pool/tomcat
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
201 Commits 2 Branches 0 Tags
Commit Graph

201 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Fridrich Strba
8e29a1ed89 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=294 2024-02-06 11:56:00 +00:00
Fridrich Strba
7b9c3e0a7b Accepting request 1144524 from home:mbussolotto:branches:Java:packages 
- rpm 4.19 requires dependencies on tomcat user and group (bsc#1219530)

OBS-URL: https://build.opensuse.org/request/show/1144524
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=293
 2024-02-06 10:12:55 +00:00
Michele Bussolotto
57fd502003 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=291 2024-01-17 18:20:04 +00:00
Michele Bussolotto
8f11f8669f OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=290 2024-01-17 18:18:22 +00:00
Michele Bussolotto
7984f6fd19 Accepting request 1139519 from home:mbussolotto:branches:Java:packages 
- Update to Tomcat 9.0.85
  * Fixed CVEs:
    + CVE-2023-46589: Apache Tomcat: HTTP request smuggling due to
      incorrect headers parsing (bsc#1217649)
  * Catalina
    + Update:  68378: Align extension to MIME type mappings in the
      global web.xml with those in httpd by adding
      application/vnd.geogebra.slides for ggs, text/javascript for mjs
      and audio/ogg for opus. (markt)
    + Fix:  Background processes should not be run concurrently with
      lifecycle operations of a container. (remm)
    + Fix:  Correct unintended escaping of XML in some WebDAV
      responses. The XML list of support locks when provided in
      response to a PROPFIND request was incorrectly XML escaped.
      (markt)
    + Fix:  68227: Ensure that AsyncListener.onComplete() is called
      if AsyncListener.onError() calls AsyncContext.dispatch().
      (markt)
    + Fix:  68228: Use a 408 status code if a read timeout occurs
      during HTTP request processing. Includes a test case based on
      code provided by adwsingh. (markt)
    + Fix:  67667: TLSCertificateReloadListener prints unreadable
      rendering of X509Certificate#getNotAfter(). (michaelo)
    + Update:  The status servlet included in the manager webapp
      can now output statistics as JSON, using the JSON=true URL
      parameter. (remm)
    + Update:  Optionally allow ServiceBindingPropertySource to
      trim a trailing newline from a file containing a
      property-value. (schultz)
    + Fix:  67793: Ensure the original session timeout is restored

OBS-URL: https://build.opensuse.org/request/show/1139519
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=289
 2024-01-17 17:29:04 +00:00
Fridrich Strba
eec71fc139 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=288 2024-01-17 16:47:26 +00:00
Michele Bussolotto
9c6b265e44 Accepting request 1139489 from home:mbussolotto:branches:Java:packages 
- change server.xml during %post instead of %posttrans
- add libxslt-tools requirement

OBS-URL: https://build.opensuse.org/request/show/1139489
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=287
 2024-01-17 15:07:27 +00:00
Fridrich Strba
00c7f7716c OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=286 2024-01-17 14:47:01 +00:00
Michele Bussolotto
0dc13b7f1f Accepting request 1139478 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2023-46589: Apache Tomcat: HTTP request smuggling due to
    incorrect headers parsing (bsc#1217649)
- Added patches:
  * tomcat-9-CVE-2023-46589.patch

OBS-URL: https://build.opensuse.org/request/show/1139478
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=285
 2024-01-17 14:32:35 +00:00
Michele Bussolotto
8e15c02b8e Accepting request 1139004 from home:mbussolotto:branches:Java:packages 
- Fix server.xml permission (bsc#1217768, bsc#1217402)
- remove serverxmltool and use xsltproc

OBS-URL: https://build.opensuse.org/request/show/1139004
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=283
 2024-01-16 08:40:50 +00:00
Michele Bussolotto
6c8547a641 Accepting request 1128665 from home:RMestre:branches:Java:packages 
- replace prep setup and patches macro with autosetup

