From 499d59fd6e153d16560a5ce817927344ebb6bfc53acec9ac4c0239cd8e14950e Mon Sep 17 00:00:00 2001 From: Matei Albu Date: Thu, 18 Oct 2018 11:15:17 +0000 Subject: [PATCH] Accepting request 642919 from home:mateialbu:branches:Java:packages - Update to Tomcat 9.0.12. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt) - Fixed CVEs: - CVE-2018-11784 (bsc#1110850) - Rebased patches: - tomcat-9.0-disable-osgi-build.patch - tomcat-9.0-javadoc.patch - tomcat-9.0-sle.catalina.policy.patch - tomcat-9.0-tomcat-users-webapp.patch - Declare following files to config(noreplace) to prevent override access rights: - host-manager/META-INF/context.xml - manager/META-INF/context.xml - Empty tomcat-9.0.sysconfig to avoid overwriting of customer's configuration during update (bsc#1067720) - Update to Tomcat 9.0.10. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.10_(markt) - Fixed CVEs: - CVE-2018-1336 (bsc#1102400) - CVE-2018-8014 (bsc#1093697) - CVE-2018-8034 (bsc#1102379) - CVE-2018-8037 (bsc#1102410) - Rebased patch tomcat-9.0-JDTCompiler-java.patch - Added patch tomcat-9.0-disable-osgi-build.patch to disable adding OSGi metadata to JAR files - Update to Tomcat 9.0.5. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.5_(markt) - Modified patch: * tomcat-9.0-javadoc.patch + Don't append to javadoc --add-modules since we are building with source=8 + Avoid accessing Internet URLs from build environment - Update to Tomcat 9.0.2: * Major update for tomcat8 from tomcat9 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-9.0-doc/changelog.html * Rename all tomcat-8.0-* files to tomcat-9.0-* - Changed patches: * Deleted: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-8.0-sle.catalina.policy.patch * Deleted: tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-8.0.33-JDTCompiler-java.patch * Deleted: tomcat-8.0.44-javadoc.patch * Deleted: tomcat-8.0.9-property-build.windows.patch * Added: tomcat-9.0-JDTCompiler-java.patch * Added: tomcat-9.0-bootstrap-MANIFEST.MF.patch * Added: tomcat-9.0-javadoc.patch * Added: tomcat-9.0-sle.catalina.policy.patch * Added: tomcat-9.0-tomcat-users-webapp.patch - Renamed subpackage tomcat-3_1-api to tomcat-4_0-api to reflect the new Servlet API version. - Commented out JAVA_HOME in /etc/tomcat/tomcat.conf - Added "tomcat-" prefix to lib symlinks under /usr/share/java to avoid file conflicts with servletapi5 and geronimo-specs - Fixed wrong %ghost file paths for alternatives symlinks - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - Build with JDK 8 to fix runtime errors when running with JDK 7 and 8 - Fix tomcat-digest classpath error (bsc#977410) - Fix packaged /etc/alternatives symlinks for api libs that caused rpm -V to report link mismatch (bsc#1019016) - update to 8.0.47 http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-12617 - rebase tomcat-8.0-sle.catalina.policy.patch - Added patch: * tomcat-8.0.44-javadoc.patch - generate documentation with the same source level as class files - fixes build with jdk9 - Version update to 8.0.44: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-5664 (bsc#1042910) - New build dependency: javapackages-local - Version update to 8.0.43: * Another bugfix release, for full details see: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVEs: - CVE-2017-5647 (bnc#1033448) - CVE-2017-5648 (bnc#1033447) - CVE-2016-8745 - Renamed and rebased patches: * tomcat-7.0-sle.catalina.policy.patch -> tomcat-8.0-sle.catalina.policy.patch - Enable optional setenv.sh script. See section "(3.4) Using the "setenv" script (optional, recommended)" in http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt (bnc#1002662) - Fix file conflicts when upgrading from SLES 12 to SLES 12 SP1 (bnc#1023412). Added explicit obsoletes for tomcat-el-2_2-api, tomcat-jsp-2_2-api, tomcat-servlet-3_0-api - update to 8.0.39: (boo#1003911) * Improve handling of I/O errors with async processing * Fail earlier on invalid HTTP request - includes changes from 8.0.38: * Refactoring the non-container thread Async complete()/dispatch() handling to remove the possibility of deadlock * Improved UTF-8 handling for the RewriteValve - includes changes from 8.0.37: * Treat paths used to obtain a request dispatcher as encoded (configurable) * Various jdbc-pool fixes - drop tomcat-8.0.36-jar-scanner-loop.patch, upstream - Switch to commons-dbcp2 fate#321029 - Backport fix for inifinite loop in the jar scanner for 8.0.36. (bnc#993862) Added: tomcat-8.0.36-jar-scanner-loop.patch - Version update to 8.0.36: * Another bugfix release for the 8.0 series. Full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.36_(markt) - CVE fixed by the version update: - CVE-2016-3092 (bnc#986359) - Fixed a deployment error in the examples webapp by changing the context.xml format to the new one introduced by Tomcat 8. See http://tomcat.apache.org/migration-8.html#Web_application_resources - fix maven fragments paths to build in multiple distribution versions - Version update to 8.0.33: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.33_(markt) - Rebase tomcat-8.0-tomcat-users-webapp.patch - Rebase tomcat-7.0.53-JDTCompiler-java.patch to tomcat-8.0.33-JDTCompiler-java.patch - Fix fixme for the prereq preamble value - It seems systemd prints error on adding the @ services to macros so do not do that - package was partly merged with the scripts used in the Fedora distribution - support running multiple tomcat instances on the same server (fate#317783) - add catalina-jmx-remote.jar (fate#318403) - remove sysvinit support: systemd is required - update changes file for CVE information - Fixed CVEs: - CVE-2015-5346 (bnc#967814) in 8.0.32 - CVE-2015-5351 (bnc#967812) in 8.0.32 - CVE-2016-0706 (bnc#967815) in 8.0.32 - CVE-2016-0714 (bnc#967964) in 8.0.32 - CVE-2016-0763 (bnc#967966) in 8.0.32 - CVE-2015-5345 (bnc#967965) in 8.0.30 - CVE-2015-5174 (bnc#967967) in 8.0.27 - Version update to 8.0.32: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.32_(markt) - Rebase patch: * tomcat-8.0.9-property-build.windows.patch - update to Tomcat 8.0.28 * Multiple fixes, read upstream changelog at: https://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.28_(markt) - Some whitespace cleanups - Remove pointless conflicts on provide/obsolete symbols - Version bump to 8.0.23 fate#318913: * Multiple testfixes all around, read upstream changelog at: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.23_(markt) - Fix previous commit. Fix one rpmlint warning - Drop gpg verification from spec, it is done by obs - Fix build with new jpackage-tools - update to Tomcat 8.0.18: * Major update for tomcat8 from tomcat7 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Rename all tomcat-7.0-* files to tomcat-8.0-* * Update keyring file - Update windows patch to apply again: * Deleted: tomcat-7.0.52-property-build.windows.patch * Added: tomcat-8.0.9-property-build.windows.patch * Added:tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-7.0-tomcat-users-webapp.patch * Added: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-7.0-bootstrap-MANIFEST.MF.patch - Version 1.1.30 or higher is required for APR listener (bnc#914725) - SLE12 has different path for the "rm" command than older versions. To avoid possible clashes, the entire coreutils must be provided. (bnc#894292) - Fixed Security Manager policies, which makes