Author: markt
Date: Sun Feb 2 15:26:07 2014
New Revision: 1563634
URL: http://svn.apache.org/r1563634
Log:
Update for 6.0.39 release (excluding docs)
Modified:
tomcat/site/trunk/build.properties.default
tomcat/site/trunk/docs/doap_Tomcat.rdf
tomcat/site/trunk/docs/download-60.html
tomcat/site/trunk/docs/index.html
tomcat/site/trunk/docs/migration-6.html
tomcat/site/trunk/docs/oldnews-2013.html
tomcat/site/trunk/docs/security-6.html
tomcat/site/trunk/docs/whichversion.html
tomcat/site/trunk/xdocs/doap_Tomcat.rdf
tomcat/site/trunk/xdocs/download-60.xml
tomcat/site/trunk/xdocs/index.xml
tomcat/site/trunk/xdocs/migration-6.xml
tomcat/site/trunk/xdocs/oldnews-2013.xml
tomcat/site/trunk/xdocs/security-6.xml
tomcat/site/trunk/xdocs/whichversion.xml
Modified: tomcat/site/trunk/build.properties.default
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/build.properties.default?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/build.properties.default (original)
+++ tomcat/site/trunk/build.properties.default Sun Feb 2 15:26:07 2014
@@ -36,7 +36,7 @@ tomcat.loc=http://www.apache.org/dist/to
# ----- Tomcat versions -----
-tomcat60=6.0.36
+tomcat60=6.0.39
tomcat70=7.0.50
tomcat80=8.0.0-RC10
Modified: tomcat/site/trunk/docs/doap_Tomcat.rdf
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/doap_Tomcat.rdf?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/doap_Tomcat.rdf (original)
+++ tomcat/site/trunk/docs/doap_Tomcat.rdf Sun Feb 2 15:26:07 2014
@@ -71,8 +71,8 @@
<release>
<Version>
<name>Latest Stable 6.0.x Release</name>
- <created>2013-05-03</created>
- <revision>6.0.37</revision>
+ <created>2013-01-31</created>
+ <revision>6.0.39</revision>
</Version>
</release>
<repository>
Modified: tomcat/site/trunk/docs/download-60.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-60.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/download-60.html (original)
+++ tomcat/site/trunk/docs/download-60.html Sun Feb 2 15:26:07 2014
@@ -204,8 +204,8 @@
<div class="text">
<a href="https://www.apache.org/dist/tomcat/tomcat-6/KEYS";>KEYS</a> |
- <a href="#6.0.37">6.0.37</a> |
- <a href="[preferred]tomcat/tomcat-6/v6.0.37" rel="nofollow">Browse</a>
|
+ <a href="#6.0.39">6.0.39</a> |
+ <a href="[preferred]tomcat/tomcat-6/v6.0.39" rel="nofollow">Browse</a>
|
<a href="http://archive.apache.org/dist/tomcat/tomcat-6";>Archives</a>
</div>
@@ -251,12 +251,12 @@
</div>
-<h3 id="6.0.37">6.0.37</h3>
+<h3 id="6.0.39">6.0.39</h3>
<div class="text">
<p>
Please see the
- <a href="[preferred]tomcat/tomcat-6/v6.0.37/README.html"
rel="nofollow">README</a>
+ <a href="[preferred]tomcat/tomcat-6/v6.0.39/README.html"
rel="nofollow">README</a>
file for packaging information. It explains what every distribution
contains.
