Resolves: rhbz#2061424 Add Java 9 start-up parameters to allow reflection

This commit is contained in:
Coty Sutherland 2022-03-08 15:22:53 -05:00
parent 37136861df
commit 9b5ef6dbd7
2 changed files with 14 additions and 1 deletions

View File

@ -0,0 +1,6 @@
# Add the JAVA 9 specific start-up parameters required by Tomcat
JAVA_OPTS="$JAVA_OPTS --add-opens=java.base/java.lang=ALL-UNNAMED"
JAVA_OPTS="$JAVA_OPTS --add-opens=java.base/java.io=ALL-UNNAMED"
JAVA_OPTS="$JAVA_OPTS --add-opens=java.base/java.util=ALL-UNNAMED"
JAVA_OPTS="$JAVA_OPTS --add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
JAVA_OPTS="$JAVA_OPTS --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"

View File

@ -56,7 +56,7 @@
Name: tomcat Name: tomcat
Epoch: 1 Epoch: 1
Version: %{major_version}.%{minor_version}.%{micro_version} Version: %{major_version}.%{minor_version}.%{micro_version}
Release: 1%{?dist} Release: 2%{?dist}
Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
License: ASL 2.0 License: ASL 2.0
@ -73,6 +73,7 @@ Source21: tomcat-functions
Source30: tomcat-preamble Source30: tomcat-preamble
Source31: tomcat-server Source31: tomcat-server
Source32: tomcat-named.service Source32: tomcat-named.service
Source33: java-9-start-up-parameters.conf
Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch
Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch
@ -302,6 +303,8 @@ popd
%{__install} -m 0644 %{SOURCE32} \ %{__install} -m 0644 %{SOURCE32} \
${RPM_BUILD_ROOT}%{_unitdir}/%{name}@.service ${RPM_BUILD_ROOT}%{_unitdir}/%{name}@.service
%{__install} -m 0644 %{SOURCE33} ${RPM_BUILD_ROOT}%{confdir}/conf.d/
# Substitute libnames in catalina-tasks.xml # Substitute libnames in catalina-tasks.xml
sed -i \ sed -i \
"s,el-api.jar,%{name}-el-%{elspec}-api.jar,; "s,el-api.jar,%{name}-el-%{elspec}-api.jar,;
@ -441,6 +444,7 @@ fi
%attr(0775,root,tomcat) %dir %{confdir}/Catalina/localhost %attr(0775,root,tomcat) %dir %{confdir}/Catalina/localhost
%attr(0755,root,tomcat) %dir %{confdir}/conf.d %attr(0755,root,tomcat) %dir %{confdir}/conf.d
%{confdir}/conf.d/README %{confdir}/conf.d/README
%{confdir}/conf.d/java-9-start-up-parameters.conf
%config(noreplace) %{confdir}/%{name}.conf %config(noreplace) %{confdir}/%{name}.conf
%config(noreplace) %{confdir}/*.policy %config(noreplace) %{confdir}/*.policy
%config(noreplace) %{confdir}/*.properties %config(noreplace) %{confdir}/*.properties
@ -496,6 +500,9 @@ fi
%{appdir}/ROOT %{appdir}/ROOT
%changelog %changelog
* Tue Mar 08 2022 Coty Sutherland <csutherl@redhat.com> - 1:9.0.59-2
- Resolves: rhbz#2061424 Add Java 9 start-up parameters to allow reflection
* Wed Mar 02 2022 Sonia Xu <sonix@amazon.com> - 1:9.0.59-1 * Wed Mar 02 2022 Sonia Xu <sonix@amazon.com> - 1:9.0.59-1
- Update to 9.0.59 - Update to 9.0.59
- Resolves: rhbz#2047419 - CVE-2022-23181 tomcat: local privilege escalation vulnerability - Resolves: rhbz#2047419 - CVE-2022-23181 tomcat: local privilege escalation vulnerability