unable properly run webapps by default. (bnc#891264) Added: tomcat-7.0-sle.catalina.policy.patch - Missing security manager policy file prevents Tomcat to start with systemd. (bnc#890995) - Tomcat 7.0.55 requires ecj 4.4.0 - include the tomcat websocket implementation (tomcat7-websocket) - Update to 7.0.55 * Update to the Eclipse JDT Compiler 4.4 * Better error handling when the error occurs after the response has been committed * Various improvements to the Mapper including fixing some concurrency bugs * See http://tomcat.apache.org/tomcat-7.0-doc/changelog.html - build tomcat-embed as a subpackage - Drop two unused defines - touch the alternatives files to avoid build errors in older versions - Do not define default defattr as it is pointless. - One file here was not supposed to be ghost. - Fix once more the alternatives. - Add path to rm command. - Silence loads of warnings by rpmlintrc - Cleanup with spec-cleaner and format few things a bit. - Remove few deps not really needed for sle11. - Drop unused files obs.bl and local.lb - Drop unused collections-tomcat-build.xml - Version bump to 7.0.54: * bugfix update * See http://tomcat.apache.org/tomcat-7.0-doc/changelog.html - Update to 7.0.53 * bugfix release * Update the Eclipse JDT compiler to enable full Java 8 support in JSPs. * See http://tomcat.apache.org/tomcat-7.0-doc/changelog.html - Patch for Bug 56373 * See https://issues.apache.org/bugzilla/show_bug.cgi?id=56373 * tomcat-7.0.53-JDTCompiler-java.patch - Rename tomcat-7.0.2-property-build.windows.patch to tomcat-7.0.52-property-build.windows.patch - remove saxon build requirement for sles - disable bytecode check for sles - remove unknown option from fillup_only macro - wrap systemd %pre[un]/%post[un] in conditional - specify required ant version - Update to 7.0.52 * bugfix release * Fix CVE-2014-0050, a DoS vulnerability related to multi-part processing - Update to 7.0.50 * bugfix release - Add missing commons-pool-tomcat5 symlink (bnc#847505c#13) - Update to 7.0.47 * bugfix release * backport of JSR-356 Java WebSocket 1.0 * package tomcat now requires java7 at lease - Updated tomcat.keyring to reflect the fact new release is signed by Violeta Georgieva / D63011C7 see http://osdir.com/ml/dev-tomcat.apache.org/2013-10/msg00849.html - Add tomcat-dbcp.jar (bnc#847505) back into tomcat lib dir - Install tomcat-coyote.jar as well - Remove pointless scriplets - Move from jpackage-utils to javapackage-tools - drop a dependency on unecessary -tomcat5 packages - use commons-dbcp.jar for build - add missing commons-pool.jar to libdir - add _constraints to not schedule build on some build machines workaround for bnc#832762 - Add missing 'su root tomcat' line to logrotate. See also https://bugzilla.redhat.com/show_bug.cgi?id=790334 - call chown --no-dereference in init script (bnc#822177#c7/prevents CVE-2013-1976) - update to 7.0.42 (bugfix release) see http://tomcat.apache.org/tomcat-7.0-doc/changelog.html - fix file list to be compatible for new rpm - update to 7.0.39 (bugfix release) - install only systemd unit files on openSUSE 12.1+ * and call proper code when init script still exists - add a proper scripplets for -jsvc subpackage - don't use catalina.out, systemd redirects stderr/stdout to syslog - don't use and recommends logrotate - package /etc/ant.d properly, mark only catalina-ant as a config file - Fix tomcat init scripts generating malformed classpath (http://youtrack.jetbrains.com/issue/JT-18545) bnc#804992 - update to 7.0.35 (bugfix release) require ecj >= 4.2.1, like upstream do - make gpg-offline work distros after 12.2 - Ensure tomcat stdout/stderr output ends up in catalina.out - Recommend