tomcat

SHA256

Author	SHA256	Message	Date
Fridrich Strba	0e5a696eed	Accepting request 1121130 from home:mbussolotto:branches:Java:packages Add info to the current changelog * Fixed CVEs: + CVE-2023-45648: Improve trailer header parsing (bsc#1216118) + CVE-2023-42794: FileUpload: remove tmp files to avoid DoS on Windows (bsc#1216120) + CVE-2023-42795: Improve handling of failures during recycle() methods (bsc#1216119) OBS-URL: https://build.opensuse.org/request/show/1121130 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=279	2023-10-30 10:54:18 +00:00
Fridrich Strba	bce8682351	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=278	2023-10-17 05:19:46 +00:00
Fridrich Strba	196f9c87df	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=277	2023-10-16 23:41:44 +00:00
Fridrich Strba	49d0e0bf09	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=275	2023-10-13 11:20:11 +00:00
Fridrich Strba	ddb247a2f7	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=273	2023-09-21 20:06:00 +00:00
Fridrich Strba	b2fc5bc4ae	Accepting request 1112820 from home:mbussolotto:branches:Java:packages - Fixed CVEs: * CVE-2023-41080: Avoid protocol relative redirects in FORM authentication. (bsc#1214666) - Added patches: * tomcat-9.0.75-CVE-2023-41080.patch OBS-URL: https://build.opensuse.org/request/show/1112820 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=272	2023-09-21 14:49:07 +00:00
Fridrich Strba	1d620875c8	Accepting request 1111848 from home:fstrba:branches:Java:packages OBS-URL: https://build.opensuse.org/request/show/1111848 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=270	2023-09-18 06:12:05 +00:00
Fridrich Strba	99a19525a5	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=267	2023-09-12 11:30:53 +00:00
Fridrich Strba	d3b5cc15e7	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=265	2023-09-12 11:22:53 +00:00
Fridrich Strba	d6dff44ec2	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=264	2023-09-12 11:12:01 +00:00
Fridrich Strba	8907d86932	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=263	2023-09-12 11:03:57 +00:00
Fridrich Strba	0b32a6ad02	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=260	2023-05-23 04:40:11 +00:00
Michele Bussolotto	6bc85246b3	Accepting request 1077841 from home:mbussolotto:branches:Java:packages - Fixed CVEs: * CVE-2022-45143: JsonErrorReportValve: add escape for type, message or description (bsc#1206840) - Added patches: * tomcat-9.0.43-CVE-2022-45143.patch OBS-URL: https://build.opensuse.org/request/show/1077841 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=256	2023-04-07 08:08:28 +00:00
Michele Bussolotto	6ef0f7376a	Accepting request 1073926 from home:mbussolotto:branches:Java:packages - Fixed CVEs: * CVE-2023-28708: tomcat: not including the secure attribute causes information disclosure (bsc#1209622) - Added patches: * tomcat-9.0.43-CVE-2023-28708.patch OBS-URL: https://build.opensuse.org/request/show/1073926 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=254	2023-03-28 10:01:54 +00:00
Fridrich Strba	db57f882c4	Accepting request 1068181 from home:mbussolotto:branches:Java:packages - Fixed CVEs: * CVE-2023-24998: tomcat,tomcat6: FileUpload DoS with excessive parts (bsc#1208513) - Added patches: * tomcat-9.0.43-CVE-2023-24998.patch OBS-URL: https://build.opensuse.org/request/show/1068181 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=252	2023-03-03 05:35:10 +00:00
Fridrich Strba	503278cde3	Accepting request 1058853 from home:mbussolotto:branches:Java:packages - set logrotate for localhost.log, manager.log, host-manager.log and localhost_access_log.txt - use logrotate for catalina.out * update tomcat-serverxml-tool and spec to configure server.xml - Added patch: * tomcat-9.0-logrotate_everything.patch * tomcat-serverxml-tool.tar.gz - Removed: * tomcat-serverxml-tool-1.0.tar.gz OBS-URL: https://build.opensuse.org/request/show/1058853 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=250	2023-01-17 12:37:11 +00:00
Fridrich Strba	7044f5b497	Accepting request 1039114 from home:mbussolotto:branches:Java:packages - Use catalina.out for logging (bsc#1205647) - Added patches: * tomcat-9.0-fix_catalina.patch OBS-URL: https://build.opensuse.org/request/show/1039114 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=248	2022-12-02 08:23:58 +00:00
Fridrich Strba	0383717111	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=246	2022-11-22 06:28:25 +00:00
Fridrich Strba	d041727005	Accepting request 1037056 from home:mbussolotto:branches:Java:packages - Fixed CVEs: * CVE-2022-42252: reject invalid content-length requests. (bsc#1204918) - Added patches: * tomcat-9.0.43-CVE-2022-42252.patch OBS-URL: https://build.opensuse.org/request/show/1037056 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=245	2022-11-21 12:28:39 +00:00