OBS-URL: https://build.opensuse.org/request/show/1128665
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=281
 2023-11-27 08:18:24 +00:00
Fridrich Strba
0e5a696eed Accepting request 1121130 from home:mbussolotto:branches:Java:packages 
Add info to the current changelog
  * Fixed CVEs:
    + CVE-2023-45648: Improve trailer header parsing (bsc#1216118)
    + CVE-2023-42794: FileUpload: remove tmp files to avoid DoS 
      on Windows (bsc#1216120)
    + CVE-2023-42795: Improve handling of failures during recycle()
      methods (bsc#1216119)

OBS-URL: https://build.opensuse.org/request/show/1121130
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=279
 2023-10-30 10:54:18 +00:00
Fridrich Strba
bce8682351 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=278 2023-10-17 05:19:46 +00:00
Fridrich Strba
196f9c87df OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=277 2023-10-16 23:41:44 +00:00
Fridrich Strba
49d0e0bf09 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=275 2023-10-13 11:20:11 +00:00
Fridrich Strba
ddb247a2f7 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=273 2023-09-21 20:06:00 +00:00
Fridrich Strba
b2fc5bc4ae Accepting request 1112820 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2023-41080: Avoid protocol relative redirects in FORM authentication. (bsc#1214666)
- Added patches:
  * tomcat-9.0.75-CVE-2023-41080.patch

OBS-URL: https://build.opensuse.org/request/show/1112820
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=272
 2023-09-21 14:49:07 +00:00
Fridrich Strba
1d620875c8 Accepting request 1111848 from home:fstrba:branches:Java:packages 
OBS-URL: https://build.opensuse.org/request/show/1111848
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=270
 2023-09-18 06:12:05 +00:00
Fridrich Strba
2d2bb753f4 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=268 2023-09-14 05:18:32 +00:00
Fridrich Strba
99a19525a5 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=267 2023-09-12 11:30:53 +00:00
Fridrich Strba
49b963559c OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=266 2023-09-12 11:27:36 +00:00
Fridrich Strba
d3b5cc15e7 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=265 2023-09-12 11:22:53 +00:00
Fridrich Strba
d6dff44ec2 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=264 2023-09-12 11:12:01 +00:00
Fridrich Strba
8907d86932 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=263 2023-09-12 11:03:57 +00:00
Fridrich Strba
ef704ca071 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=262 2023-09-12 11:01:36 +00:00
Fridrich Strba
0b32a6ad02 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=260 2023-05-23 04:40:11 +00:00
Fridrich Strba
cdb812cd14 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=259 2023-05-22 18:03:40 +00:00
Fridrich Strba
dc50fb9b4f OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=258 2023-05-22 17:59:49 +00:00
Michele Bussolotto
6bc85246b3 Accepting request 1077841 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2022-45143: JsonErrorReportValve: add escape for type, message or description (bsc#1206840)
- Added patches:
  * tomcat-9.0.43-CVE-2022-45143.patch

OBS-URL: https://build.opensuse.org/request/show/1077841
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=256
 2023-04-07 08:08:28 +00:00
Michele Bussolotto
6ef0f7376a Accepting request 1073926 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2023-28708: tomcat: not including the secure attribute
    causes information disclosure (bsc#1209622)
- Added patches:
  * tomcat-9.0.43-CVE-2023-28708.patch

OBS-URL: https://build.opensuse.org/request/show/1073926
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=254
 2023-03-28 10:01:54 +00:00
Fridrich Strba
db57f882c4 Accepting request 1068181 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2023-24998: tomcat,tomcat6: FileUpload DoS with excessive parts (bsc#1208513)
- Added patches:
  * tomcat-9.0.43-CVE-2023-24998.patch

OBS-URL: https://build.opensuse.org/request/show/1068181
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=252
 2023-03-03 05:35:10 +00:00
Fridrich Strba
503278cde3 Accepting request 1058853 from home:mbussolotto:branches:Java:packages 
- set logrotate for localhost.log, manager.log, host-manager.log and localhost_access_log.txt
- use logrotate for catalina.out
  * update tomcat-serverxml-tool and spec to configure server.xml
- Added patch:
  * tomcat-9.0-logrotate_everything.patch
  * tomcat-serverxml-tool.tar.gz
- Removed:
  * tomcat-serverxml-tool-1.0.tar.gz