libtcnative-1-0 >= 1.1.24 - /etc/init.d/tomcate init script fixes: * Include /usr/bin and /usr/sbin in the PATH * Fix logic for cleaning the work directories * Fix typo (log_success_msg lsb function name) * Fix typo (reload message) - Require log4j - Require gpg-offline on 12.2+ - Verify GPG signature. - update to 7.0.33 (bugfix release) - update to 7.0.30 (bugfix release) * SSI and CGI disabled by default - fix bnc#779538: change the working dir to $CATALINA_BASE - document the CATALINA_BASE and CATALINA_HOME in tomcat.conf better - fix rpmlintrc file - fix bnc#771802 - systemd support is broken * change type froking to simple as it does not make a sense run java in a background to emulate that * remove the need of nested wrappers, so /usr/sbin/tomcat-sysd now relies on systemd features like User/EnvironmentFile * workaround the 143 exit code in Stop phase - return 0 in this case * merge the jsvc into tomcat-sysd code, the -jsvc-sysd is a symlink * properly use jsvc with pid file to start and stop - update to 7.0.26 (bugfix release) - rename package to tomcat in order to emphasise a fact, there is only one major release of tomcat maintained in distribution - add manifest files and systemd support (thanks Fedora) - create tomcat-jsvc package - update to 7.0.26 (bugfix release) - fix bnc#747771 - don't use /var/lock/subsys sync tomcat7 init with tomcat6 - update to 7.0.25 (bugfix release) - update to 7.0.22 (bugfix release) - wrote changes and prepare for inclusion to openSUSE distribution - fix bnc#726307 /etc/tomcat7 is writtable for tomcat group - update to version 7.0.21 - update to version 7.0.16 (bugfix update) - add rpmlintrc, digest, init and wrapper scripts and config file - build require geronimo apis and wsdl4j - disable webservices in javadoc target - initial packaging of tomcat7 7.0.6 OBS-URL: https://build.opensuse.org/request/show/642919 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=131 --- apache-tomcat-9.0.10-src.tar.gz | 3 --- apache-tomcat-9.0.10-src.tar.gz.asc | 16 ------------ apache-tomcat-9.0.12-src.tar.gz | 3 +++ apache-tomcat-9.0.12-src.tar.gz.asc | 16 ++++++++++++ tomcat-9.0-disable-osgi-build.patch | 38 +++++++++++++--------------- tomcat-9.0-javadoc.patch | 23 ++++++++--------- tomcat-9.0-sle.catalina.policy.patch | 11 +++----- tomcat-9.0-tomcat-users-webapp.patch | 8 +++--- tomcat.changes | 15 ++++++++++- tomcat.spec | 6 ++--- 10 files changed, 72 insertions(+), 67 deletions(-) delete mode 100644 apache-tomcat-9.0.10-src.tar.gz delete mode 100644 apache-tomcat-9.0.10-src.tar.gz.asc create mode 100644 apache-tomcat-9.0.12-src.tar.gz create mode 100644 apache-tomcat-9.0.12-src.tar.gz.asc diff --git a/apache-tomcat-9.0.10-src.tar.gz b/apache-tomcat-9.0.10-src.tar.gz deleted file mode 100644 index 98485e0..0000000 --- a/apache-tomcat-9.0.10-src.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5d6a2ff9715c1624d9e99e0b02e1811d2772a3291c8641269cfc0884d5942c34 -size 5147367 diff --git a/apache-tomcat-9.0.10-src.tar.gz.asc b/apache-tomcat-9.0.10-src.tar.gz.asc deleted file mode 100644 index cb0d0bd..0000000 --- a/apache-tomcat-9.0.10-src.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEqcXfTSLpmZjZh1pREMAcWi9gWecFAlstN0UACgkQEMAcWi9g -Wec65Q/+JAVi3ft4q5R7rcF5cA1Qh2vK1Jh2PaWrIQbk5PxFb8uG0IdbZXn2DlIL -9F7Pa20pGti84/CgN19OqYxFOvxr6g0lxyG+0FqGxKAsEG/LhznLTl7a7a0Mios4 -PyiYdpdFGNp7eCpavckYGIqtqGeCfY1dZiVtA7ZmV1OiACVSuwdRowb6xCcwuz2H -ZgqSybLLDQVknOpoJHtPrqr8spy+P1IULUdrZb3aMeXaQ9R+UdNb/zmX967N/gd6 -S0fQKuoJp35kQ9PWwYhWrgsxX6/ZNuLo1DvIL1KLoFnEEqPVy1mVXdFunb99kaIZ -phhRv4tIV9DNqMg3Gy4u2axjAOKE5lJ+HwrcQt2GlyWXEwbC2cqUmJ1whzv+C9H0 -5tM49fUDFlFm2WBKzcgGH8piofH2bkaA5wCQUwW23rlU/GisDQvTXk/K3U5itpIS -7xPzeap2McNPURn1zjmFeqyoMkujnf8qkValITVpDo0c84o9/5+ywheTE7/VIzXF -0LYelM0UuW0BqWFy8GY6iRk3EycfK6DcxejbNpB8TEXq+am5y7y1lNa7xz56WfDY -KcVoSG9kionCdgJeivCaDK/PdVEWb5vqs0XjOryrInB5C1R5t4jbwxJCU0FSo7in -7cHSeh4HxBC6bAQfsrhy4uoWkdz9Y8DvEOaC5sN205sLr7kMe3E= -=WeRG ------END PGP SIGNATURE----- diff --git a/apache-tomcat-9.0.12-src.tar.gz b/apache-tomcat-9.0.12-src.tar.gz new file mode 100644 index 0000000..e09733c --- /dev/null +++ b/apache-tomcat-9.0.12-src.