[packages/tomcat] - up to 7.0.90; fixes CVE-2017-12617
arekm
arekm at pld-linux.org
Thu Jul 26 14:26:00 CEST 2018
commit bdef47f6371f21103933b115ba75680331459214
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Thu Jul 26 14:25:54 2018 +0200
- up to 7.0.90; fixes CVE-2017-12617
tomcat-build.xml.patch | 25 +++++++++++++++++++++++--
tomcat.spec | 8 ++++----
2 files changed, 27 insertions(+), 6 deletions(-)
---
diff --git a/tomcat.spec b/tomcat.spec
index 0a8f854..cb9adc6 100644
--- a/tomcat.spec
+++ b/tomcat.spec
@@ -9,18 +9,18 @@
%define tomcatnatver 1.1.27
# Java Commons Logging version. Must be >= 1.1.
-%define jclver 1.1.3
+%define jclver 1.2
%include /usr/lib/rpm/macros.java
Summary: Web server and Servlet/JSP Engine, RI for Servlet %{servletapiver}/JSP %{jspapiver} API
Summary(pl.UTF-8): Serwer www i silnik Servlet/JSP będący wzorcową implementacją API Servlet %{servletapiver}/JSP %{jspapiver}
Name: tomcat
-Version: 7.0.88
+Version: 7.0.90
Release: 1
License: Apache v2.0
Group: Networking/Daemons/Java
Source0: http://www.apache.org/dist/tomcat/tomcat-7/v%{version}/src/apache-%{name}-%{version}-src.tar.gz
-# Source0-md5: 839796dfd31ac436c009006f1f815b10
+# Source0-md5: d5b2197a0a5fcc2101aa54648acab2b2
Source1: apache-%{name}.init
Source2: apache-%{name}.sysconfig
Source3: %{name}-build.properties
@@ -32,7 +32,7 @@ Source14: %{name}-context-examples.xml
Source15: %{name}.logrotate
Source16: log4j.properties
Source100: http://www.apache.org/dist/commons/logging/source/commons-logging-%{jclver}-src.tar.gz
-# Source100-md5: e8e197d628436490886d17cffa108fe3
+# Source100-md5: ce977548f1cbf46918e93cd38ac35163
Patch0: %{name}-build.xml.patch
Patch1: server.xml-URIEncoding-utf8.patch
Patch2: %{name}-LDAPUserDatabase.patch
diff --git a/tomcat-build.xml.patch b/tomcat-build.xml.patch
index 487f131..52ed244 100644
--- a/tomcat-build.xml.patch
+++ b/tomcat-build.xml.patch
@@ -27,7 +27,7 @@
if="${test.cobertura}"
description="Adds Cobertura instrumentation to the compiled bytecode">
-@@ -1430,52 +1369,10 @@
+@@ -1556,67 +1556,10 @@
<mkdir dir="${tomcat.extras}/webservices"/>
</target>
@@ -40,30 +40,45 @@
- <param name="sourcefile.2" value="${commons-logging-src.loc.2}"/>
- <param name="destfile" value="${commons-logging-src.tar.gz}"/>
- <param name="destdir" value="${commons-logging.home}"/>
+- <param name="checksum.enabled" value="${commons-logging-src.checksum.enabled}"/>
+- <param name="checksum.algorithm" value="${commons-logging-src.checksum.algorithm}"/>
+- <param name="checksum.value" value="${commons-logging-src.checksum.value}"/>
- </antcall>
-
- <antcall target="downloadfile">
- <param name="sourcefile" value="${avalon-framework.loc}"/>
- <param name="destfile" value="${avalon-framework.jar}"/>
- <param name="destdir" value="${avalon-framework.home}"/>
+- <param name="checksum.enabled" value="${avalon-framework.checksum.enabled}"/>
+- <param name="checksum.algorithm" value="${avalon-framework.checksum.algorithm}"/>
+- <param name="checksum.value" value="${avalon-framework.checksum.value}"/>
- </antcall>
-
- <antcall target="downloadfile">
- <param name="sourcefile" value="${log4j.loc}"/>
- <param name="destfile" value="${log4j.jar}"/>
- <param name="destdir" value="${log4j.home}"/>
+- <param name="checksum.enabled" value="${log4j.checksum.enabled}"/>
+- <param name="checksum.algorithm" value="${log4j.checksum.algorithm}"/>
+- <param name="checksum.value" value="${log4j.checksum.value}"/>
- </antcall>
-
- <antcall target="downloadfile">
- <param name="sourcefile" value="${logkit.loc}"/>
- <param name="destfile" value="${logkit.jar}"/>
- <param name="destdir" value="${logkit.home}"/>
+- <param name="checksum.enabled" value="${logkit.checksum.enabled}"/>
+- <param name="checksum.algorithm" value="${logkit.checksum.algorithm}"/>
+- <param name="checksum.value" value="${logkit.checksum.value}"/>
- </antcall>
-
- <antcall target="downloadfile">
- <param name="sourcefile" value="${servletapi.loc}"/>
- <param name="destfile" value="${servletapi.jar}"/>
- <param name="destdir" value="${servletapi.home}"/>
+- <param name="checksum.enabled" value="${servletapi.checksum.enabled}"/>
+- <param name="checksum.algorithm" value="${servletapi.checksum.algorithm}"/>
+- <param name="checksum.value" value="${servletapi.checksum.value}"/>
- </antcall>
-
- </target>
@@ -91,7 +106,7 @@
<fileset file="${log4j.jar}" />
<fileset file="${logkit.jar}" />
<fileset file="${servletapi.jar}" />
-@@ -1577,18 +1475,6 @@
+@@ -1660,24 +1660,6 @@
depends="extras-prepare"
description="Prepare to build web services extras package">
@@ -99,12 +114,18 @@
- <param name="sourcefile" value="${jaxrpc-lib.loc}"/>
- <param name="destfile" value="${jaxrpc-lib.jar}"/>
- <param name="destdir" value="${jaxrpc-lib.home}"/>
+- <param name="checksum.enabled" value="${jaxrpc-lib.checksum.enabled}"/>
+- <param name="checksum.algorithm" value="${jaxrpc-lib.checksum.algorithm}"/>
+- <param name="checksum.value" value="${jaxrpc-lib.checksum.value}"/>
- </antcall>
-
- <antcall target="downloadfile">
- <param name="sourcefile" value="${wsdl4j-lib.loc}"/>
- <param name="destfile" value="${wsdl4j-lib.jar}"/>
- <param name="destdir" value="${wsdl4j-lib.home}"/>
+- <param name="checksum.enabled" value="${wsdl4j-lib.checksum.enabled}"/>
+- <param name="checksum.algorithm" value="${wsdl4j-lib.checksum.algorithm}"/>
+- <param name="checksum.value" value="${wsdl4j-lib.checksum.value}"/>
- </antcall>
-
<copy file="${jaxrpc-lib.jar}"
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/tomcat.git/commitdiff/bdef47f6371f21103933b115ba75680331459214
More information about the pld-cvs-commit
mailing list