pool/tomcat
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
308 Commits 2 Branches 0 Tags 14 MiB
9dd84dd118
Commit Graph

173 Commits

Author SHA256 Message Date
Fridrich Strba
f5307ca6b0 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=305 2024-03-04 16:51:16 +00:00
Fridrich Strba
0f2f73f709 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=303 2024-02-17 14:55:16 +00:00
Fridrich Strba
c9076a2e84 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=299 2024-02-15 12:43:17 +00:00
Fridrich Strba
650eabebe8 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=297 2024-02-15 08:20:13 +00:00
Fridrich Strba
7b9c3e0a7b Accepting request 1144524 from home:mbussolotto:branches:Java:packages 
- rpm 4.19 requires dependencies on tomcat user and group (bsc#1219530)

OBS-URL: https://build.opensuse.org/request/show/1144524
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=293
 2024-02-06 10:12:55 +00:00
Michele Bussolotto
57fd502003 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=291 2024-01-17 18:20:04 +00:00
Michele Bussolotto
8f11f8669f OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=290 2024-01-17 18:18:22 +00:00
Michele Bussolotto
7984f6fd19 Accepting request 1139519 from home:mbussolotto:branches:Java:packages 
- Update to Tomcat 9.0.85
  * Fixed CVEs:
    + CVE-2023-46589: Apache Tomcat: HTTP request smuggling due to
      incorrect headers parsing (bsc#1217649)
  * Catalina
    + Update:  68378: Align extension to MIME type mappings in the
      global web.xml with those in httpd by adding
      application/vnd.geogebra.slides for ggs, text/javascript for mjs
      and audio/ogg for opus. (markt)
    + Fix:  Background processes should not be run concurrently with
      lifecycle operations of a container. (remm)
    + Fix:  Correct unintended escaping of XML in some WebDAV
      responses. The XML list of support locks when provided in
      response to a PROPFIND request was incorrectly XML escaped.
      (markt)
    + Fix:  68227: Ensure that AsyncListener.onComplete() is called
      if AsyncListener.onError() calls AsyncContext.dispatch().
      (markt)
    + Fix:  68228: Use a 408 status code if a read timeout occurs
      during HTTP request processing. Includes a test case based on
      code provided by adwsingh. (markt)
    + Fix:  67667: TLSCertificateReloadListener prints unreadable
      rendering of X509Certificate#getNotAfter(). (michaelo)
    + Update:  The status servlet included in the manager webapp
      can now output statistics as JSON, using the JSON=true URL
      parameter. (remm)
    + Update:  Optionally allow ServiceBindingPropertySource to
      trim a trailing newline from a file containing a
      property-value. (schultz)
    + Fix:  67793: Ensure the original session timeout is restored

OBS-URL: https://build.opensuse.org/request/show/1139519
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=289
 2024-01-17 17:29:04 +00:00
Michele Bussolotto
9c6b265e44 Accepting request 1139489 from home:mbussolotto:branches:Java:packages 
- change server.xml during %post instead of %posttrans
- add libxslt-tools requirement

OBS-URL: https://build.opensuse.org/request/show/1139489
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=287
 2024-01-17 15:07:27 +00:00
Michele Bussolotto
0dc13b7f1f Accepting request 1139478 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2023-46589: Apache Tomcat: HTTP request smuggling due to
    incorrect headers parsing (bsc#1217649)
- Added patches:
  * tomcat-9-CVE-2023-46589.patch

OBS-URL: https://build.opensuse.org/request/show/1139478
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=285
 2024-01-17 14:32:35 +00:00
Michele Bussolotto
8e15c02b8e Accepting request 1139004 from home:mbussolotto:branches:Java:packages 
- Fix server.xml permission (bsc#1217768, bsc#1217402)
- remove serverxmltool and use xsltproc

OBS-URL: https://build.opensuse.org/request/show/1139004
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=283
 2024-01-16 08:40:50 +00:00
Michele Bussolotto
6c8547a641 Accepting request 1128665 from home:RMestre:branches:Java:packages 
- replace prep setup and patches macro with autosetup

OBS-URL: https://build.opensuse.org/request/show/1128665
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=281
 2023-11-27 08:18:24 +00:00
Fridrich Strba
0e5a696eed Accepting request 1121130 from home:mbussolotto:branches:Java:packages 
Add info to the current changelog
  * Fixed CVEs:
    + CVE-2023-45648: Improve trailer header parsing (bsc#1216118)
    + CVE-2023-42794: FileUpload: remove tmp files to avoid DoS 
      on Windows (bsc#1216120)
    + CVE-2023-42795: Improve handling of failures during recycle()
      methods (bsc#1216119)