</p>
@@ -272,44 +272,44 @@
<li>
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip"
rel="nofollow">zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip.md5";>md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip"
rel="nofollow">zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip.md5";>md5</a>)
</li>
<li>
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz"
rel="nofollow">tar.gz</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz.md5";>md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz"
rel="nofollow">tar.gz</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz.md5";>md5</a>)
</li>
<li>
-<a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip"
rel="nofollow">32-bit Windows zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip.md5";>md5</a>)
+<a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip"
rel="nofollow">32-bit Windows zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip.md5";>md5</a>)
</li>
<li>
-<a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip"
rel="nofollow">64-bit Windows zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip.md5";>md5</a>)
+<a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip"
rel="nofollow">64-bit Windows zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip.md5";>md5</a>)
</li>
<li>
-<a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip"
rel="nofollow">64-bit Itanium Windows zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip.md5";>md5</a>)
+<a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip"
rel="nofollow">64-bit Itanium Windows zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip.md5";>md5</a>)
</li>
<li>
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe"
rel="nofollow">32-bit/64-bit Windows Service Installer</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe.md5";>md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe"
rel="nofollow">32-bit/64-bit Windows Service Installer</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe.md5";>md5</a>)
</li>
</ul>
@@ -321,16 +321,16 @@
<li>
-<a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip"
rel="nofollow">zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip.md5";>md5</a>)
+<a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip"
rel="nofollow">zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip.md5";>md5</a>)
</li>
<li>
-<a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz"
rel="nofollow">tar.gz</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz.md5";>md5</a>)
+<a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz"
rel="nofollow">tar.gz</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz.md5";>md5</a>)
</li>
</ul>
@@ -353,16 +353,16 @@
<li>
-<a
href="[preferred]tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz"
rel="nofollow">tar.gz</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz.md5";>md5</a>)
+<a
href="[preferred]tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz"
rel="nofollow">tar.gz</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz.md5";>md5</a>)
</li>
<li>
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip"
rel="nofollow">zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip.md5";>md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip"
rel="nofollow">zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip.md5";>md5</a>)
</li>
</ul>
Modified: tomcat/site/trunk/docs/index.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/index.html (original)
+++ tomcat/site/trunk/docs/index.html Sun Feb 2 15:26:07 2014
@@ -224,6 +224,35 @@ project logo are trademarks of the Apach
</div>
+<h3 id="Tomcat_6.0.39_Released">
+<span style="float: right;">2014-01-31</span> Tomcat 6.0.39 Released</h3>
+<div class="text">
+
+<p>
+The Apache Tomcat Project is proud to announce the release of version 6.0.39 of
+Apache Tomcat. This release includes a number of security and bug fixes over
+Apache Tomcat 6.0.37. The notable changes include:</p>
+
+<ul>
+
+<li>Various improvements to XML configuration file validation.</li>
+
+<li>Better adherence to RFC2616 for Content-Type and Content-Length headers.
+</li>
+
+<li>Avoid CVE-2013-1571 when generating Javadoc.</li>
+
+</ul>
+
+
+<p style="text-align: center;">
+
+<a href="download-60.cgi">Download</a> |
+<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.39</a>
+
+</p>
+
+</div>
<h3 id="Tomcat_7.0.50_Released">
<span style="float: right;">2014-01-08</span> Tomcat 7.0.50 Released</h3>
<div class="text">
@@ -396,25 +425,6 @@ Tomcat Native.
</p>
</div>
-<h3 id="Tomcat_6.0.37_Released">
-<span style="float: right;">2013-05-03</span> Tomcat 6.0.37 Released</h3>
-<div class="text">
-
-<p>
-The Apache Tomcat Project is proud to announce the release of version 6.0.37 of
-Apache Tomcat. This release includes security and bug fixes over Apache Tomcat
-6.0.36.
-
-</p>
-
-<p style="text-align: center;">
-
-<a href="download-60.cgi">Download</a> |
-<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.37</a>
-
-</p>
-
-</div>
<h3 id="Tomcat_Connectors_1.2.37_Released">
<span style="float: right;">2012-05-31</span> Tomcat Connectors 1.2.37
Released</h3>
<div class="text">
Modified: tomcat/site/trunk/docs/migration-6.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-6.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/migration-6.html (original)
+++ tomcat/site/trunk/docs/migration-6.html Sun Feb 2 15:26:07 2014
@@ -534,7 +534,8 @@ of Apache Tomcat.</p>
"6.0.33":"1158221",
"6.0.35":"1207053",
"6.0.36":"1398690",
- "6.0.37":"1476938"
+ "6.0.37":"1476938",
+ "6.0.39":"1561893",
};
formSubmit.action =
"http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/"; +
@@ -587,8 +588,9 @@ of Apache Tomcat.</p>
<option value="6.0.32">6.0.32</option>
<option value="6.0.33">6.0.33</option>
<option value="6.0.35">6.0.35</option>
- <option value="6.0.36" selected>6.0.36</option>
- <option value="6.0.37">6.0.37</option>
+ <option value="6.0.36">6.0.36</option>
+ <option value="6.0.37" selected>6.0.37</option>
+ <option value="6.0.39">6.0.39</option>
</select>,</label> <label>new version:
<select id="select-r2">
<option value="6.0.0">6.0.0</option>
@@ -614,7 +616,8 @@ of Apache Tomcat.</p>
<option value="6.0.33">6.0.33</option>
<option value="6.0.35">6.0.35</option>
<option value="6.0.36">6.0.36</option>
- <option value="6.0.37" selected>6.0.37</option>
+ <option value="6.0.37">6.0.37</option>
+ <option value="6.0.39" selected>6.0.39</option>
<option value="HEAD">trunk (unreleased)</option>
</select></label>
Modified: tomcat/site/trunk/docs/oldnews-2013.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/oldnews-2013.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/oldnews-2013.html (original)
+++ tomcat/site/trunk/docs/oldnews-2013.html Sun Feb 2 15:26:07 2014
@@ -527,6 +527,25 @@ Full details of these changes, and all t
</p>
</div>
+<h3 id="Tomcat_6.0.37_Released">
+<span style="float: right;">2013-05-03</span> Tomcat 6.0.37 Released</h3>
+<div class="text">
+
+<p>
+The Apache Tomcat Project is proud to announce the release of version 6.0.37 of
+Apache Tomcat. This release includes security and bug fixes over Apache Tomcat
+6.0.36.
+
+</p>
+
+<p style="text-align: center;">
+
+<a href="download-60.cgi">Download</a> |
+<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.37</a>
+
+</p>
+
+</div>
<h3 id="Tomcat_7.0.39_Released">
<span style="float: right;">2013-03-26</span> Tomcat 7.0.39 Released</h3>
<div class="text">
Modified: tomcat/site/trunk/docs/security-6.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-6.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-6.html (original)
+++ tomcat/site/trunk/docs/security-6.html Sun Feb 2 15:26:07 2014
@@ -200,6 +200,9 @@
<a href="#Apache_Tomcat_6.x_vulnerabilities">Apache Tomcat 6.x
vulnerabilities</a>
</li>
<li>
+<a href="#Fixed_in_Apache_Tomcat_6.0.39">Fixed in Apache Tomcat 6.0.39</a>
+</li>
+<li>
<a href="#Fixed_in_Apache_Tomcat_6.0.37">Fixed in Apache Tomcat 6.0.37</a>
</li>
<li>
@@ -297,6 +300,64 @@
</div>
+<h3 id="Fixed_in_Apache_Tomcat_6.0.39">
+<span style="float: right;">released 31 January 2014</span> Fixed in Apache
Tomcat 6.0.39</h3>
+<div class="text">
+
+
+<p>
+<i>Note: The issue below was fixed in Apache Tomcat 6.0.38 but the
+ release vote for the 6.0.38 release candidate did not pass. Therefore,
+ although users must download 6.0.39 to obtain a version that includes a
+ fix for these issues, version 6.0.38 is not included in the list of
+ affected versions.</i>
+</p>
+
+
+<p>
+<strong>Low: Frame injection in documentation Javadoc</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571";
rel="nofollow">CVE-2013-1571</a>
+</p>
+
+
+<p>Tomcat 6 is built with Java 5 which is known to generate Javadoc with a
+ frame injection vulnerability.</p>
+
+
