Commit Graph

233 Commits

Author SHA1 Message Date
Coty Sutherland
85038a7beb Resolves: rhbz#1459160 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism 2017-06-09 15:39:00 -04:00
Coty Sutherland
ed0c45ddd8 Update to 8.0.43 2017-04-11 09:03:00 -04:00
Coty Sutherland
0f6fb39098 Update to 8.0.42 2017-03-31 09:28:51 -04:00
Coty Sutherland
bcf38b1abe Resolves: rhbz#1403825 CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing
Update to 8.0.41
2017-02-16 15:34:48 -05:00
Fedora Release Engineering
e0f6e3167b - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-11 16:07:14 +00:00
Coty Sutherland
71d81d1e1e Resolves: rhbz#1397493 CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 tomcat: various flaws
Update to 8.0.39
2016-11-29 17:28:09 -05:00
Coty Sutherland
387c0999f6 Update to 8.0.38 2016-10-25 11:04:12 -04:00
Coty Sutherland
ca7279eaa6 I forgot to bump the release 2016-10-23 19:33:16 -04:00
Coty Sutherland
6452f0b23b Resolves: rhbz#1383216 CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation 2016-10-23 19:11:56 -04:00
Coty Sutherland
ca41eb1168 Resolves: rhbz#1382310 CVE-2016-5425 tomcat: Local privilege escalation via systemd-tmpfiles service 2016-10-13 05:00:29 -04:00
Coty Sutherland
55c043f429 Resolves: rhbz#1370262 catalina.out is no longer in use in the main package, but still gets rotated 2016-09-13 14:44:55 -04:00
Coty Sutherland
fe6d560133 Resolves: rhbz#1375581 CVE-2016-5388 CGI sets environmental variable based on user supplied Proxy request header 2016-09-13 13:03:04 -04:00
Coty Sutherland
d5efee4acc Related: rhbz#1349469 Correct typo in changelog entry 2016-08-11 14:05:55 -04:00
Coty Sutherland
d64bf2e904 Resolves: asfbz#59960 Building javadocs with java8 fails 2016-08-08 17:34:21 -04:00
Coty Sutherland
2b099c582b Resolves: rhbz#1359737 Missing maven depmap for the following artifacts: org.apache.tomcat:tomcat-websocket, org.apache.tomcat:tomcat-websocket-api 2016-08-08 16:38:52 -04:00
Coty Sutherland
ea624b1371 Resolves: rhbz#1341850 tomcat-jsvc.service has TOMCAT_USER value hard-coded 2016-08-08 15:37:15 -04:00
Coty Sutherland
b6ffa60f91 Resolves: rhbz#1341853 rpm -V tomcat fails on /var/log/tomcat/catalina.out 2016-08-08 15:36:36 -04:00
Coty Sutherland
4dc51a6a96 Resolves: rhbz#1347835 The security manager doesn't work correctly (JSPs cannot be compiled) 2016-08-08 15:34:21 -04:00
Coty Sutherland
5d682aa9e1 Resolves: rhbz#1347864 The systemd service unit does not allow tomcat to shut down gracefully 2016-08-08 15:32:57 -04:00
Coty Sutherland
50c91f3fe2 Resolves: rhbz#1349469 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service (updates to 8.0.36) 2016-08-08 15:31:26 -04:00
Coty Sutherland
43760819ea Resolves: rhbz#1363884 The tomcat-tool-wrapper script is broken 2016-08-08 15:27:41 -04:00
Coty Sutherland
6bc593d2cc Resolves: rhbz#1364056 The command tomcat-digest doesn't work 2016-08-08 15:25:59 -04:00
Ivan Afonichev
7d21a720d9 Add /etc/tomcat/conf.d/ with shell expansion support, resolves rhbz#1293636 2016-03-02 20:53:07 +03:00
Ivan Afonichev
e0ea77351d Revert sysconfig migration 2016-03-02 20:26:19 +03:00
Ivan Afonichev
