Accepting request 759699 from home:mateialbu:branches:Java:packages

- Update to Tomcat 9.0.30. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs: - CVE-2019-12418 (bsc#1159723) - CVE-2019-17563 (bsc#1159729) OBS-URL: https://build.opensuse.org/request/show/759699 OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat?expand=0&rev=180
2020-01-08 07:19:26 +00:00 · 2020-01-08 07:19:26 +00:00 · 959ac9a805
commit 959ac9a805
parent addc1ce48e
7 changed files with 35 additions and 91 deletions
--- a/apache-tomcat-9.0.27-src.tar.gz
+++ b/apache-tomcat-9.0.27-src.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:5a78d96d388a0d143a9f9f002db18659d478f44bed19b59ec6f6d4e09033c7f1
 size 5761278
--- a/apache-tomcat-9.0.27-src.tar.gz.asc
+++ b/apache-tomcat-9.0.27-src.tar.gz.asc
@ -1,16 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCAAdFiEEqcXfTSLpmZjZh1pREMAcWi9gWecFAl2bDO8ACgkQEMAcWi9g
 Wecy8hAAkeYA9buTHPdlkkcVa3pg8ROg06QB56iI2318FjObFUqbKLfehM+Kluft
 1W24fp2QC+JWU3dwX1A8zANr0qtBJ4GEzbdZr7f7MivBvc8Eqlo5pL45McTgMoyI
 KjlYgFF5U/hFkMNMk5J5h+q9NjnojgFJsy18fPnfry7BfS2aC+qegBvnFm5svmoO
 K9y7nGxv8TFZs2Q0H2yExgiezrjsBCZllGDqyK/9kIFp1nbWr4eMcdU5a6lHOtP2
 LI/z4+dSfPN1ktyymPP2sq851C1XlRl5R8J4YRWOqGzPIYkAUKOcDxGRel5Uw4wd
 F4RQbb+oZ0S8YXN9mks/u0Shv2Dtq5cuSGEyrsRyT4+ZL/EwkwWaoCoVAG17bARC
 +J1aGHJAtJYA7lyJB0q3BLZRP7YENJv0kfxk4YWDABYvbXN0vMlFvhihc4byvO9J
 XqHo4C5unBbU7jcSP+/GJhuujMTxOqiG9NUwOMrLHNsUjsQTYNMyFzzm5OA9I0eZ
 JT+qWMm4Cu/v9a+6pfMv5tNWRhhLjeCfO7jcp2k+E+3YX3jghPy+RWOH1bT2ccZA
 Os0WbdmRtSW9lkQlqYaXE7uAgXE/yZmDLfngVEcJnJjhZCLKskx3XqNI6uR0t7c0
 9lOU1GBAH94ztZjAOkCIwjH3Roi5vsuGcAmYFyusIS7QSTXQfso=
 =s4BA
 -----END PGP SIGNATURE-----
--- a/apache-tomcat-9.0.30-src.tar.gz
+++ b/apache-tomcat-9.0.30-src.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:073bf0a56738d9bcb70c6065077495506b41dcea26731f0599c701efb90dc4ba
 size 5798307
--- a/apache-tomcat-9.0.30-src.tar.gz.asc
+++ b/apache-tomcat-9.0.30-src.tar.gz.asc
@ -0,0 +1,16 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCAAdFiEEqcXfTSLpmZjZh1pREMAcWi9gWecFAl3r2Q8ACgkQEMAcWi9g
 WefsBg/8CwNTI+JvM9pVcD7I3QzHjZJ61JMkf/cmgTvuDbWHCIlWiXqXEd5NcizF
 yuC1lg+8JotS+ZK5puOlZRzfX1W9sQ0ry6namKb6msj/czcgAQUVMIRC8ezjAlHe
 4pyweTv1bBVnL5zyvQr/f4344i/hzwR0PBFeNu2dAXp7Hs1E4nMDNi8j0RrNUF3s
 8WmIH+TxlNAJ0efc7T0NkQ3UbbOyuqDeAhAFlcFgZny/91JjAEJNs/ne1KXFZ2kK
 cyTOf03TBmz4HjNtQBTE7S8r1ZKGU1PJumivPnUToKgdBUf3SWiF3m3ywYXhbOIs
 OkME+Ru1Sx8M87fvqTf7qxgIaMk1DtTqqyG4K9bkhaDvnGTpqA+vSHK7rdnQVa1V
 E8ubJNA1/k94gLd2x9l4iP9ofgeF7U+Z0/UV3sJ6/U9RDHvm5QYEbgnoufCNiI/F
 59wUKSJbyCCVCH4t6w1PQg33hOHG+pqGDZS2L4Ji26UJzMb7cdftnn5BDOm8+pWX
 An50t/4X2yhYC9HyiCUFKsZdew0Sb0LTtqwySpagrjiW6KhxVqUoN1YwSBrcseXW
 DFsqQSPOYVMD9b05f5sog7gczI+2nusrshBWQD8rU0NPbuUladEJGP8MTlb2F4W5
 MecDnTUgJqvlrVgNULWaxcxby2NGh8bzoDXfE/Eg+JTDenh2g54=
 =Pnl6
 -----END PGP SIGNATURE-----
--- a/tomcat-9.0-JDTCompiler-java.patch
+++ b/tomcat-9.0-JDTCompiler-java.patch
@ -1,62 +0,0 @@
 Index: apache-tomcat-9.0.19-src/java/org/apache/jasper/compiler/JDTCompiler.java
 ===================================================================
 --- apache-tomcat-9.0.19-src.orig/java/org/apache/jasper/compiler/JDTCompiler.java
 +++ apache-tomcat-9.0.19-src/java/org/apache/jasper/compiler/JDTCompiler.java
@@ -312,18 +312,18 @@ public class JDTCompiler extends org.apa
                              CompilerOptions.VERSION_1_7);
             } else if(opt.equals("1.8")) {
                 settings.put(CompilerOptions.OPTION_Source,
 -                             CompilerOptions.VERSION_1_8);
 +                             "1.8"); // CompilerOptions.VERSION_1_8
             // Version format changed from Java 9 onwards.
             // Support old format that was used in EA implementation as well
             } else if(opt.equals("9") || opt.equals("1.9")) {
                 settings.put(CompilerOptions.OPTION_Source,
 -                             CompilerOptions.VERSION_9);
 +                             "9"); // CompilerOptions.VERSION_9
             } else if(opt.equals("10")) {
                 settings.put(CompilerOptions.OPTION_Source,
 -                             CompilerOptions.VERSION_10);
 +                             "10"); // CompilerOptions.VERSION_10
             } else if(opt.equals("11")) {
                 settings.put(CompilerOptions.OPTION_Source,
 -                             CompilerOptions.VERSION_11);
 +                             "11"); // CompilerOptions.VERSION_11
             } else if(opt.equals("12")) {
                 // Constant not available in latest ECJ version shipped with
                 // Tomcat. May be supported in a snapshot build.
@@ -377,26 +377,26 @@ public class JDTCompiler extends org.apa
                         CompilerOptions.VERSION_1_7);
             } else if(opt.equals("1.8")) {
                 settings.put(CompilerOptions.OPTION_TargetPlatform,
 -                             CompilerOptions.VERSION_1_8);
 +                             "1.8"); // CompilerOptions.VERSION_1_8
                 settings.put(CompilerOptions.OPTION_Compliance,
 -                        CompilerOptions.VERSION_1_8);
 +                        "1.8"); // CompilerOptions.VERSION_1_8
             // Version format changed from Java 9 onwards.