+<p>The published Javadoc on the Apache Tomcat website was fixed the day
+ this issue was announced. The Javadoc generation for releases was fixed
+ in revision <a
href="http://svn.apache.org/viewvc?view=rev&rev=1557724";>1557724</a>.</p>
+
+
+<p>This issue was published by Oracle on 18 June 2013.</p>
+
+
+<p>Affects: 6.0.0-6.0.37</p>
+
+
+<p>
+<strong>Important: Denial of service</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544";
rel="nofollow">CVE-2012-3544</a>
+</p>
+
+
+<p>When processing a request submitted using the chunked transfer encoding,
+ Tomcat ignored but did not limit any extensions that were included. This
+ allows a client to perform a limited DOS by streaming an unlimited
+ amount of data to the server.</p>
+
+
+<p>This was fixed in revision <a
href="http://svn.apache.org/viewvc?view=rev&rev=1476592";>1476592</a>.</p>
+
+
+<p>This issue was reported to the Tomcat security team on 10 November 2011
+ and made public on 10 May 2013.</p>
+
+
+<p>Affects: 6.0.0-6.0.36</p>
+
+
+</div>
<h3 id="Fixed_in_Apache_Tomcat_6.0.37">
<span style="float: right;">released 3 May 2013</span> Fixed in Apache Tomcat
6.0.37</h3>
<div class="text">
Modified: tomcat/site/trunk/docs/whichversion.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/whichversion.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/whichversion.html (original)
+++ tomcat/site/trunk/docs/whichversion.html Sun Feb 2 15:26:07 2014
@@ -253,7 +253,7 @@ mapping between the specifications and t
<td>2.1</td>
<td>N/A</td>
<td>6.0.x</td>
- <td>6.0.37</td>
+ <td>6.0.39</td>
<td>1.5</td>
</tr>
Modified: tomcat/site/trunk/xdocs/doap_Tomcat.rdf
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/doap_Tomcat.rdf?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/doap_Tomcat.rdf (original)
+++ tomcat/site/trunk/xdocs/doap_Tomcat.rdf Sun Feb 2 15:26:07 2014
@@ -71,8 +71,8 @@
<release>
<Version>
<name>Latest Stable 6.0.x Release</name>
- <created>2013-05-03</created>
- <revision>6.0.37</revision>
+ <created>2013-01-31</created>
+ <revision>6.0.39</revision>
</Version>
</release>
<repository>
Modified: tomcat/site/trunk/xdocs/download-60.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/download-60.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/download-60.xml (original)
+++ tomcat/site/trunk/xdocs/download-60.xml Sun Feb 2 15:26:07 2014
@@ -15,8 +15,8 @@
<!-- Begin quick navigation section -->
<section name="Quick Navigation">
<a href="https://www.apache.org/dist/tomcat/tomcat-6/KEYS";>KEYS</a> |
- <a href="#6.0.37">6.0.37</a> |
- <a href="[preferred]tomcat/tomcat-6/v6.0.37" rel="nofollow">Browse</a>
|
+ <a href="#6.0.39">6.0.39</a> |
+ <a href="[preferred]tomcat/tomcat-6/v6.0.39" rel="nofollow">Browse</a>
|
<a href="http://archive.apache.org/dist/tomcat/tomcat-6";>Archives</a>
</section>
<!-- End quick navigation section -->
@@ -58,11 +58,11 @@
</section>
<!-- End mirrors section -->
- <!-- Begin 6.0.37 section -->
- <section name="6.0.37">
+ <!-- Begin 6.0.39 section -->
+ <section name="6.0.39">
<p>
Please see the
- <a href="[preferred]tomcat/tomcat-6/v6.0.37/README.html"
rel="nofollow">README</a>
+ <a href="[preferred]tomcat/tomcat-6/v6.0.39/README.html"
rel="nofollow">README</a>
file for packaging information. It explains what every distribution
contains.
</p>
@@ -71,74 +71,74 @@
<li>Core:
<ul>
<li>
- <a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip"
rel="nofollow">zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip.md5";>md5</a>)
+ <a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip"
rel="nofollow">zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip.md5";>md5</a>)
</li>
<li>
- <a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz"
rel="nofollow">tar.gz</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz.md5";>md5</a>)
+ <a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz"
rel="nofollow">tar.gz</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz.md5";>md5</a>)
</li>
<li>
- <a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip"
rel="nofollow">32-bit Windows zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip.md5";>md5</a>)
+ <a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip"
rel="nofollow">32-bit Windows zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip.md5";>md5</a>)
</li>
<li>
- <a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip"
