[packages/tomcat] - up to 7.0.72

arekm arekm at pld-linux.org
Tue Oct 25 14:31:46 CEST 2016 

commit a65fd03ebc081016ac6374426b2e883059499513
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Tue Oct 25 14:31:40 2016 +0200

    - up to 7.0.72

 tomcat-CVE-2016-5388.patch | 12 ------------
 tomcat.spec                |  6 ++----
 2 files changed, 2 insertions(+), 16 deletions(-)
---
diff --git a/tomcat.spec b/tomcat.spec
index 40284e7..80f47d3 100644
--- a/tomcat.spec
+++ b/tomcat.spec
@@ -15,12 +15,12 @@
 Summary:	Web server and Servlet/JSP Engine, RI for Servlet %{servletapiver}/JSP %{jspapiver} API
 Summary(pl.UTF-8):	Serwer www i silnik Servlet/JSP będący wzorcową implementacją API Servlet %{servletapiver}/JSP %{jspapiver}
 Name:		tomcat
-Version:	7.0.70
+Version:	7.0.72
 Release:	1
 License:	Apache v2.0
 Group:		Networking/Daemons/Java
 Source0:	http://www.apache.org/dist/tomcat/tomcat-7/v%{version}/src/apache-%{name}-%{version}-src.tar.gz
-# Source0-md5:	0f56c888df5002cce25fce91634a65c9
+# Source0-md5:	e176d014e49685e2642f7abd8eb7b53b
 Source1:	apache-%{name}.init
 Source2:	apache-%{name}.sysconfig
 Source3:	%{name}-build.properties
@@ -41,7 +41,6 @@ Patch4:		%{name}-userdir.patch
 Patch5:		logging.patch
 Patch6:		jcl.patch
 Patch7:		%{name}-build.patch
-Patch8:		tomcat-CVE-2016-5388.patch
 Patch100:	jcl-build.xml.patch
 URL:		http://tomcat.apache.org/
 BuildRequires:	ant >= 1.5.3
@@ -272,7 +271,6 @@ javax.servlet.http, javax.servlet.jsp i java.servlet.jsp.tagext).
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
-%patch8 -p1
 
 # Prepare java-commmons-logging sources
 install -d output/extras/logging
diff --git a/tomcat-CVE-2016-5388.patch b/tomcat-CVE-2016-5388.patch
deleted file mode 100644
index d856006..0000000
--- a/tomcat-CVE-2016-5388.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- apache-tomcat-7.0.70-src/java/org/apache/catalina/servlets/CGIServlet.java.orig	2016-06-15 18:45:50.000000000 +0200
-+++ apache-tomcat-7.0.70-src/java/org/apache/catalina/servlets/CGIServlet.java	2016-07-19 15:35:56.656316104 +0200
-@@ -1107,7 +1107,8 @@ public final class CGIServlet extends Ht
-                 //REMIND: change character set
-                 //REMIND: I forgot what the previous REMIND means
-                 if ("AUTHORIZATION".equalsIgnoreCase(header) ||
--                    "PROXY_AUTHORIZATION".equalsIgnoreCase(header)) {
-+                    "PROXY_AUTHORIZATION".equalsIgnoreCase(header) ||
-+                    "PROXY".equalsIgnoreCase(header)) {
-                     //NOOP per CGI specification section 11.2
-                 } else {
-                     envp.put("HTTP_" + header.replace('-', '_'),
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/tomcat.git/commitdiff/a65fd03ebc081016ac6374426b2e883059499513

More information about the pld-cvs-commit mailing list