Fridrich Strba	0a03fd758a	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=242	2022-07-13 13:43:12 +00:00
Fridrich Strba	c75e4afeff	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=240	2022-07-08 06:29:53 +00:00
Fridrich Strba	ab654215d5	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=238	2022-05-23 17:08:25 +00:00
Fridrich Strba	45b1f5a3f7	Accepting request 967485 from home:mbussolotto:branches:Java:packages - Security hardening. Deprecate getResources() and always return null. (bsc#1198136) - Added patch: tomcat-9.0-hardening_getResources.patch OBS-URL: https://build.opensuse.org/request/show/967485 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=236	2022-04-07 17:49:31 +00:00
Fridrich Strba	2ed7e67af2	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=235	2022-02-23 11:59:03 +00:00
Fridrich Strba	ce50f8c0d6	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=234	2022-02-22 19:00:44 +00:00
Michele Bussolotto	c2fd26d820	- Fixed CVEs: * CVE-2022-23181: Make calculation of session storage location more robust (bsc#1195255) - Added patches: * tomcat-9.0-CVE-2022-23181.patch OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=232	2022-01-28 14:25:17 +00:00
Fridrich Strba	7b1f875f7f	Accepting request 946275 from home:olh:branches:Java:packages - remove instance units from post scripts, they can not be reloaded OBS-URL: https://build.opensuse.org/request/show/946275 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=231	2022-01-14 05:24:24 +00:00
Fridrich Strba	f640109f9b	Accepting request 939130 from home:mbussolotto:branches:Java:packages - Fix NPE in JNDIRealm, when userRoleAttribute is not set (bsc#1193569) - Added patch: * tomcat-9.0-NPE-JNDIRealm.patch OBS-URL: https://build.opensuse.org/request/show/939130 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=230	2021-12-12 08:13:13 +00:00
Fridrich Strba	eb7ec9843b	Accepting request 928113 from home:mbussolotto:branches:Java:packages - Fixed CVEs: * CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279) * CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278) * CVE-2021-41079: Validate incoming TLS packet (bsc#1190558) - Added patches: * tomcat-9.0-CVE-2021-30640.patch * tomcat-9.0-CVE-2021-33037.patch * tomcat-9.0-CVE-2021-41079.patch OBS-URL: https://build.opensuse.org/request/show/928113 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=229	2021-11-10 08:18:07 +00:00
Fridrich Strba	d7d5c718d0	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=227	2021-11-10 06:56:56 +00:00
Fridrich Strba	e8a2685481	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=225	2021-10-19 09:36:28 +00:00
Fridrich Strba	2574a121fc	Accepting request 926112 from home:balta3:tomcat9 Update Tomcat to 9.0.43, ecj 4.18 as submitted in another request is required - Update to Tomcat 9.0.43. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.43_(markt) - Removed Patches because fixed upstream now: * tomcat-9.0-CVE-2021-25122.patch * tomcat-9.0-CVE-2021-25329.patch - Update to Tomcat 9.0.41. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.41_(markt) - Update to Tomcat 9.0.40. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.40_(markt) - Removed Patches because fixed upstream now: * tomcat-9.0-CVE-2020-17527.patch * tomcat-9.0-CVE-2021-24122.patch OBS-URL: https://build.opensuse.org/request/show/926112 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=224	2021-10-19 05:08:40 +00:00
Fridrich Strba	7c32e22b9c	Accepting request 925884 from home:balta3:tomcat9 - Update to 9.0.39 - aqute-bnd 5.1.1 required (separate submit request) OBS-URL: https://build.opensuse.org/request/show/925884 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=223	2021-10-18 06:37:59 +00:00
Fridrich Strba	4a8fbc25f3	Accepting request 880517 from home:admehmood:branches:Java:packages * CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912) * CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909) - Added patches: * tomcat-9.0-CVE-2021-25122.patch * tomcat-9.0-CVE-2021-25329.patch OBS-URL: https://build.opensuse.org/request/show/880517 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=221	2021-03-23 11:26:59 +00:00
Fridrich Strba	b87f5648b0	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=219	2021-03-19 05:27:29 +00:00
Fridrich Strba	6e5c662b6a	Accepting request 879719 from home:admehmood:branches:Java:packages - CVE-2021-24122 OBS-URL: https://build.opensuse.org/request/show/879719 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=218	2021-03-18 06:13:13 +00:00
