rpms/tomcat
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Add changelog entries for CVEs to update notes

Browse Source
This commit is contained in:
Coty Sutherland 2018-12-13 10:54:36 -05:00
parent 43c6ccdf49
commit 27dc97c365
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
tomcat.spec
View File

@ -692,12 +692,17 @@ fi
%changelog
* Thu Dec 13 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.13-1
- Update to 9.0.13
- Resolves: rhbz#1636513 - CVE-2018-11784 tomcat: Open redirect in default servlet
* Sun Oct 14 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1:9.0.10-2
- Drop legcy sys-v bits
* Tue Jul 31 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.10-1
- Update to 9.0.10
- Resolves: rhbz#1624929 - CVE-2018-1336 tomcat: A bug in the UTF-8 decoder can lead to DoS
- Resolves: rhbz#1579612 - CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins
- Resolves: rhbz#1607586 - CVE-2018-8034 tomcat: host name verification missing in WebSocket client
- Resolves: rhbz#1607584 - CVE-2018-8037 tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:9.0.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild