- Update to Tomcat 10.1.25
* Fixed CVEs:
+ CVE-2024-34750: Improper handling of exceptional conditions
(bsc#1227399)
* Catalina
+ Add: Add support for shallow copies when using WebDAV. (markt)
+ Code: Deprecate the WebdavFixFilter as it is no longer required. (markt)
+ Fix: 69066: Fix regression in SPNEGO authenticator when processing Base64.
Submitted by Daniel Lyko. (remm)
+ Add: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext) for
retrieving extended/additional information from an established GSS
context. (michaelo)
+ Fix: Correct a regression in the fix for 68721 that caused some instances
of LinkageError to be reported as ClassNotFoundException. (markt)
+ Fix: Ensure that static resources deployed via a JAR file remain
accessible when the context is configured to use a bloom filter. Based on
pull request #730 provided by bergander. (markt)
+ Add: Introduce reference counting so the AprLifecycleListener is more
robust. This particularly targets more complex embedded configurations
with multiple server instances with independent lifecycles where more than
one server instance requires the AprLifecycleListener. (markt)
+ Add: Small performance optimization when logging cookies with no values.
(schultz)
+ Fix: Correct error handling for asynchronous requests. If the application
performs an dispatch during AsyncListener.onError() the dispatch is now
performed rather than completing the request using the error page
mechanism. (markt)
+ Add: Re-factor ElapsedTimeElement in AbstractAccessLogValve to use a
customizable style. (schultz)
+ Add: Add more timescale options to AccessLogValve and
OBS-URL: https://build.opensuse.org/request/show/1186401
OBS-URL: https://build.opensuse.org/package/show/Java:packages/tomcat10?expand=0&rev=44