OBS-URL: https://build.opensuse.org/request/show/1121130
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=279
 2023-10-30 10:54:18 +00:00
Fridrich Strba
bce8682351 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=278 2023-10-17 05:19:46 +00:00
Fridrich Strba
196f9c87df OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=277 2023-10-16 23:41:44 +00:00
Fridrich Strba
49d0e0bf09 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=275 2023-10-13 11:20:11 +00:00
Fridrich Strba
ddb247a2f7 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=273 2023-09-21 20:06:00 +00:00
Fridrich Strba
b2fc5bc4ae Accepting request 1112820 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2023-41080: Avoid protocol relative redirects in FORM authentication. (bsc#1214666)
- Added patches:
  * tomcat-9.0.75-CVE-2023-41080.patch

OBS-URL: https://build.opensuse.org/request/show/1112820
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=272
 2023-09-21 14:49:07 +00:00
Fridrich Strba
1d620875c8 Accepting request 1111848 from home:fstrba:branches:Java:packages 
OBS-URL: https://build.opensuse.org/request/show/1111848
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=270
 2023-09-18 06:12:05 +00:00
Fridrich Strba
99a19525a5 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=267 2023-09-12 11:30:53 +00:00
Fridrich Strba
d3b5cc15e7 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=265 2023-09-12 11:22:53 +00:00
Fridrich Strba
d6dff44ec2 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=264 2023-09-12 11:12:01 +00:00
Fridrich Strba
8907d86932 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=263 2023-09-12 11:03:57 +00:00
Fridrich Strba
0b32a6ad02 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=260 2023-05-23 04:40:11 +00:00
Michele Bussolotto
6bc85246b3 Accepting request 1077841 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2022-45143: JsonErrorReportValve: add escape for type, message or description (bsc#1206840)
- Added patches:
  * tomcat-9.0.43-CVE-2022-45143.patch

OBS-URL: https://build.opensuse.org/request/show/1077841
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=256
 2023-04-07 08:08:28 +00:00
Michele Bussolotto
6ef0f7376a Accepting request 1073926 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2023-28708: tomcat: not including the secure attribute
    causes information disclosure (bsc#1209622)
- Added patches:
  * tomcat-9.0.43-CVE-2023-28708.patch

OBS-URL: https://build.opensuse.org/request/show/1073926
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=254
 2023-03-28 10:01:54 +00:00
Fridrich Strba
db57f882c4 Accepting request 1068181 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2023-24998: tomcat,tomcat6: FileUpload DoS with excessive parts (bsc#1208513)
- Added patches:
  * tomcat-9.0.43-CVE-2023-24998.patch

OBS-URL: https://build.opensuse.org/request/show/1068181
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=252
 2023-03-03 05:35:10 +00:00
Fridrich Strba
503278cde3 Accepting request 1058853 from home:mbussolotto:branches:Java:packages 
- set logrotate for localhost.log, manager.log, host-manager.log and localhost_access_log.txt
- use logrotate for catalina.out
  * update tomcat-serverxml-tool and spec to configure server.xml
- Added patch:
  * tomcat-9.0-logrotate_everything.patch
  * tomcat-serverxml-tool.tar.gz
- Removed:
  * tomcat-serverxml-tool-1.0.tar.gz

OBS-URL: https://build.opensuse.org/request/show/1058853
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=250
 2023-01-17 12:37:11 +00:00
Fridrich Strba
7044f5b497 Accepting request 1039114 from home:mbussolotto:branches:Java:packages 
- Use catalina.out for logging (bsc#1205647)
- Added patches:
  * tomcat-9.0-fix_catalina.patch

OBS-URL: https://build.opensuse.org/request/show/1039114
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=248
 2022-12-02 08:23:58 +00:00
Fridrich Strba
0383717111 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=246 2022-11-22 06:28:25 +00:00
Fridrich Strba
d041727005 Accepting request 1037056 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2022-42252: reject invalid content-length requests. (bsc#1204918)
- Added patches:
  * tomcat-9.0.43-CVE-2022-42252.patch

OBS-URL: https://build.opensuse.org/request/show/1037056
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=245
 2022-11-21 12:28:39 +00:00
Fridrich Strba
0a03fd758a OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=242 2022-07-13 13:43:12 +00:00
Fridrich Strba
c75e4afeff OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=240 2022-07-08 06:29:53 +00:00
Fridrich Strba
ab654215d5 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=238 2022-05-23 17:08:25 +00:00
Fridrich Strba
45b1f5a3f7 Accepting request 967485 from home:mbussolotto:branches:Java:packages 
- Security hardening. Deprecate getResources() and always return null. (bsc#1198136)
- Added patch: tomcat-9.0-hardening_getResources.patch