rel="nofollow">64-bit Windows zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip.md5";>md5</a>)
+ <a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip"
rel="nofollow">64-bit Windows zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip.md5";>md5</a>)
</li>
<li>
- <a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip"
rel="nofollow">64-bit Itanium Windows zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip.md5";>md5</a>)
+ <a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip"
rel="nofollow">64-bit Itanium Windows zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip.md5";>md5</a>)
</li>
<li>
- <a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe"
rel="nofollow">32-bit/64-bit Windows Service Installer</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe.md5";>md5</a>)
+ <a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe"
rel="nofollow">32-bit/64-bit Windows Service Installer</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe.md5";>md5</a>)
</li>
</ul>
</li>
<li>Deployer:
<ul>
<li>
- <a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip"
rel="nofollow">zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip.md5";>md5</a>)
+ <a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip"
rel="nofollow">zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip.md5";>md5</a>)
</li>
<li>
- <a
href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz"
rel="nofollow">tar.gz</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz.md5";>md5</a>)
+ <a
href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz"
rel="nofollow">tar.gz</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz.md5";>md5</a>)
</li>
</ul>
</li>
</ul>
</subsection>
- <!-- End of 6.0.37 binary section -->
+ <!-- End of 6.0.39 binary section -->
- <!-- Begin 6.0.37 source section -->
+ <!-- Begin 6.0.39 source section -->
<subsection name="Source Code Distributions">
<ul>
<li>
- <a
href="[preferred]tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz"
rel="nofollow">tar.gz</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz.md5";>md5</a>)
+ <a
href="[preferred]tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz"
rel="nofollow">tar.gz</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz.md5";>md5</a>)
</li>
<li>
- <a
href="[preferred]tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip"
rel="nofollow">zip</a>
- (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip.asc";>pgp</a>,
- <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip.md5";>md5</a>)
+ <a
href="[preferred]tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip"
rel="nofollow">zip</a>
+ (<a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip.asc";>pgp</a>,
+ <a
href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip.md5";>md5</a>)
</li>
</ul>
</subsection>
- <!-- End 6.0.37 source section -->
+ <!-- End 6.0.39 source section -->
</section>
- <!-- End 6.0.37 section -->
+ <!-- End 6.0.39 section -->
</body>
</document>
Modified: tomcat/site/trunk/xdocs/index.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/index.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/index.xml (original)
+++ tomcat/site/trunk/xdocs/index.xml Sun Feb 2 15:26:07 2014
@@ -37,6 +37,24 @@ project logo are trademarks of the Apach
</section>
+<section name="Tomcat 6.0.39 Released" rtext="2014-01-31">
+<p>
+The Apache Tomcat Project is proud to announce the release of version 6.0.39 of
+Apache Tomcat. This release includes a number of security and bug fixes over
+Apache Tomcat 6.0.37. The notable changes include:</p>
+<ul>
+<li>Various improvements to XML configuration file validation.</li>
+<li>Better adherence to RFC2616 for Content-Type and Content-Length headers.
+</li>
+<li>Avoid CVE-2013-1571 when generating Javadoc.</li>
+</ul>
+
+<p style="text-align: center;">
+<a href="download-60.cgi">Download</a> |
+<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.39</a>
+</p>
+</section>
+
<section name="Tomcat 7.0.50 Released" rtext="2014-01-08">
<p>
The Apache Tomcat Project is proud to announce the release of version 7.0.50 of
@@ -154,19 +172,6 @@ Tomcat Native.
</p>
</section>
-<section name="Tomcat 6.0.37 Released" rtext="2013-05-03">
-<p>
-The Apache Tomcat Project is proud to announce the release of version 6.0.37 of
-Apache Tomcat. This release includes security and bug fixes over Apache Tomcat
-6.0.36.
