This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 8659c63624 FollowUp on Improve CVE-2024-56337 protection
8659c63624 is described below
commit 8659c636242ffa42b08e73b1cf55fd05a0d31d1b
Author: Markus Hoffrogge <mhoffro...@gmail.com>
AuthorDate: Tue May 20 17:21:54 2025 +0200
FollowUp on Improve CVE-2024-56337 protection
- service.bat:
- fix JvmOptions9 to match changes in catalina.bat
- improve legibility of JvmOptions9 parameter line
by introducing intermediate set variable JVM9_OPTIONS
- add comment to JVM9_OPTIONS settings
with hint to keep in line with catalina.bat
- catalina.bat:
- add comment to JAVA_OPTIONS --add-opens settings
with hint to keep in line with service.bat
---
bin/catalina.bat | 2 +-
bin/service.bat | 10 +++++++++-
2 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/bin/catalina.bat b/bin/catalina.bat
index 78a7eb9d9f..70601b6799 100755
--- a/bin/catalina.bat
+++ b/bin/catalina.bat
@@ -213,7 +213,7 @@ if not "%LOGGING_MANAGER%" == "" goto noJuliManager
set
LOGGING_MANAGER=-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
:noJuliManager
-rem Configure module start-up parameters
+rem Configure module start-up parameters - ensure to keep it in line with
service.bat
set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.base/java.lang=ALL-UNNAMED"
set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.base/java.io=ALL-UNNAMED"
set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.base/java.util=ALL-UNNAMED"
diff --git a/bin/service.bat b/bin/service.bat
index be6eca7e03..76b61545e1 100755
--- a/bin/service.bat
+++ b/bin/service.bat
@@ -200,6 +200,14 @@ if exist "%CATALINA_HOME%\bin\%DEFAULT_SERVICE_NAME%.exe" (
)
)
+rem Configure JAVA 9 specific start-up parameters - ensure to keep it in line
with catalina.bat
+set "JVM9_OPTIONS=--add-opens=java.base/java.lang=ALL-UNNAMED"
+set "JVM9_OPTIONS=%JVM9_OPTIONS%;--add-opens=java.base/java.io=ALL-UNNAMED"
+set "JVM9_OPTIONS=%JVM9_OPTIONS%;--add-opens=java.base/java.util=ALL-UNNAMED"
+set
"JVM9_OPTIONS=%JVM9_OPTIONS%;--add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
+set
"JVM9_OPTIONS=%JVM9_OPTIONS%;--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
+set "JVM9_OPTIONS=%JVM9_OPTIONS%;--enable-native-access=ALL-UNNAMED"
+
"%EXECUTABLE%" //IS//%SERVICE_NAME% ^
--Description "Apache Tomcat @VERSION@ Server -
https://tomcat.apache.org/"; ^
--DisplayName "Apache Tomcat @VERSION_MAJOR_MINOR@ %SERVICE_NAME%" ^
@@ -218,7 +226,7 @@ if exist "%CATALINA_HOME%\bin\%DEFAULT_SERVICE_NAME%.exe" (
--StartParams start ^
--StopParams stop ^
--JvmOptions
"-Dcatalina.home=%CATALINA_HOME%;-Dcatalina.base=%CATALINA_BASE%;-Djava.io.tmpdir=%CATALINA_BASE%\temp;-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager;-Djava.util.logging.config.file=%CATALINA_BASE%\conf\logging.properties;%JvmArgs%"
^
- --JvmOptions9
"--add-opens=java.base/java.lang=ALL-UNNAMED#--add-opens=java.base/java.io=ALL-UNNAMED#--add-opens=java.base/java.util=ALL-UNNAMED#--add-opens=java.base/java.util.concurrent=ALL-UNNAMED#--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
^
+ --JvmOptions9 "%JVM9_OPTIONS%" ^
--Startup "%SERVICE_STARTUP_MODE%" ^
--JvmMs "%JvmMs%" ^
--JvmMx "%JvmMx%"
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