OBS-URL: https://build.opensuse.org/request/show/967485
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=236
 2022-04-07 17:49:31 +00:00
Fridrich Strba
2ed7e67af2 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=235 2022-02-23 11:59:03 +00:00
Fridrich Strba
ce50f8c0d6 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=234 2022-02-22 19:00:44 +00:00
Michele Bussolotto
c2fd26d820 - Fixed CVEs: 
* CVE-2022-23181: Make calculation of session storage location more robust (bsc#1195255)
- Added patches:
  * tomcat-9.0-CVE-2022-23181.patch

OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=232
 2022-01-28 14:25:17 +00:00
Fridrich Strba
7b1f875f7f Accepting request 946275 from home:olh:branches:Java:packages 
- remove instance units from post scripts, they can not be reloaded

OBS-URL: https://build.opensuse.org/request/show/946275
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=231
 2022-01-14 05:24:24 +00:00
Fridrich Strba
f640109f9b Accepting request 939130 from home:mbussolotto:branches:Java:packages 
- Fix NPE in JNDIRealm, when userRoleAttribute is not set (bsc#1193569)
- Added patch:
  * tomcat-9.0-NPE-JNDIRealm.patch

OBS-URL: https://build.opensuse.org/request/show/939130
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=230
 2021-12-12 08:13:13 +00:00
Fridrich Strba
eb7ec9843b Accepting request 928113 from home:mbussolotto:branches:Java:packages 
- Fixed CVEs:
  * CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279)
  * CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278)
  * CVE-2021-41079: Validate incoming TLS packet (bsc#1190558)
- Added patches:
  * tomcat-9.0-CVE-2021-30640.patch
  * tomcat-9.0-CVE-2021-33037.patch
  * tomcat-9.0-CVE-2021-41079.patch

OBS-URL: https://build.opensuse.org/request/show/928113
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=229
 2021-11-10 08:18:07 +00:00
Fridrich Strba
d7d5c718d0 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=227 2021-11-10 06:56:56 +00:00
Fridrich Strba
e8a2685481 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=225 2021-10-19 09:36:28 +00:00
Fridrich Strba
2574a121fc Accepting request 926112 from home:balta3:tomcat9 
Update Tomcat to 9.0.43, ecj 4.18 as submitted in another request is required

- Update to Tomcat 9.0.43. See changelog at
  https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.43_(markt)
- Removed Patches because fixed upstream now:
  * tomcat-9.0-CVE-2021-25122.patch
  * tomcat-9.0-CVE-2021-25329.patch

- Update to Tomcat 9.0.41. See changelog at
  https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.41_(markt)

- Update to Tomcat 9.0.40. See changelog at
  https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.40_(markt)
- Removed Patches because fixed upstream now:
  * tomcat-9.0-CVE-2020-17527.patch
  * tomcat-9.0-CVE-2021-24122.patch

OBS-URL: https://build.opensuse.org/request/show/926112
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=224
 2021-10-19 05:08:40 +00:00
Fridrich Strba
7c32e22b9c Accepting request 925884 from home:balta3:tomcat9 
- Update to 9.0.39
- aqute-bnd 5.1.1 required (separate submit request)

OBS-URL: https://build.opensuse.org/request/show/925884
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=223
 2021-10-18 06:37:59 +00:00
Fridrich Strba
4a8fbc25f3 Accepting request 880517 from home:admehmood:branches:Java:packages 
* CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912)
* CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909)
- Added patches:
  * tomcat-9.0-CVE-2021-25122.patch 
  * tomcat-9.0-CVE-2021-25329.patch

OBS-URL: https://build.opensuse.org/request/show/880517
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=221
 2021-03-23 11:26:59 +00:00
Fridrich Strba
b87f5648b0 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=219 2021-03-19 05:27:29 +00:00
Fridrich Strba
6e5c662b6a Accepting request 879719 from home:admehmood:branches:Java:packages 
- CVE-2021-24122

OBS-URL: https://build.opensuse.org/request/show/879719
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=218
 2021-03-18 06:13:13 +00:00
Fridrich Strba
52983fd500 Accepting request 856448 from home:admehmood:branches:Java:packages 
- Fix HTTP/2 request header mix-up: CVE-2020-17527 (bsc#1179602)
- Added patch:
  * tomcat-9.0-CVE-2020-17527.patch

OBS-URL: https://build.opensuse.org/request/show/856448
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=216
 2021-01-12 10:57:31 +00:00
Fridrich Strba
5c88b47afb Accepting request 841492 from home:jengelh:branches:Java:packages 
- Replace old specfile constructs. Remove support for SUSE 11.x.
- Drop %systemd_requires, which is considered a no-op.
- Trim redundant license mention from description.
- Make documentation noarch.
- Do not suppress errors from useradd.

OBS-URL: https://build.opensuse.org/request/show/841492
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=214
 2020-11-03 15:34:19 +00:00