Hello community, here is the log from the commit of package jetty5 for openSUSE:Factory checked in at Tue Aug 9 16:36:35 CEST 2011.
-------- --- jetty5/jetty5.changes 2009-11-06 13:54:56.000000000 +0100 +++ /mounts/work_src_done/STABLE/jetty5/jetty5.changes 2011-08-05 13:24:43.000000000 +0200 @@ -1,0 +2,16 @@ +Fri Aug 5 11:23:12 UTC 2011 - [email protected] + +- removed all files and the proprietary javax license from tarball + now builds from jetty-5.1.15-suse.tar.bz2 + +------------------------------------------------------------------- +Fri Jun 17 07:45:34 UTC 2011 - [email protected] + +- update to Jetty 5.1.15 + from changelog: + * JETTY-418 synchronized load class + * JETTY-1004 CERT VU402580 Canonical path handling includes ? in + path segment + * Fixes for CERT438616-CERT237888-CERT21284 + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- jetty-5.1.14.tar.bz2 jetty-CERT438616-CERT237888-CERT21284.patch New: ---- jetty-5.1.15-suse.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ jetty5.spec ++++++ --- /var/tmp/diff_new_pack.I8VKjY/_old 2011-08-09 16:35:57.000000000 +0200 +++ /var/tmp/diff_new_pack.I8VKjY/_new 2011-08-09 16:35:57.000000000 +0200 @@ -1,7 +1,7 @@ # -# spec file for package jetty5 (Version 5.1.14) +# spec file for package jetty5 # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -38,13 +38,19 @@ %define demodir %{_localstatedir}/lib/%{name}/demo Name: jetty5 -Version: 5.1.14 -Release: 3 +Version: 5.1.15 +Release: 1 Summary: Webserver and Servlet Container Group: Networking/Daemons License: ASL 2.0 Url: http://jetty.mortbay.org/jetty/ -Source0: http://ftp.mortbay.org/pub/jetty-5/jetty-5.1.14.tar.bz2 +#wget http://dist.codehaus.org/jetty/jetty-5.1.x/jetty-5.1.15.tgz +#tar -xf jetty-5.1.15.tgz +#find jetty-5.1.15/ -name '*?ar' -or -name '*.class' | grep -v 'examples.war' | xargs rm -f +## remove proprietary license for javax77.jar removed before +#rm -f jetty-5.1.15/etc/LICENSE.javax.xml.html +#$ tar -xjf jetty-5.1.15-suse.tar.bz2 jetty-5.1.15/ +Source0: jetty-5.1.15-suse.tar.bz2 Source1: jetty5.script Source2: jetty5.init Source3: jetty.logrotate @@ -57,7 +63,6 @@ Patch1: jetty-PostFileFilter.patch Patch2: jetty-libgcj-bad-serialization.patch Patch3: jetty-TestRFC2616-libgcj-bad-date-parser.patch -Patch4: jetty-CERT438616-CERT237888-CERT21284.patch # PATCH-OPENSUSE: read jettyrc from /etc/jetty5, allow empty pid file, secure temp file creation Patch5: jetty5-jettysh.patch # PATCH-FIX-UPSTREAM bnc#551802, brc#499867 @@ -275,7 +280,6 @@ %patch1 -b .sav %patch2 -b .sav %patch3 -b .sav -%patch4 %patch5 -p1 -b .jettyrc %patch6 -b .CVE-2009-1523 # Delete this Sun specific file. ++++++ jetty-5.1.14-CVE-2009-1523.patch ++++++ --- /var/tmp/diff_new_pack.I8VKjY/_old 2011-08-09 16:35:58.000000000 +0200 +++ /var/tmp/diff_new_pack.I8VKjY/_new 2011-08-09 16:35:58.000000000 +0200 @@ -69,16 +69,3 @@ } resetBuffer(); -diff -up ./src/org/mortbay/util/URI.java.fix ./src/org/mortbay/util/URI.java ---- ./src/org/mortbay/util/URI.java.fix 2009-05-13 16:47:53.000000000 -0400 -+++ ./src/org/mortbay/util/URI.java 2009-05-13 16:48:08.000000000 -0400 -@@ -830,8 +830,7 @@ public class URI - return path; - - int end=path.length(); -- int queryIdx=path.indexOf('?'); -- int start = path.lastIndexOf('/', (queryIdx > 0 ? queryIdx : end)); -+ int start = path.lastIndexOf('/', end); - - search: - while (end>0) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