ef1b76e880 Fix non-service use and default datasource factory
- Load sysconfig from tomcat.conf, resolves: rhbz#1311771, rhbz#1311905
- Set default javax.sql.DataSource factory to apache commons one, resolves rhbz#1214381
- Fix changelog
2016-02-27 18:26:53 +03:00
Ivan Afonichev
d6fc5df332 [rhbz#1308685] Fix symlinks from $CATALINA_HOME/lib perspective 2016-02-21 23:53:01 +03:00
Ivan Afonichev
65e6257e50 Add Recommends: tomcat-native 2016-02-14 01:44:02 +03:00
Ivan Afonichev
7977e008b9 Updated to 8.0.32
- Remove log4j support. It has never been working actually. See rhbz#1236297
2016-02-14 01:08:21 +03:00
Ivan Afonichev
3bf9b4c925 Switch non-primary service files to sysconfig 2016-02-13 23:58:35 +03:00
Ivan Afonichev
9d76b53468 Set TOMCAT_CFG_LOADED in tomcat.conf 2016-02-13 23:58:24 +03:00
Coty Sutherland
5067f18094 Resolves: rhbz-1121896 tomcat.service loads /etc/sysconfig/tomcat without shell expansion 2016-02-13 23:58:10 +03:00
Coty Sutherland
669936a5b8 Resolves: rhbz-1302718 Program /bin/nologin does not exist 2016-02-13 23:57:57 +03:00
Coty Sutherland
4f6d837abc Resolves: rhbz#1286800 Failed to start component due to wrong allowLinking=true in context.xml 2016-02-13 23:56:56 +03:00
Fedora Release Engineering
6f36935bb4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-05 01:46:06 +00:00
Robert Scheck
dc47b586d3 CATALINA_OPTS are only read when SECURITY_MANAGER is true (#1147105) 2015-11-17 23:42:26 +01:00
Alexander Kurtakov
872c469097 Update to 8.0.26. 2015-08-27 10:57:42 +03:00
Alexander Kurtakov
3a20f845cd Update to 8.0.24. 2015-07-10 11:07:03 +03:00
Alexander Kurtakov
6d77b87550 Drop javax.el:el-api alias.
XMvn ignores duplicated provides and glassfish-el-api provides it too
but has fewer deps so is better match for default.
2015-06-19 19:36:40 +03:00
Alexander Kurtakov
b2dda77052 Update to 8.0.23. 2015-06-18 15:28:42 +03:00
Alexander Kurtakov
a599bc57f3 Drop jetty alias for servlet.
XMvn ignores duplicate provides so better to drop the jetty alias.
2015-06-18 14:54:27 +03:00
Michal Srb
62f8d6a913 Fix metadata for org.apache.tomcat:{tomcat-jni,tomcat-util-scan} 2015-06-10 07:49:59 +02:00
Alexander Kurtakov
c2e91f9ffc Update to tomcat 8.0.20. 2015-03-06 12:01:37 +02:00
Alexander Kurtakov
07e2fb497b Rebuild against tomcat-taglibs-standard. 2015-03-05 21:46:43 +02:00
Alexander Kurtakov
a7f5683fd0 Drop old provides. 2015-03-04 08:33:30 +02:00
Stephen Gallagher
bdf0d75b2e Bump epoch to maintain upgrade path from Fedora 22 2015-03-03 15:20:56 -05:00
Michal Srb
d6cc435f66 Install POM files for org.apache.tomcat:{tomcat-jni,tomcat-util-scan} 2015-02-16 15:50:26 +01:00
Ivan Afonichev
1001f00e0d Updated to 8.0.18 2015-02-16 00:43:27 +03:00
Ivan Afonichev
53dd1361b3 Updated to 8.0.12
Substitute libnames in catalina-tasks.xml, resolves: rhbz#1126439
Use CATALINA_OPTS only on start, resolves: rhbz#1051194
2014-09-21 04:11:01 +04:00
Michal Srb
be711a2ff6 jsp-api requires el-api
Signed-off-by: Mikolaj Izdebski <mizdebsk@redhat.com>
2014-06-16 10:30:03 +02:00
Dennis Gilmore
084db1837c - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-08 03:44:23 -05:00