             // Support old format that was used in EA implementation as well
             } else if(opt.equals("9") || opt.equals("1.9")) {
                 settings.put(CompilerOptions.OPTION_TargetPlatform,
 -                             CompilerOptions.VERSION_9);
 +                             "9"); // CompilerOptions.VERSION_9
                 settings.put(CompilerOptions.OPTION_Compliance,
 -                        CompilerOptions.VERSION_9);
 +                        "9"); // CompilerOptions.VERSION_9
             } else if(opt.equals("10")) {
                 settings.put(CompilerOptions.OPTION_TargetPlatform,
 -                        CompilerOptions.VERSION_10);
 +                        "10"); // CompilerOptions.VERSION_10
                 settings.put(CompilerOptions.OPTION_Compliance,
 -                        CompilerOptions.VERSION_10);
 +                        "10"); // CompilerOptions.VERSION_10
             } else if(opt.equals("11")) {
                 settings.put(CompilerOptions.OPTION_TargetPlatform,
 -                        CompilerOptions.VERSION_11);
 +                        "11"); // CompilerOptions.VERSION_11
                 settings.put(CompilerOptions.OPTION_Compliance,
 -                        CompilerOptions.VERSION_11);
 +                        "11"); // CompilerOptions.VERSION_11
             } else if(opt.equals("12")) {
                 // Constant not available in latest ECJ version shipped with
                 // Tomcat. May be supported in a snapshot build.
--- a/tomcat.changes
+++ b/tomcat.changes
@ -1,3 +1,12 @@
 -------------------------------------------------------------------
 Fri Dec 27 10:22:58 UTC 2019 - Matei Albu <malbu@suse.com>
 - Update to Tomcat 9.0.30. See changelog at
  http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt)
 - Fixed CVEs:
  - CVE-2019-12418 (bsc#1159723)
  - CVE-2019-17563 (bsc#1159729)
 -------------------------------------------------------------------
 Mon Nov 18 09:13:10 UTC 2019 - Fridrich Strba <fstrba@suse.com>
--- a/tomcat.spec
+++ b/tomcat.spec
@ -1,7 +1,7 @@
 #
 # spec file for package tomcat
 #
-# Copyright (c) 2019 SUSE LLC.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
 # Copyright (c) 2000-2009, JPackage Project
 #
 # All modifications and additions to the file contributed by third parties
@ -22,7 +22,7 @@
 %define elspec 3.0
 %define major_version 9
 %define minor_version 0
-%define micro_version 27
+%define micro_version 30
 %define packdname apache-tomcat-%{version}-src
 # FHS 2.3 compliant tree structure - http://www.pathname.com/fhs/2.3/
 %global basedir /srv/%{name}
@ -73,14 +73,12 @@ Source1002:     %{name}.keyring
 Patch0:         %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch
 #PATCH-FIX-UPSTREAM: from jpackage.org package
 Patch1:         %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch
 # PATCH-FIX-UPSTREAM: https://issues.apache.org/bugzilla/show_bug.cgi?id=56373
 Patch2:         %{name}-%{major_version}.%{minor_version}-JDTCompiler-java.patch
 # PATCH-FIX-SLE: Change security manager default policies bnc#891264
-Patch3:         %{name}-%{major_version}.%{minor_version}-sle.catalina.policy.patch
+Patch2:         %{name}-%{major_version}.%{minor_version}-sle.catalina.policy.patch
 # PATCH-FIX-OPENSUSE: build javadoc with the same java source level as the class files
-Patch4:         %{name}-%{major_version}.%{minor_version}-javadoc.patch
+Patch3:         %{name}-%{major_version}.%{minor_version}-javadoc.patch
 # PATCH-FIX-OPENSUSE: disable adding OSGi metadata to JAR files because bndtools is not avalable in SLES/OpenSUSE
-Patch5:         tomcat-9.0-disable-osgi-build.patch
+Patch4:         tomcat-9.0-disable-osgi-build.patch
 BuildRequires:  ant >= 1.8.1
 BuildRequires:  ant-antlr
@ -255,10 +253,9 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name "
          -name "*.jar" -o -name "*.war" -o -name "*.zip" \) -print -delete
 %patch0
 %patch1
-#%patch2 -p1
+%patch2
-%patch3
+%patch3 -p1
 %patch4 -p1
 %patch5 -p1
 # remove date from docs
 sed -i -e '/build-date/ d' webapps/docs/tomcat-docs.xsl