rpms/pki-servlet-engine
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to JWS 5.0.2 distribution

Browse Source
This commit is contained in:
Coty Sutherland 2019-03-04 15:28:28 -05:00 committed by Endi S. Dewata
parent 9d6007e5f2
commit 00b9240636
2 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pki-servlet-container.spec
View File

@ -31,7 +31,7 @@
%global major_version 9
%global minor_version 0
%global micro_version 7
%global redhat_version 12
%global redhat_version 16
%global packdname apache-tomcat-%{version}.redhat-%{redhat_version}-src
# Specification versions
@ -455,8 +455,10 @@ fi
%{_mavenpomdir}/JPP-tomcat-servlet-api.pom
%changelog
* Fri Nov 09 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.7-14
- Update to JWS 5.0.1 distribution
* Mon Mar 04 2019 Coty Sutherland <csutherl@redhat.com> - 1:9.0.7-14
- Update to JWS 5.0.2 distribution
- Resolves: rhbz#1658846 CVE-2018-8034 pki-servlet-container: tomcat: host name verification missing in WebSocket client
- Resolves: rhbz#1579614 CVE-2018-8014 pki-servlet-container: tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins
- Resolves: rhbz#1619232 - CVE-2018-8037 pki-servlet-container: tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up
- Resolves: rhbz#1641874 - CVE-2018-11784 pki-servlet-container: tomcat: Open redirect in default servlet

2
sources
View File

@ -1 +1 @@
1e8f64d492694b76faee6c0825e0adf3 tomcat-9.0.7.redhat-12-src.zip
cab3a9624554d5bd07bff460251bddab tomcat-9.0.7.redhat-16-src.zip