Fridrich Strba	52983fd500	Accepting request 856448 from home:admehmood:branches:Java:packages - Fix HTTP/2 request header mix-up: CVE-2020-17527 (bsc#1179602) - Added patch: * tomcat-9.0-CVE-2020-17527.patch OBS-URL: https://build.opensuse.org/request/show/856448 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=216	2021-01-12 10:57:31 +00:00
Fridrich Strba	5c88b47afb	Accepting request 841492 from home:jengelh:branches:Java:packages - Replace old specfile constructs. Remove support for SUSE 11.x. - Drop %systemd_requires, which is considered a no-op. - Trim redundant license mention from description. - Make documentation noarch. - Do not suppress errors from useradd. OBS-URL: https://build.opensuse.org/request/show/841492 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=214	2020-11-03 15:34:19 +00:00
Matei Albu	5fc16cd0d0	Accepting request 845720 from home:mateialbu:branches:Java:packages - Add source url for tomcat-serverxml-tool - Fix typo in tomcat-webapps %postun that caused /examples context to remain in server.xml when package was removed - Remove tomcat-9.0.init and /usr/lib/tmpfiles.d/tomcat.conf from package. They're not used anymore becuse of systemd (bsc#1178396) OBS-URL: https://build.opensuse.org/request/show/845720 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=212	2020-11-03 13:23:42 +00:00
Matei Albu	a14e7a9e0d	Accepting request 845377 from home:mateialbu:branches:Java:packages - Fix tomcat-servlet-4_0-api package alternatives to use /usr/share/java/servlet.jar instead of /usr/share/java/tomcat-servlet.jar. Keep /usr/share/java/tomcat-servlet.jar symlink for compatibility (bsc#1092163) - Change default file ownership in tomcat-webapps from tomcat:tomcat to root:tomcat OBS-URL: https://build.opensuse.org/request/show/845377 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=211	2020-11-02 16:37:37 +00:00
Matei Albu	d14a544fa7	Accepting request 841718 from home:mateialbu:branches:Java:packages CVE-2020-13943 and bsc#1177601 OBS-URL: https://build.opensuse.org/request/show/841718 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=209	2020-10-14 08:54:21 +00:00
Fridrich Strba	14216e6c34	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=207	2020-08-26 06:05:55 +00:00
Matei Albu	32d59bc711	Accepting request 823635 from home:mateialbu:branches:Java:packages - Don't give write permissions for the tomcat group on files and directories where it's not needed (bsc#1172562) - Change tomcat.pid location from /var/run to /run (bsc#1173103) - Use the /sbin/nologin shell when creating the tomcat user - Use %tmpfiles_create macro in %post instead of calling systemd-tmpfiles directly OBS-URL: https://build.opensuse.org/request/show/823635 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=205	2020-07-30 21:16:33 +00:00
Fridrich Strba	58c8d0d803	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=203	2020-06-26 08:05:25 +00:00
Matei Albu	1cb001bdee	Accepting request 809082 from home:mateialbu:branches:Java:packages - Update to Tomcat 9.0.35. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.35_(markt) - Fixed CVEs: - CVE-2020-9484 (bsc#1171928) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch OBS-URL: https://build.opensuse.org/request/show/809082 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=201	2020-05-27 09:06:23 +00:00
Fridrich Strba	fe7bd6c817	Accepting request 792968 from home:javierllorente:branches:Java:packages Update to 9.0.34 OBS-URL: https://build.opensuse.org/request/show/792968 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=199	2020-04-14 07:06:57 +00:00
Matei Albu	d682f2528e	Accepting request 789762 from home:mateialbu:branches:Java:packages - Update to Tomcat 9.0.33. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.33_(markt) - Notable fix: corrected a regression in the improvements to HTTP header parsing (bsc#1167438) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch OBS-URL: https://build.opensuse.org/request/show/789762 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=197	2020-03-30 12:36:04 +00:00
Matei Albu	f7af59e59f	Accepting request 780240 from home:mateialbu:branches:Java:packages - Change default value of AJP connector secretRequired to false - Added patch: * tomcat-9.0.31-secretRequired-default.patch OBS-URL: https://build.opensuse.org/request/show/780240 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=195	2020-02-28 11:40:32 +00:00
Fridrich Strba	f67cfaf312	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=192	2020-02-26 05:56:48 +00:00
Fridrich Strba	501a398983	OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=190	2020-02-25 13:35:13 +00:00

1 2 3 4

161 Commits