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9147fc05d0e9861ab60fe875c9d7a225dfbbd32a21c9f221109cc584489b0e39 +size 5194369 diff --git a/apache-tomcat-9.0.12-src.tar.gz.asc b/apache-tomcat-9.0.12-src.tar.gz.asc new file mode 100644 index 0000000..6dcc721 --- /dev/null +++ b/apache-tomcat-9.0.12-src.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEqcXfTSLpmZjZh1pREMAcWi9gWecFAluPBGoACgkQEMAcWi9g +WefN+g/7B5ie5pQF0i2ABQ+66djkzIZ4GxSyCmWCf1l9VaqaMLXv8XiirLIDCt8G +lDFH3P/XFgL1v1DQUZ091QNxNWPPLNR+gIL+AMdbP33LaBnChjITj9pdXgsNltAC +MlBS17H4pWI/lnK0RE/UslJ+O1oNbPbpLYz1J6q1wyk1Z0Cnok9ABxGXiEOeh54Q +pmQ6PejLWQ2z8xTL/roJIUQnO1SAp2Cdrk9aDeY58mYqKKvJagA0FMlFodGOEbLH +NFY817wbA587akb79qPp1aveDv3ItMSKxMZFBvt2wzbIZlesOF/Uwm9UP+CX7s0R +aLpJ9yXo8RfXjIYxuJDkPnC/q1Jepj3rLPnyRNVTtJ4gW6vwKsd7gBp5ox17Q0HA +6xc0DX9ttjOIMUDK8jWGz0jo1Cn1xHUMaXe/qgtPAwcxcB1oB0rZNOdoaYPyCAul +/OJZC7HrkIjZDOHFv3UgzhqC6HwcEJfTQJUS9EW6smKnx8NrBN6/SIz7gWkB3iy0 +LjTRbUmQ3bQ6klie1B5jYXiMTjs+DtMmZ6HtR7HAFtvZHdiC/FbHWwpNINyb0846 +bSTjpQvvZUk9alh/P1THErZKyztKpxWaBPOO7Eto/nYv2m/7gu6+SxR714M1f2/7 +JDQCVBj2FtFTjZP53fZNeGdY2UcvasLSOkVhwGQUOMrHN9U9Wxw= +=UbeY +-----END PGP SIGNATURE----- diff --git a/tomcat-9.0-disable-osgi-build.patch b/tomcat-9.0-disable-osgi-build.patch index f663891..3239a35 100644 --- a/tomcat-9.0-disable-osgi-build.patch +++ b/tomcat-9.0-disable-osgi-build.patch @@ -1,21 +1,8 @@ -Index: build.xml -IDEA additional info: -Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP -<+>UTF-8 +Index: apache-tomcat-9.0.12-src/build.xml =================================================================== ---- build.xml (date 1529515764000) -+++ build.xml (date 1534335916000) -@@ -15,7 +15,8 @@ - See the License for the specific language governing permissions and - limitations under the License. - --> -- -+ - - - -@@ -728,7 +729,7 @@ +--- apache-tomcat-9.0.12-src.orig/build.xml ++++ apache-tomcat-9.0.12-src/build.xml +@@ -740,7 +740,7 @@ -- -+ +- ++ -@@ -3025,7 +3026,7 @@ +@@ -3200,7 +3200,7 @@ Read the Building page on the Apache Tom + + + +- ++ + + + +@@ -3240,7 +3240,7 @@ Read the Building page on the Apache Tom diff --git a/tomcat-9.0-javadoc.patch b/tomcat-9.0-javadoc.patch index e054444..20877dd 100644 --- a/tomcat-9.0-javadoc.patch +++ b/tomcat-9.0-javadoc.patch @@ -1,11 +1,8 @@ -Index: build.xml -IDEA additional info: -Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP -<+>UTF-8 +Index: apache-tomcat-9.0.12-src/build.xml =================================================================== ---- build.xml (date 1511643656000) -+++ build.xml (revision ) -@@ -1772,10 +1772,11 @@ +--- apache-tomcat-9.0.12-src.orig/build.xml ++++ apache-tomcat-9.0.12-src/build.xml +@@ -1861,10 +1861,11 @@ Apache Tomcat ${version} native binaries encoding="UTF-8" docencoding="UTF-8" charset="UTF-8" @@ -18,7 +15,7 @@ Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP -@@ -1793,10 +1794,11 @@ +@@ -1882,10 +1883,11 @@ Apache Tomcat ${version} native binaries encoding="UTF-8" docencoding="UTF-8" charset="UTF-8" @@ -31,7 +28,7 @@ Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP -@@ -1814,10 +1816,11 @@ +@@ -1903,10 +1905,11 @@ Apache Tomcat ${version} native binaries