36LekShIvjMBDFoj2/wRxaUtFq81asaRZg8Mcw +4kVeIoe8OIOuWmvYhU8SH2jJNUnVVrpTPAa6QWquTmseNi6UJMjLxuL7DwCg//9u +k2yj0vk6e4WSO6Fe5+EkQDED/AjQsy0kj9TpNHkKSSUR2evRlWPYA0YtxBSbsgON +tT0cYipAp5IcYt6Zq5QzHiZreyQXLAjItDS2oGCIXfNbTYJ3kxxJTCU/3wlefVdq +LBh4ttm7gmWaiTDTgG4axLF5oMpAb3m4v6s1KvXVVj2pqkhBknfuoRh1wPqbtwks +7HOIBADVezl1/vny5YzdoqsDx1ByXMLi7CuMexQPllhRbdN+an+ZiJ5YP8J9rPdl +NCELsCCcDKLGLjlp43XfMxsgYAPEZNG2ObjKTarhk3uGYN3aJrx7s+G+c2bu8o2n +SyAFQ1iDsjS87PgSPCONA2/36ZShmv1OjLWz5Vo7hGSPcW4ZdLQiTWFyayBFIEQg +VGhvbWFzIDxtYXJrdEBhcGFjaGUub3JnPohGBBARAgAGBQJJEoLqAAoJEJsf2p88 +BiIx2ssAnjsjHqeIOdOQYuNjDxVIqfAQN8vaAJwLv/HLCQwTZdxOFqwt/Pf/Ae5L +6IhGBBARAgAGBQJJE0bmAAoJEJA4TZo1x+lCCH0Anj1yuBFfP+bNK+51xQhqFsSN +cB1vAKCzK5HbowxZd2MjzMU31USprksZTIhGBBARAgAGBQJJGG7wAAoJELDgGPyz +tNmL35kAniTaqQ+uSzJgX1o7Bp8BAFYoQ+o0AKCm4eD3gf06AK20FZwSck8ibIQ2 +3ohGBBARAgAGBQJJGekxAAoJEC0hq2VlRht59xoAnRcmnR1vJZsRCGcSuxKv+0nA +FrKsAJ9R7Gdc25unU6zF/UwUs7LdWTIFN4hGBBARAgAGBQJJGjZhAAoJEFuWgBDg +T5qJQLAAniDrgK53AhSBmZRGLU6HaI4jPO6jAJ4gWQWhnovMkAKqLRtc18Z1Q60N +vYhGBBARAgAGBQJJHtOZAAoJEFMmz0Afnhe7pzMAnAu/W6rzeOXe7SoMtbPF4mg/ +OycXAJoDQfqJpGoUFEjsoePDY0WOd5hI9YhGBBARAgAGBQJJVjbUAAoJELlbvT+k +PESS4lIAniLTQ0XnArkk0TCIBeSWWRL2SvWjAJ4+9XuK0Mg5Pk2454JbWxXqv0cW +i4hGBBARAgAGBQJJXgPpAAoJEA9FCiZiEL/ADcsAnAns0QDk3Iwb0X1GbhRfRHFf +GeV2AJ9+8rA4UfTtUnFMZZCEdyohyunM5YhKBBARAgAKBQJDme2qAwUDeAAKCRAM +PU85FKClKanOAKCIBOdqECQwSoSS6Bsw/j0rhhhOHQCfTCp+IgPx+uJ9YhhgKDyr +U3psooeIagQQEQIAKgIZAQUbAwAAAAUeAQAAAAUCSrQLBwULCQgHAwUVCgkICwUW +AgMBAAIXgAAKCRBvsh6JM8YCQ/3tAKDTsnK90MamPgLtqRxEDmCMu6mX7ACg5rF4 +05TH5JA7h23YfJCsC9ZTeoCIqQQQEQIAaQUCSVsZ6iAcU2FuZGVyIFRlbW1lIDxz +YW5kZXJAdGVtbWUubmV0PiIcU2FuZGVyIFRlbW1lIDxzY3RlbW1lQGFwYWNoZS5v +cmc+HhxTYW5kZXIgVGVtbWUgPHNhbmRlckBtYWMuY29tPgAKCRCyvrxAFSkkr91K +AJ93ymf/0iywAVIno5/T8/QUJSKVBgCfe4UPcLtISs3GI8mpYyjCXq35OEmJARsE +EAECAAYFAkkSbKQACgkQW+YxwZmV0krHkgf407SOW6qaU4nqHUJ5kFPWgcLcVVo2 +w4gQ1u6s+HzEXNTmvKZrOIzKJMnttyM2RDklmCwaI/lkJApyMbQoMW5UksTGVgnF +WHKyiYx03SnVNPH+QID9IhPzAvp2rLH9IQUtfu1vxvfsQQEZGNmKXUgaG0OduXTY +J+EkhaIFotOa6pLBcUuqjmbSI840IjnVV5a5wLyonDGFFJ7FbbHDecOcLzI9jmSd +mLQlgXD8XwYe8XqNknc6C4uOniDc+iuDRqzGFAMs7f8YK6C1fh3mWCjuNNQ64wvm +JqvxWinFKh6BpTBecqtXwta1Vzfa3tGKSrWCPfODAUHqXni+hhdEqMftiEYEEBEC +AAYFAkoVTuwACgkQarqkr5Czi1hBvACeLUdijz+jB9K9XGL1O5ZhPv8bEWwAoIIw +5uol5zSFoHcK1WHJI5D9CUhgtCdNYXJrIEUgRCBUaG9tYXMgPG1lZC50aG9tYXNA +dmlyZ2luLm5ldD6IYQQTEQIAIQIbAwIeAQIXgAUCSrQLFgULCQgHAwUVCgkICwUW +AgMBAAAKCRBvsh6JM8YCQ/rAAKCcgX1TjaeqTP62LIxml8Z1hL0cSQCeOZiYPXub +vNxwTWh01BOrh5oztDqIRgQQEQIABgUCSRKC6gAKCRCbH9qfPAYiMTeJAKCfTgLW +8OR8o1SY8DHu5/Lw/QyffQCfefq9NCLX99dWBqQqQhX8Ov/vt1yIRgQQEQIABgUC +SRNG5gAKCRCQOE2aNcfpQsvGAKDh7MWTZaEaEe9zBbiHiUQOtZYsSQCgqdqu199/ +TDjuXF+frwmzaZqOB3qIRgQQEQIABgUCSRnpMQAKCRAtIatlZUYbeZNCAJ9e6ogA +O4ZpKrEQHuuJnpPnDYT5fgCaAgyY2X29cnP+r79XpqngCGqKR6iIRgQQEQIABgUC +SRo2ZwAKCRBbloAQ4E+aicu/AJ9w90lBNZNBRpoQ6BpSGi88e7GrOgCfe9sD/Qbj +xJJ4FifW8I0/sHbpaNeIRgQQEQIABgUCSR7TmQAKCRBTJs9AH54XuxYdAJ46GTR8 +lGoMPK/hUnjeTZ0neTacyACcC6y/DMgkUi499c/zqq9PbIfq7+2IRgQQEQIABgUC +SVY21AAKCRC5W70/pDxEkvlHAKCKieHMrMKnD2U+43ryLJa1S1hr9gCcDnBl6uvO +7qcTozf9k/S8lYvOGs+IRgQQEQIABgUCSV4D6QAKCRAPRQomYhC/wGLfAKCp+OYb +ANzRA7CKs/3bcGjGmFet+gCffHlkrqm7ZgaBVl/2thvldg+obqmISgQQEQIACgUC +Q5ntuwMFA3gACgkQDD1PORSgpSm/uQCfUdtXgb+/jBVYS9zEFy5MNEssdsIAnRv5 +oMNzdqDJ7F/UuU6hUm1QhdkUiKkEEBECAGkFAklbGeogHFNhbmRlciBUZW1tZSA8 +c2FuZGVyQHRlbW1lLm5ldD4iHFNhbmRlciBUZW1tZSA8c2N0ZW1tZUBhcGFjaGUu +b3JnPh4cU2FuZGVyIFRlbW1lIDxzYW5kZXJAbWFjLmNvbT4ACgkQsr68QBUpJK/d +SgCfd8pn/9IssAFSJ6Of0/P0FCUilQYAn3uFD3C7SErNxiPJqWMowl6t+ThJiQEc +BBABAgAGBQJJEmykAAoJEFvmMcGZldJKI50H/iCJKvk1gi9oIiL6EISeuSngzsis +Jzcg951BN0GVCvLvvVwKNHD7+myiB2gkKKp2yv/A1DVPaZ7ZNkB4KEPLlorLw7iK +gb4QrqgezJaRcJ3zisTh6JslOKuV/7Ojy4DZOXVFsr7LSFXPgl6O29AEPD6SHjOH +0x6RTJPqrsccQ49/KBAUAm1oMmRhcE7jsMl6Y3gQGIkSxG7Pag9zj5qxeqljdhf+ +QbM4cb9a8jPCSvU3RfXH531PILENGpprvH1oFforY7sNyI8AOMQ1on7Pnk09zbNx +lRBq73dV5RCBtg0xF6v4/dA/X1O1cGnXGAYM7Tp6WXifJzPssRySCuwTZvWIRgQQ +EQIABgUCShVO7AAKCRBquqSvkLOLWAz2AKCfHh162MhNPvfzMtvqR3Vz+x92WgCf +e16LZToIN8IUA2Sqyru9Y6J5Hlm0Lk1hcmsgRSBEIFRob21hcyA8bWFyay50aG9t +YXNAc3ByaW5nc291cmNlLmNvbT6IRgQQEQIABgUCSRKC6gAKCRCbH9qfPAYiMUdj +AJ41QcpKYNSt1tHNV3YATFcYf/XIKgCg7MFeSGbpvW1W1/weqnraMzFzLfeIRgQQ +EQIABgUCSRNG5gAKCRCQOE2aNcfpQnTyAKCdCXp8TBXMKajXNbepnP/8AcxuvwCf +ZABpYIEZ2up4mOTpQCKtAfuj3XaIRgQQEQIABgUCSRnpMQAKCRAtIatlZUYbeY7m +AJ4hT6Y9bnDyS2ZQgxDoe0q1KmeLEACfTNOmAvfFCPpJd5jefNSAg5hblpaIRgQQ +EQIABgUCSRo2ZwAKCRBbloAQ4E+aiXu8AJ9+n0GqPb0pLsFd1bHAnbUFE7wQAgCf +YuHmCCO1a7o1ZhOMmTqjQY8znMaIRgQQEQIABgUCSR7TmQAKCRBTJs9AH54Xu8TF +AJ46JXUYFXbZocbqNxfhfusocDncxQCg180xr/NoOPTmUqne1xT3CNb2gJSIRgQQ +EQIABgUCSVY21AAKCRC5W70/pDxEkm2rAJ9sBYuejJ4w8CXwSSiH56j26JnqqACf +dwaQ5K/fBzZCZO3XeHq/CGF+uQmIRgQQEQIABgUCSV4D6QAKCRAPRQomYhC/wJ8p +AKChOJ08LU1Ji+c0TdCrUS3xHPusvACfX4b7m9UU4KPSjFBt86Wy+7Tl/1iIYQQT +EQIAIQIbAwIeAQIXgAUCSrQLFgULCQgHAwUVCgkICwUWAgMBAAAKCRBvsh6JM8YC +QyLIAKDfzPcdTFN6Iu7MENRKHRgkhlWwcwCg4WwimtdbIuNUaJlHAaDCkXDOK66I +qQQQEQIAaQUCSVsZ6iAcU2FuZGVyIFRlbW1lIDxzYW5kZXJAdGVtbWUubmV0PiIc +U2FuZGVyIFRlbW1lIDxzY3RlbW1lQGFwYWNoZS5vcmc+HhxTYW5kZXIgVGVtbWUg +PHNhbmRlckBtYWMuY29tPgAKCRCyvrxAFSkkr91KAJ93ymf/0iywAVIno5/T8/QU +JSKVBgCfe4UPcLtISs3GI8mpYyjCXq35OEmJARwEEAECAAYFAkkSbKQACgkQW+Yx +wZmV0krGSgf/RlmcEUwth7OQkmpIGPeGbrfjpbuK/AV0+Q8nBJAsAWiMl1ydBo9m +L3oSh2D+0G3gLCyckgA1bcsNdtxMPctxJdmju3rWbq0cEVG26U/qeRDjkZafLa8n +iPReRVRuJP9uAgQ19cv7mOYjRiEjTqeA2IJ8J2RWLZSOf/3u4mWwjq6hMXKGxHc4 +phKVQyjgRh45DzG3wuXa5FpHaG1gYgkUhIvW+RGPbuvKNKMSRIuXs8GzsTbWvNWG +/aAOG8B3gR48hQCq7Ja//+ebfKWWi0c37X09VHt9VlNrhWvKziDaofwsobbAa2+F +fby/1fBgoMVNdmtvXWlzugkQ+G3xXZkzdIhGBBARAgAGBQJKFU7sAAoJEGq6pK+Q +s4tYOREAn3tCOMDivfkSiyRdAOB8sjd8H76KAKDFbj1BkgeYIzWQhHxR0SHC9eoL +NLkCDQRBRI3pEAgA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTp +j0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39 +uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1Y +TknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9 +fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCb +AkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwACAggAri0hN7wUjnkzDNOHs7j7 +eM2VKdDxUBkC9287maduH9fEvD9wXphgJNldx2WCZs5jYHeC9LyAvcchXbiAhYG4 +lfbssyj8B7woEMGrqRbxSxp+0PSydJ5WsBjeyptd7yUxt660/1DCsC05PiDBGEMF +IAYbeh05wWjPlKlcf3geDx6G4preUXnc/Qp0+A65QNDOjod3j1gQ+vTZ4cKNgDeN +nV/1tinJw3tokTbvyRGzmLLLI9Ht1Zh8BJsGtOuE6UKcNXwpclu7H+GljnEL3E9d +kdITb0YU0dU1dKc4yDJG0T5EXs4SGOeQE0yH3Gma8PmLm5psP6af9cCA0cx3sTqv +a4hMBBgRAgAMBQJBRI3pBRsMAAAAAAoJEG+yHokzxgJDfKIAoOLR5oMpV8OGN7ox +fieHH9qJZRmtAJ0ZMl/F/rvzazItoNsYRL6bE2wBlpkCDQRKtA7pARAA+I6Lxzjy +Q8aA/iZztRqNpIsKYEVC2rBpa1SrklHT+sM3Gqlpl6arTiSisFtjEBUC5oO50PUY +ycMt0AmyjQyUAP28G0E9Re1s0ws9kur8QuM8SnJOLekWQatnSbGChdAhIemX2OHZ +ir4avt4rLUqBUXR2KDjxlmabkQ6n2T3Rpv5t9+f+ihh+faMrJ9TRO2tmvpGc4wUh +IL9t/peGdUYO/n6c9SXHR0nQtmfmUcTC9uXlWrUVc+MrwzmSLag1ET9uM1jqHcYG +6JXVemPPAt7/+ykUftb5Jc5LgNhahfEOK/9n9LLuzFFb4kHMtvcv0ZS0g002KFZQ +mdZ4teKhVOx6cONyibYF5nFMKt9U9fkpV3WIzSdWhZFIvAYwhw3EoBPyEXilGp4x +85uF0spig03qqs4nYuJOjww+I8h2/JPL8Yuqk+lHZ5XH6OTQZJFE9U2roRMvJLR4 +W5fZOtAb7zAT/ZenFEYiYNVku+3oCOD//NqD288xYhhal8iSlC1YMbXUNyYpAqaH +ad39X4ej5WGcJFuMQiSybnCeTIkKdOxwJDFVucPpPF77pOIuarodzftpMyhzjokA +g5jdLM9F4zhPu1wbzNZb89/lGqy34ElZlvGoXi3e3miJeSLQZPPOOGSetC60PiYi +Kr6iXpsciDOnqaGb2OWt2bIWaXC4pQuYVvEAEQEAAbQiTWFyayBFIEQgVGhvbWFz +IDxtYXJrdEBhcGFjaGUub3JnPokCNwQTAQoAIQUCSrQO6QIbAwULCQgHAwUVCgkI +CwUWAgMBAAIeAQIXgAAKCRAQwBxaL2BZ59mIEACjehSxvyNSI9z1JQv1zZYWrEMT +3hN8Njr7bcHjkD2JG5SfZx7Rh+aTahtv6qBkoZaSNOIycvRsVijqOzVeL+zNJm1Z +Ql1YI3ZbzBVnS+5Z6HIIMCQBXo0HGJVbccobuJudCwbwbpxIcQm0HCp51ppAeznJ +tCHLWqo3PawnNRf2jYVTFKSdMxtZMk6fYcbzek2wkJWnDMeaHE1sy9M5+kGYW1H6 +2MH8WCZkp5FWGTmM1yFyLCzebCfUOD/LY2OKloHfm0Lzqj1q5My/S1UZxjq0mCLK +DOc1naI9YNYJTMyv2aiXUaqqgYXuhWE214qc/KF/Ipgnm3GsWZ3y4Roqql/sg2t2 +FMA4qqJvrGTnNIlxrypKpbTy6TXhdDFU+2mY2pbEP79mLG9uEUJfRX431pr0/GT1 +s/CqK3tQCOFHCCIBVbTPs7i5S/QiLBo4PoBwxNnYWQ2NKn4s5Ry/QqAFlAzN6SH8 +TNleAUZ9cTvo/5jKHYY5mC2b5xVc+ChpDTu8EZKHwADSFmKN1iOcfNwRgx9+9bdz +Ua66UkhT9F6UF+vy3mo9o+lOqbgAS9qgcYbHLDunIXN7uP/tNfX3/qXmVbHPbbXE +0F7CiLo5jG/KdrJObrJr+jylV96Fv0QMaW1R1OZGeacdR6u5jEHWXy7OX3+GMplw +R9Ns+P0Zksz2ptF2+bkCDQRKtA7pARAAwjRJMLOWK6AZm7vO/PV39NOoE5eS8w/x +3bd7AKfYgnz4LnDvpe1PsW6NVx0zCUMBFX0vkcd0W2i2ERvoVOxbiS0Af+TWggzU +bqsOSh8kLSVB/s6POCKqnzMxvGjknR4Ncq9sSh+EE5oEDjQbv1tMRGZma6Ok42Dc +JJNqcFytsriJmT1DsvpitahfFpt4U7ZDxPhRUjRSGnhw6Expsf9EYrvyu3TSU6wt +E5UaZ9iunetMwed2GE3PtA2Eg8gdBbqV4gMf/lxBp90O3jYtgVesOdL+a+dUD/M6 +bYhX5THxSjQH1fMUuTLXkHffGEuaqnfyz6N4EuRxT0Gki9JN0Uwpb+30DR3GRapr +9DlqYses5tp6WMYarEwxnkmudv7l3oVVxeSbm2BYnzEi6WxlWana5huYa9nMnMbI +xYmNMyTmkYrZjfyVmzhi4sK3DeLpCjchZ7RRuYz2hZyXcfax38iTXhfXIL/SZWXh +cSelqiAIZSjrh9yvP6ctEjxOmThX0aNGFMb4duSv7IjnDy5utd2jscmO2H0PDBNr +4J+yNJgLYPWpvmBQ2mxqo/N/aHcGXc2b9k9plB58mxUyRQbjFhlimLLWA0unmRJo +bqWz71CpA7oP5jvoHaPqUihfWEugzOUbQnUzSauDWWOdMqQW+UUo/iDRz6HCKdlf +ww0288krLusAEQEAAYkCHwQYAQoACQUCSrQO6QIbDAAKCRAQwBxaL2BZ5y3tD/4t ++KCuXBNi5alBCExHEzveMdRF9FJrSqJEX0NwGFivF3hQ/HJkrcu9oTJC/tXNFf/+ +EHOd0lMiyFl5PBSlhe4XS988rgapUW+ee9tQmAt+RgP40fdKdJNb6+9NYGmrdnDU +zlQtP+h/XBOcmF0/szK/U0oigg8DjYYUm5gCWXOl9H4LJgg+yOcVCOVa4oTf1sdA +mQba1xlMhOIYBWmEhqbWZpGOS59XvpyNfOQXWu26S8HACBqyPZ2LVV4H+9cmxinT +z7RX1yKD17nLZ/fTOzZ1gYTbhg5rNmFpDgu3nlgU8SpGQ1kd70ZkcudgehsUe1Ep +Pyl7O8qhj5H0/3OAmRXzrq2VF17gtz7zpntA0JqsBMbSaK5qBuBcurLhBT634WDI +oE8u5Em1UwjgTI0Cx/lPxRTbIb4PfjP2b2ik/tJaUbwUrhuZ4LAtGztMVrF4W+qn +x9oed4OFXMBbwgS+SH6oAHlGwpxhhzXBlqZsHXm+w+2oazWUhxFFGEe5U245GEtN +f0AznBMDWTqg0SCVEDjlKt+e9tVXkTpHYWZjGbRZbEHkCbFqKhq0KP5BGInFZTFT +oI5jjszmuX0W/yKpRpQZ+GuJnt4VrYSy7TMvjjhIpuhDY57VUwUIkz/2Kq8Vg2wp +Gg+29nvcGOTdyZUcTCEB33B2jQ9z0XUEp+6B2F5iZQ== +=hSkx +-----END PGP PUBLIC KEY BLOCK----- + +pub rsa4096 2019-05-05 [SC] + 48F8 E69F 6390 C9F2 5CFE DCD2 6824 8959 359E 722B +uid [ultimate] Remy Maucherat +sig 3 68248959359E722B 2019-05-05 Remy Maucherat +sub rsa4096 2019-05-05 [E] +sig 68248959359E722B 2019-05-05 Remy Maucherat + +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFzO4ecBEACVS86VyuTSJmLmApi92R6D3/L3EIBFXhagJbrLkodkTuG9efYo +vM1DJPWEFs5kux8a8UPwn2gbQFPJg1AH77GqjP8gtn0KHQvXgYC9+7cTqDl6C7k9 +n3BkB9bRIhHileYyIJfnycjJdrGFEmwGu0pBOEdr01R0kFprqYu9DwcD6oUvmZRn +OMoQQeLEC0cw/VzJ/ZqzJwO0t+rMCozqJ9/BfJZUqwijDZnJAZWnIVxjqxrUgyYA +5/0g9X8YHrIz09XuzaE64VAl0q3nrFJWvDCwE/ZM7w8jlUqtQgLu4K2U82G0YXw3 +KJ1EbigEmtEohu6HVnAToCJuOnQ8m0rZxbyNMeYF9pyohdFEca4I0B8Evy2dYFnJ +Y2gghuU80vct54536WWz9mAjKwBFQUtxX0EjYrYN9ckzCK6fRqrnVv0USVp7N/ZY +PQkOEJSdmRdpvTMwfCuAyT0/3cxuC7NyAWiZDXJv7OVcDr/REfWAA7XMQOErwdGJ +gViG58YhLw0Pgdumg+prqQXowzlRzGAsV5VntCh+4LV8/ESmvWAE3V+jgZFB3cSp +g58NKjp1EwKwX6BCICyX+Oe03cnlC0UJ7S9FccrjNrkiwxxOVAnmy4kxX/P3Cuqc +C/b6BeeUA1hBNWNe42mr6YczS+dhpCSUVWQJp/TxdoXA2fGG1OS1FMaICwARAQAB +tCBSZW15IE1hdWNoZXJhdCA8cmVtbUBhcGFjaGUub3JnPokCOAQTAQIAIgUCXM7h +5wIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQaCSJWTWecisVSA/9Eh3h +0jeyy51rA1nqq9imbH0YC85A/wZjhb06UXwWBPozJR8UJsOJZ7kBzCW4gfkC9zTD +GStSHHAej9o96FHVRLzCyjaaZVuRUl2qCz9U+pnGMxb5aRNVAQ/wE10hHu3Yc+48 +cc0sPCCPMdshAj1VOHczTU/LSv21TWBaKO3NMV9KilPzKvXHdPFYssVcUt2NgQLm +2Bx/ELTCVj5c9Ih2cz3T7kxf8LKsGALIfjcp8g9DlvMjVLKBFZqU94C4V0mba2Fd +6xHpdmcgMbSNo6poQ0M0O7CN5qVJFm/v4ZDooLNWRMeL66oen3LrZ8HRpPxfic77 +JLKn60dywuYU8WYp7cV+3AnaDn/ggvC1x79LSmX4PFyG9/F5M7gp0HFrVdyc0nBo +UTejZXehwKrfvF/isPf7pUv2fGXwg07zTz8OMLQo4h9poB5YuuinjuxjBfmc2AvB +WbRcKNvHXHUlaVeK+VvohfPuetJESS4YB7fLMQPdGIckDFQub4SvXPNPPToLsbDB +2GGguqhwWD9ECa2o1RqX8LnCdB71uBcyiW8UIkLxwaygsciVm7SFz+pqAKJgzWwI +AsVYVOIKdq0GWaLDtMGJGQFfxuMVmMGGbvueAMcOCSSsGemkElan33VS8Zu1sjeY +P0Jt4ws6gcbUHI27l5Pvk06uWzaN8uyXGA03d4y5Ag0EXM7h5wEQALG3oikRAQqf +um+wW6oW2d1mIk0PtnC3l3/kGTA92kIqJzQ3Ua0mFaVGxdg2J/I1MF7HdlZJbGyP +5b0PdbSjLHFbQfFD6LHsLw9StVrkjbBKYaP0gRWxEIHMN4Qv01I2Lyc9ONlMjUIf +xNK/AG6oT/Ia53VVET78HOj01L7JjBAPuW8UPoy27s2gQ02smbA7iRUeZ3dpN2fy +027aKbimIl1ZrxJbcbxw29PXWJZP+CxJEnqwEw78QbqSsFMAhR9wZHTfEtUzYy6h +hyngwYQ+iBnB+1cYTEB9KbWWpP5n12iuRin77r2RwrHYAW/RUILK2rOJqPcIg6CX +P1o9UKPeN5QE/ScU5427XKZZscaQrvBPoN3G2RWmMuHM2cchXgRRMMaSvufocLjj +gKj/aPUDCkvJ5MyTNtMfVDx0Tw3aQpf2Fr1L1Hu2GyBqifioZGdzLL0LtdeXzkJy +nZGj/L5jzIlNBnQG97rgCuPflbIl2S1izNexnuX2Z1dcyS2MTrj3nnK6HoW+gvCc +oqq01S410wxaAUidJeGwLzgUa9Ig+6BVPT7sZrbc0IoNP+JdoqPxiEkqy4Msy9WJ +RVeJM520Q2T1YM7xm/4E8C7H+Fis5u4GNswk5qsXEOyLcHBzGEik3BDylp+sJ6/F +DuAN7k64RV2m+lKpjngiKZxo9LmqnsWTABEBAAGJAh8EGAECAAkFAlzO4ecCGwwA +CgkQaCSJWTWecishvg//ZDuhkbSUgIIjG9Rzq3cHNxZ4sFrUwL19AtGNktiwt0QA +GCKPnf4SdHZGKSeOqUHeDT/l/5l4Xc/JgRk/t2bEeC3cHE/Xc5V6I2n28HQiJScX +UJdnO3QdTCMEYVedu/9JhmA37eznQhm+UAcxT9tew3nSd0KkkMQyW6YpBEgcdsFd +aLiFPzbySjRWplyCdELPRFtW2ZHnJ5gVGYZ060EOHcdPb/4Gz/mA6dIjQ5N+vKlA +GNdYZgv3w4NRGLmni5T7jDAY6T2CJXxvcgfYfh3oY3aiZaWzKKQyLEVaoZ6dJbsm +mi2if7MZ/SVCMdM3MXiRpCeyyw9MTylGzgwbDYSz2ZkGvy9k+1M75q5QEfvVM8R3 +guaBJR+e4fkfsRBUAqwmHy8TrXghf5eOCsJx/9yyRXvK4tnwSBUIzFa1q0POESul +jFWYFkvRjKIYfFWS6cY37sPNLvEQQmP2O07ttaYfIXcMcVF+HsDBUftGRWIkkPn2 +LucW7f0Lqlbv/mlJpqByz522jmJRNFLVQh87LYz91FgsLAgDkPpi8mzRrEfb2nHD ++PIKpoO499AKQ8hETMbfzmpJUIV2Bhd7OqKDSf+yHiYSje9evofP+4lDUx3u7tQ3 +4OUzLqBRVrhFDI9keHnhOFMJSrnrpXe7Cm9JujvTX/hy2iOpTOuflj0Djsc8dnQ= +=l4Ry +-----END PGP PUBLIC KEY BLOCK----- + diff --git a/tomcat.spec b/tomcat.spec index