-
-</p>
-<p style="text-align: center;">
-<a href="download-60.cgi">Download</a> |
-<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.37</a>
-</p>
-</section>
-
<section name="Tomcat Connectors 1.2.37 Released" rtext="2012-05-31">
<p>
The Apache Tomcat Project is proud to announce the release of version 1.2.37 of
Modified: tomcat/site/trunk/xdocs/migration-6.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/migration-6.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/migration-6.xml (original)
+++ tomcat/site/trunk/xdocs/migration-6.xml Sun Feb 2 15:26:07 2014
@@ -211,7 +211,8 @@ of Apache Tomcat.</p>
"6.0.33":"1158221",
"6.0.35":"1207053",
"6.0.36":"1398690",
- "6.0.37":"1476938"
+ "6.0.37":"1476938",
+ "6.0.39":"1561893",
};
formSubmit.action =
"http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/"; +
@@ -259,8 +260,9 @@ of Apache Tomcat.</p>
<option value="6.0.32">6.0.32</option>
<option value="6.0.33">6.0.33</option>
<option value="6.0.35">6.0.35</option>
- <option value="6.0.36" selected="selected">6.0.36</option>
- <option value="6.0.37">6.0.37</option>
+ <option value="6.0.36">6.0.36</option>
+ <option value="6.0.37" selected="selected">6.0.37</option>
+ <option value="6.0.39">6.0.39</option>
</select>,</label> <label>new version:
<select id="select-r2">
<option value="6.0.0">6.0.0</option>
@@ -286,7 +288,8 @@ of Apache Tomcat.</p>
<option value="6.0.33">6.0.33</option>
<option value="6.0.35">6.0.35</option>
<option value="6.0.36">6.0.36</option>
- <option value="6.0.37" selected="selected">6.0.37</option>
+ <option value="6.0.37">6.0.37</option>
+ <option value="6.0.39" selected="selected">6.0.39</option>
<option value="HEAD">trunk (unreleased)</option>
</select></label>
</p>
Modified: tomcat/site/trunk/xdocs/oldnews-2013.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/oldnews-2013.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/oldnews-2013.xml (original)
+++ tomcat/site/trunk/xdocs/oldnews-2013.xml Sun Feb 2 15:26:07 2014
@@ -247,6 +247,19 @@ Full details of these changes, and all t
</p>
</section>
+<section name="Tomcat 6.0.37 Released" rtext="2013-05-03">
+<p>
+The Apache Tomcat Project is proud to announce the release of version 6.0.37 of
+Apache Tomcat. This release includes security and bug fixes over Apache Tomcat
+6.0.36.
+
+</p>
+<p style="text-align: center;">
+<a href="download-60.cgi">Download</a> |
+<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.37</a>
+</p>
+</section>
+
<section name="Tomcat 7.0.39 Released" rtext="2013-03-26">
<p>
The Apache Tomcat Project is proud to announce the release of version 7.0.39 of
Modified: tomcat/site/trunk/xdocs/security-6.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-6.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-6.xml (original)
+++ tomcat/site/trunk/xdocs/security-6.xml Sun Feb 2 15:26:07 2014
@@ -49,6 +49,45 @@
</section>
+ <section name="Fixed in Apache Tomcat 6.0.39" rtext="released 31 January
2014">
+
+ <p><i>Note: The issue below was fixed in Apache Tomcat 6.0.38 but the
+ release vote for the 6.0.38 release candidate did not pass. Therefore,
+ although users must download 6.0.39 to obtain a version that includes a
+ fix for these issues, version 6.0.38 is not included in the list of
+ affected versions.</i></p>
+
+ <p><strong>Low: Frame injection in documentation Javadoc</strong>
+ <cve>CVE-2013-1571</cve></p>
+
+ <p>Tomcat 6 is built with Java 5 which is known to generate Javadoc with a
+ frame injection vulnerability.</p>
+
+ <p>The published Javadoc on the Apache Tomcat website was fixed the day
+ this issue was announced. The Javadoc generation for releases was fixed
+ in revision <revlink rev="1557724">1557724</revlink>.</p>
+
+ <p>This issue was published by Oracle on 18 June 2013.</p>
+
+ <p>Affects: 6.0.0-6.0.37</p>
+
+ <p><strong>Important: Denial of service</strong>
+ <cve>CVE-2012-3544</cve></p>
+
+ <p>When processing a request submitted using the chunked transfer encoding,
+ Tomcat ignored but did not limit any extensions that were included. This
+ allows a client to perform a limited DOS by streaming an unlimited
+ amount of data to the server.</p>
+
+ <p>This was fixed in revision <revlink rev="1476592">1476592</revlink>.</p>
+
+ <p>This issue was reported to the Tomcat security team on 10 November 2011
+ and made public on 10 May 2013.</p>
+
+ <p>Affects: 6.0.0-6.0.36</p>
+
+ </section>
+
<section name="Fixed in Apache Tomcat 6.0.37" rtext="released 3 May 2013">
<p><strong>Important: Session fixation</strong>
Modified: tomcat/site/trunk/xdocs/whichversion.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/whichversion.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/whichversion.xml (original)
+++ tomcat/site/trunk/xdocs/whichversion.xml Sun Feb 2 15:26:07 2014
@@ -55,7 +55,7 @@ mapping between the specifications and t
<td>2.1</td>
<td>N/A</td>
<td>6.0.x</td>
- <td>6.0.37</td>
+ <td>6.0.39</td>
<td>1.5</td>
</tr>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