encoding="UTF-8" docencoding="UTF-8" charset="UTF-8" @@ -44,7 +41,7 @@ Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP -@@ -1835,10 +1838,11 @@ +@@ -1924,10 +1927,11 @@ Apache Tomcat ${version} native binaries encoding="UTF-8" docencoding="UTF-8" charset="UTF-8" @@ -57,7 +54,7 @@ Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP -@@ -1855,10 +1859,11 @@ +@@ -1944,10 +1948,11 @@ Apache Tomcat ${version} native binaries encoding="UTF-8" docencoding="UTF-8" charset="UTF-8" @@ -71,12 +68,12 @@ Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP -@@ -1868,9 +1873,6 @@ +@@ -1957,9 +1962,6 @@ Apache Tomcat ${version} native binaries - -- +- - diff --git a/tomcat-9.0-sle.catalina.policy.patch b/tomcat-9.0-sle.catalina.policy.patch index 2319087..9a50f78 100644 --- a/tomcat-9.0-sle.catalina.policy.patch +++ b/tomcat-9.0-sle.catalina.policy.patch @@ -1,11 +1,8 @@ Index: conf/catalina.policy -IDEA additional info: -Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP -<+>UTF-8 =================================================================== ---- conf/catalina.policy (revision Local version) -+++ conf/catalina.policy (revision Shelved version) -@@ -167,6 +167,9 @@ +--- conf/catalina.policy.orig ++++ conf/catalina.policy +@@ -167,6 +167,9 @@ grant { permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat"; // Precompiled JSPs need access to these packages. @@ -15,7 +12,7 @@ Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.el"; permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime"; permission java.lang.RuntimePermission -@@ -230,6 +233,15 @@ +@@ -216,6 +219,15 @@ grant codeBase "file:${catalina.home}/we }; diff --git a/tomcat-9.0-tomcat-users-webapp.patch b/tomcat-9.0-tomcat-users-webapp.patch index cb7783a..8215910 100644 --- a/tomcat-9.0-tomcat-users-webapp.patch +++ b/tomcat-9.0-tomcat-users-webapp.patch @@ -1,6 +1,8 @@ ---- conf/tomcat-users.xml~ 2008-01-28 17:41:06.000000000 -0500 -+++ conf/tomcat-users.xml 2008-03-07 19:40:07.000000000 -0500 -@@ -23,4 +23,14 @@ +Index: conf/tomcat-users.xml +=================================================================== +--- conf/tomcat-users.xml.orig ++++ conf/tomcat-users.xml +@@ -41,4 +41,14 @@ --> diff --git a/tomcat.changes b/tomcat.changes index d940a77..80a837f 100644 --- a/tomcat.changes +++ b/tomcat.changes @@ -1,8 +1,21 @@ +------------------------------------------------------------------- +Thu Oct 18 08:12:41 UTC 2018 - malbu@suse.com + +- Update to Tomcat 9.0.12. See changelog at + http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt) +- Fixed CVEs: + - CVE-2018-11784 (bsc#1110850) +- Rebased patches: + - tomcat-9.0-disable-osgi-build.patch + - tomcat-9.0-javadoc.patch + - tomcat-9.0-sle.catalina.policy.patch + - tomcat-9.0-tomcat-users-webapp.patch + ------------------------------------------------------------------- Tue Sep 11 10:34:02 UTC 2018 - ecsos@opensuse.org - Declare following files to config(noreplace) to prevent override - access rights: + access rights: - host-manager/META-INF/context.xml - manager/META-INF/context.xml diff --git a/tomcat.spec b/tomcat.spec index c54b4a0..c25432f 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -22,7 +22,7 @@ %define elspec 3.0 %define major_version 9 %define minor_version 0 -%define micro_version 10 +%define micro_version 12 %define packdname apache-tomcat-%{version}-src # FHS 2.3 compliant tree structure - http://www.pathname.com/fhs/2.3/ %global basedir /srv/%{name} @@ -257,8 +257,8 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name " %patch1 %patch2 %patch3 -%patch4 -%patch5 +%patch4 -p1 +%patch5 -p1 # remove date from docs sed -i -e '/build-date/ d' webapps/docs/tomcat-docs.xsl