rpms
/
pki-servlet-engine
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to JWS 5.0.1 distribution 

Resolves: rhbz#1619232 - CVE-2018-8037 pki-servlet-container: tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up
Resolves: rhbz#1641874 - CVE-2018-11784 pki-servlet-container: tomcat: Open redirect in default servlet
This commit is contained in:
Coty Sutherland 2018-11-09 11:42:09 -05:00 committed by Endi S. Dewata
parent f7e577bfc8
commit 9d6007e5f2
2 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pki-servlet-container.spec
View File

@ -31,7 +31,7 @@
%global major_version 9
%global minor_version 0
%global micro_version 7
%global redhat_version 10
%global redhat_version 12
%global packdname apache-tomcat-%{version}.redhat-%{redhat_version}-src
# Specification versions
@ -58,14 +58,14 @@
Name: pki-servlet-container
Epoch: 1
Version: %{major_version}.%{minor_version}.%{micro_version}
Release: 13%{?dist}
Release: 14%{?dist}
Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
Group: System Environment/Daemons
License: ASL 2.0
URL: http://tomcat.apache.org/
#Source0: http://www.apache.org/dist/tomcat/tomcat-%%{major_version}/v%%{version}/src/%%{packdname}.tar.gz
Source0: tomcat-9.0.7.redhat-10-src.zip
Source0: tomcat-%{version}.redhat-%{redhat_version}-src.zip
Source1: tomcat-%{major_version}.%{minor_version}.conf
Source3: tomcat-%{major_version}.%{minor_version}.sysconfig
Source4: tomcat-%{major_version}.%{minor_version}.wrapper
@ -455,6 +455,11 @@ fi
%{_mavenpomdir}/JPP-tomcat-servlet-api.pom
%changelog
* Fri Nov 09 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.7-14
- Update to JWS 5.0.1 distribution
- Resolves: rhbz#1619232 - CVE-2018-8037 pki-servlet-container: tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up
- Resolves: rhbz#1641874 - CVE-2018-11784 pki-servlet-container: tomcat: Open redirect in default servlet
* Fri Aug 03 2018 Fraser Tweedale <ftweedal@redhat.com> - 1:9.0.7-13
- Reinstate Maven artifacts and fix maven-metadata JAR path

2
sources
View File

@ -1 +1 @@
32bca41cb6e6a99498966ac885e4922e tomcat-9.0.7.redhat-10-src.zip
1e8f64d492694b76faee6c0825e0adf3 tomcat-9.0.7.redhat-12-src.zip