packages: tomcat/tomcat.spec - added security-related patches (backported f...
pawelz
pawelz at pld-linux.org
Tue Jun 9 20:15:33 CEST 2009
Author: pawelz Date: Tue Jun 9 18:15:33 2009 GMT
Module: packages Tag: HEAD
---- Log message:
- added security-related patches (backported from svn trunk)
- dropped security blockers
- rel 2
[fixes: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783]
---- Files affected:
packages/tomcat:
tomcat.spec (1.126 -> 1.127)
---- Diffs:
================================================================
Index: packages/tomcat/tomcat.spec
diff -u packages/tomcat/tomcat.spec:1.126 packages/tomcat/tomcat.spec:1.127
--- packages/tomcat/tomcat.spec:1.126 Mon Jun 8 13:13:28 2009
+++ packages/tomcat/tomcat.spec Tue Jun 9 20:15:28 2009
@@ -9,7 +9,7 @@
Summary(pl.UTF-8): Silnik Servlet/JSP Apache będący wzorcową implementacją API Servlet 2.4/JSP 2.0
Name: tomcat
Version: 5.5.27
-Release: 1
+Release: 2
License: Apache v2.0
Group: Networking/Daemons/Java
Source0: http://www.apache.org/dist/tomcat/tomcat-5/v%{version}/src/apache-%{name}-%{version}-src.tar.gz
@@ -30,24 +30,14 @@
Patch6: apache-%{name}-struts.patch
Patch7: apache-%{name}-admin-struts.patch
Patch8: apache-%{name}-no_links_to_examples.patch
+# Following patches are applied in tomcat svn. Remove them while updating to 5.5.28
+# See: http://tomcat.apache.org/security-5.html
+Patch100: tomcat-CVE-2008-5515.patch
+Patch101: tomcat-CVE-2009-0033.patch
+Patch102: tomcat-CVE-2009-0580.patch
+Patch103: tomcat-CVE-2009-0781.patch
+Patch104: tomcat-CVE-2009-0783.patch
URL: http://tomcat.apache.org/
-# http://tomcat.apache.org/security-5.html
-# Requires upgrade to 6.0.20 or (in future) 5.5.28. Or patch:
-# http://svn.apache.org/viewvc?rev=781362&view=rev
-BuildRequires: security(CVE-2009-0033)
-# http://tomcat.apache.org/security-5.html
-# Requires upgrade to 6.0.20 or (in future) 5.5.28. Or patch:
-# http://svn.apache.org/viewvc?rev=781379&view=rev
-BuildRequires: security(CVE-2009-0580)
-# http://tomcat.apache.org/security-5.html
-# Requires upgrade to 6.0.20 or (in future) 5.5.28. Or patches:
-# http://svn.apache.org/viewvc?rev=781542&view=rev
-# http://svn.apache.org/viewvc?rev=681156&view=rev
-BuildRequires: security(CVE-2009-0783)
-# http://tomcat.apache.org/security-5.html
-# Requires upgrade to 6.0.20 or (in future) 5.5.28. Or patch:
-# http://svn.apache.org/viewvc?rev=750928&view=rev
-BuildRequires: security(CVE-2009-0781)
%if %{with java_sun}
BuildRequires: java-sun >= 1.5
BuildRequires: java-sun-jre >= 1.5
@@ -208,6 +198,12 @@
%patch7 -p1
%patch8 -p1
+%patch100 -p0
+%patch101 -p0
+%patch102 -p0
+%patch103 -p0
+%patch104 -p0
+
# we don't need those scripts
rm -f container/catalina/src/bin/*.bat
rm -f container/catalina/src/bin/{startup,shutdown}.sh
@@ -465,6 +461,12 @@
All persons listed below can be reached at <cvs_login>@pld-linux.org
$Log$
+Revision 1.127 2009/06/09 18:15:28 pawelz
+- added security-related patches (backported from svn trunk)
+- dropped security blockers
+- rel 2
+ [fixes: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783]
+
Revision 1.126 2009/06/08 11:13:28 blues
- 4 security blockers added and move CVE notes for previous releases
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/tomcat/tomcat.spec?r1=1.126&r2=1.127&f=u
More information about the pld-cvs-commit
mailing list