caa07c3..f5688b4 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -22,7 +22,7 @@ %define elspec 3.0 %define major_version 9 %define minor_version 0 -%define micro_version 75 +%define micro_version 80 %define packdname apache-tomcat-%{version}-src # FHS 2.3 compliant tree structure - http://www.pathname.com/fhs/2.3/ %global basedir /srv/%{name} @@ -66,7 +66,7 @@ Source33: tomcat-serverxml-tool.tar.gz Source34: tomcat-serverxml-tool.sh.in Source1000: tomcat-rpmlintrc Source1001: https://archive.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz.asc -Source1002: %{name}.keyring +Source1002: https://downloads.apache.org/tomcat/tomcat-9/KEYS#/%{name}.keyring #PATCH-FIX-UPSTREAM: from jpackage.org package Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch #PATCH-FIX-UPSTREAM: from jpackage.org package @@ -83,7 +83,6 @@ Patch5: %{name}-%{major_version}.%{minor_version}-jdt.patch Patch6: tomcat-9.0.75-secretRequired-default.patch Patch7: tomcat-9.0-fix_catalina.patch Patch8: tomcat-9.0-logrotate_everything.patch -Patch9: tomcat-9.0.75-CVE-2023-41080.patch BuildRequires: ant >= 1.8.1 BuildRequires: ant-antlr BuildRequires: apache-commons-collections @@ -256,7 +255,6 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name " %patch6 -p1 %patch7 -p1 %patch8 -p1 -%patch9 -p1 # remove date from docs sed -i -e '/build-date/ d' webapps/docs/tomcat-docs.xsl @@ -641,7 +639,7 @@ fi %postun servlet-4_0-api if [ $1 -eq 0 ] ; then if [ ! -f %{_sysconfdir}/alternatives/servlet ]; then - # /etc/alternatives/servlet was removed on uninstall. + # %{_sysconfdir}/alternatives/servlet was removed on uninstall. # Create a broken symlink to make sure update-alternatives works correctly and falls back # to servletapi5 or servletapi4 if they're installed. ln -s %{_javadir}/%{name}-servlet-%{servletspec}-api.jar %{_sysconfdir}/alternatives/servlet