OBS-URL: https://build.opensuse.org/request/show/1058853
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=250
 2023-01-17 12:37:11 +00:00
Fridrich Strba
7044f5b497 Accepting request 1039114 from home:mbussolotto:branches:Java:packages 
- Use catalina.out for logging (bsc#1205647)
- Added patches:
  * tomcat-9.0-fix_catalina.patch

OBS-URL: https://build.opensuse.org/request/show/1039114
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=248
 2022-12-02 08:23:58 +00:00
Fridrich Strba
0383717111 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=246 2022-11-22 06:28:25 +00:00
Fridrich Strba
d041727005 Accepting request 1037056 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2022-42252: reject invalid content-length requests. (bsc#1204918)
- Added patches:
  * tomcat-9.0.43-CVE-2022-42252.patch

OBS-URL: https://build.opensuse.org/request/show/1037056
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=245
 2022-11-21 12:28:39 +00:00
Fridrich Strba
803dc2e41e Accepting request 1030223 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2021-43980: Improve the recycling of Processor objects to make it more robust. (bsc#1203868)
- Added patches:
  * tomcat-9.0.43-CVE-2021-43980.patch

OBS-URL: https://build.opensuse.org/request/show/1030223
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=244
 2022-10-20 16:18:49 +00:00
Fridrich Strba
0a03fd758a OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=242 2022-07-13 13:43:12 +00:00
Fridrich Strba
c75e4afeff OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=240 2022-07-08 06:29:53 +00:00
Fridrich Strba
ab654215d5 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=238 2022-05-23 17:08:25 +00:00
Fridrich Strba
45b1f5a3f7 Accepting request 967485 from home:mbussolotto:branches:Java:packages 
- Security hardening. Deprecate getResources() and always return null. (bsc#1198136)
- Added patch: tomcat-9.0-hardening_getResources.patch

OBS-URL: https://build.opensuse.org/request/show/967485
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=236
 2022-04-07 17:49:31 +00:00
Fridrich Strba
2ed7e67af2 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=235 2022-02-23 11:59:03 +00:00
Fridrich Strba
ce50f8c0d6 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=234 2022-02-22 19:00:44 +00:00
Michele Bussolotto
b42b2bcb88 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=233 2022-01-28 14:29:05 +00:00
Michele Bussolotto
c2fd26d820 - Fixed CVEs: 
* CVE-2022-23181: Make calculation of session storage location more robust (bsc#1195255)
- Added patches:
  * tomcat-9.0-CVE-2022-23181.patch

OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=232
 2022-01-28 14:25:17 +00:00
Fridrich Strba
7b1f875f7f Accepting request 946275 from home:olh:branches:Java:packages 
- remove instance units from post scripts, they can not be reloaded

OBS-URL: https://build.opensuse.org/request/show/946275
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=231
 2022-01-14 05:24:24 +00:00
Fridrich Strba
f640109f9b Accepting request 939130 from home:mbussolotto:branches:Java:packages 
- Fix NPE in JNDIRealm, when userRoleAttribute is not set (bsc#1193569)
- Added patch:
  * tomcat-9.0-NPE-JNDIRealm.patch

OBS-URL: https://build.opensuse.org/request/show/939130
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=230
 2021-12-12 08:13:13 +00:00
Fridrich Strba
eb7ec9843b Accepting request 928113 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279)
  * CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278)
  * CVE-2021-41079: Validate incoming TLS packet (bsc#1190558)
- Added patches:
  * tomcat-9.0-CVE-2021-30640.patch
  * tomcat-9.0-CVE-2021-33037.patch
  * tomcat-9.0-CVE-2021-41079.patch

OBS-URL: https://build.opensuse.org/request/show/928113
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=229
 2021-11-10 08:18:07 +00:00
Fridrich Strba
45332d7d33 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=228 2021-11-10 07:12:31 +00:00
Fridrich Strba
d7d5c718d0 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=227 2021-11-10 06:56:56 +00:00
Fridrich Strba
e8a2685481 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=225 2021-10-19 09:36:28 +00:00