This is an automated email from the git hooks/post-receive script. ebourg-guest pushed a commit to branch master in repository tomcat8.
commit 57954cb2e973d2b8eb7b77218aa0073ae1a8455c Author: Emmanuel Bourg <[email protected]> Date: Fri Apr 21 00:50:23 2017 +0200 Removed the CVE patches (fixed in this release) --- debian/changelog | 8 ++ debian/patches/CVE-2017-5647.patch | 241 ------------------------------------- debian/patches/CVE-2017-5650.patch | 24 ---- debian/patches/CVE-2017-5651.patch | 155 ------------------------ debian/patches/series | 3 - 5 files changed, 8 insertions(+), 423 deletions(-) diff --git a/debian/changelog b/debian/changelog index 5cbb417..872c90b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +tomcat8 (8.5.13-1) UNRELEASED; urgency=medium + + * Team upload. + * New upstream release + - Removed the CVE patches (fixed in this release) + + -- Emmanuel Bourg <[email protected]> Fri, 21 Apr 2017 00:48:06 +0200 + tomcat8 (8.5.12-1) unstable; urgency=medium * Team upload. diff --git a/debian/patches/CVE-2017-5647.patch b/debian/patches/CVE-2017-5647.patch deleted file mode 100644 index e746785..0000000 --- a/debian/patches/CVE-2017-5647.patch +++ /dev/null @@ -1,241 +0,0 @@ -From: Markus Koschany <[email protected]> -Date: Tue, 11 Apr 2017 22:18:52 +0200 -Subject: CVE-2017-5647 - -Bug-Debian: https://bugs.debian.org/860068 -Origin: http://svn.apache.org/r1788932 ---- - java/org/apache/coyote/AbstractProtocol.java | 7 ++-- - java/org/apache/coyote/http11/Http11Processor.java | 12 ++++++- - java/org/apache/tomcat/util/net/AprEndpoint.java | 35 +++++++++++++------ - java/org/apache/tomcat/util/net/Nio2Endpoint.java | 25 +++++++++----- - java/org/apache/tomcat/util/net/NioEndpoint.java | 26 +++++++++++---- - .../apache/tomcat/util/net/SendfileDataBase.java | 6 ++-- - .../tomcat/util/net/SendfileKeepAliveState.java | 39 ++++++++++++++++++++++ - 7 files changed, 116 insertions(+), 34 deletions(-) - create mode 100644 java/org/apache/tomcat/util/net/SendfileKeepAliveState.java - ---- a/java/org/apache/coyote/AbstractProtocol.java -+++ b/java/org/apache/coyote/AbstractProtocol.java -@@ -870,10 +870,9 @@ - wrapper.registerReadInterest(); - } else if (state == SocketState.SENDFILE) { - // Sendfile in progress. If it fails, the socket will be -- // closed. If it works, the socket will be re-added to the -- // poller -- connections.remove(socket); -- release(processor); -+ // closed. If it works, the socket either be added to the -+ // poller (or equivalent) to await more data or processed -+ // if there are any pipe-lined requests remaining. - } else if (state == SocketState.UPGRADED) { - // Don't add sockets back to the poller if this was a - // non-blocking write otherwise the poller may trigger ---- a/java/org/apache/coyote/http11/Http11Processor.java -+++ b/java/org/apache/coyote/http11/Http11Processor.java -@@ -58,6 +58,7 @@ - import org.apache.tomcat.util.net.AbstractEndpoint.Handler.SocketState; - import org.apache.tomcat.util.net.SSLSupport; - import org.apache.tomcat.util.net.SendfileDataBase; -+import org.apache.tomcat.util.net.SendfileKeepAliveState; - import org.apache.tomcat.util.net.SocketWrapperBase; - import org.apache.tomcat.util.res.StringManager; - -@@ -1601,7 +1602,16 @@ - openSocket = keepAlive; - // Do sendfile as needed: add socket to sendfile and end - if (sendfileData != null && !getErrorState().isError()) { -- sendfileData.keepAlive = keepAlive; -+ if (keepAlive) { -+ if (available(false) == 0) { -+ sendfileData.keepAliveState = SendfileKeepAliveState.OPEN; -+ } else { -+ sendfileData.keepAliveState = SendfileKeepAliveState.PIPELINED; -+ } -+ } else { -+ sendfileData.keepAliveState = SendfileKeepAliveState.NONE; -+ } -+ - switch (socketWrapper.processSendfile(sendfileData)) { - case DONE: - // If sendfile is complete, no need to break keep-alive loop ---- a/java/org/apache/tomcat/util/net/AprEndpoint.java -+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java -@@ -2138,20 +2138,33 @@ - state.length -= nw; - if (state.length == 0) { - remove(state); -- if (state.keepAlive) { -+ switch (state.keepAliveState) { -+ case NONE: { -+ // Close the socket since this is -+ // the end of the not keep-alive request. -+ closeSocket(state.socket); -+ break; -+ } -+ case PIPELINED: { - // Destroy file descriptor pool, which should close the file - Pool.destroy(state.fdpool); -- Socket.timeoutSet(state.socket, -- getSoTimeout() * 1000); -- // If all done put the socket back in the -- // poller for processing of further requests -- getPoller().add( -- state.socket, getKeepAliveTimeout(), -+ Socket.timeoutSet(state.socket, getSoTimeout() * 1000); -+ // Process the pipelined request data -+ if (!processSocket(state.socket, SocketEvent.OPEN_READ)) { -+ closeSocket(state.socket); -+ } -+ break; -+ } -+ case OPEN: { -+ // Destroy file descriptor pool, which should close the file -+ Pool.destroy(state.fdpool); -+ Socket.timeoutSet(state.socket, getSoTimeout() * 1000); -+ // Put the socket back in the poller for -+ // processing of further requests -+ getPoller().add(state.socket, getKeepAliveTimeout(), - Poll.APR_POLLIN); -- } else { -- // Close the socket since this is -- // the end of not keep-alive request. -- closeSocket(state.socket); -+ break; -+ } - } - } - } ---- a/java/org/apache/tomcat/util/net/Nio2Endpoint.java -+++ b/java/org/apache/tomcat/util/net/Nio2Endpoint.java -@@ -536,17 +536,24 @@ - } catch (IOException e) { - // Ignore - } -- if (attachment.keepAlive) { -- if (!isInline()) { -+ if (isInline()) { -+ attachment.doneInline = true; -+ } else { -+ switch (attachment.keepAliveState) { -+ case NONE: { -+ getEndpoint().processSocket(Nio2SocketWrapper.this, -+ SocketEvent.DISCONNECT, false); -+ break; -+ } -+ case PIPELINED: { -+ getEndpoint().processSocket(Nio2SocketWrapper.this, -+ SocketEvent.OPEN_READ, true); -+ break; -+ } -+ case OPEN: { - awaitBytes(); -- } else { -- attachment.doneInline = true; -+ break; - } -- } else { -- if (!isInline()) { -- getEndpoint().processSocket(Nio2SocketWrapper.this, SocketEvent.DISCONNECT, false); -- } else { -- attachment.doneInline = true; - } - } - return; ---- a/java/org/apache/tomcat/util/net/NioEndpoint.java -+++ b/java/org/apache/tomcat/util/net/NioEndpoint.java -@@ -924,16 +924,30 @@ - // responsible for registering the socket for the - // appropriate event(s) if sendfile completes. - if (!calledByProcessor) { -- if (sd.keepAlive) { -- if (log.isDebugEnabled()) { -- log.debug("Connection is keep alive, registering back for OP_READ"); -- } -- reg(sk,socketWrapper,SelectionKey.OP_READ); -- } else { -+ switch (sd.keepAliveState) { -+ case NONE: { - if (log.isDebugEnabled()) { - log.debug("Send file connection is being closed"); - } - close(sc, sk); -+ break; -+ } -+ case PIPELINED: { -+ if (log.isDebugEnabled()) { -+ log.debug("Connection is keep alive, processing pipe-lined data"); -+ } -+ if (!processSocket(socketWrapper, SocketEvent.OPEN_READ, true)) { -+ close(sc, sk); -+ } -+ break; -+ } -+ case OPEN: { -+ if (log.isDebugEnabled()) { -+ log.debug("Connection is keep alive, registering back for OP_READ"); -+ } -+ reg(sk,socketWrapper,SelectionKey.OP_READ); -+ break; -+ } - } - } - return SendfileState.DONE; ---- a/java/org/apache/tomcat/util/net/SendfileDataBase.java -+++ b/java/org/apache/tomcat/util/net/SendfileDataBase.java -@@ -21,10 +21,10 @@ - /** - * Is the current request being processed on a keep-alive connection? This - * determines if the socket is closed once the send file completes or if -- * processing continues with the next request on the connection (or waiting -- * for that next request to arrive). -+ * processing continues with the next request on the connection or waiting -+ * for that next request to arrive. - */ -- public boolean keepAlive; -+ public SendfileKeepAliveState keepAliveState = SendfileKeepAliveState.NONE; - - /** - * The full path to the file that contains the data to be written to the ---- /dev/null -+++ b/java/org/apache/tomcat/util/net/SendfileKeepAliveState.java -@@ -0,0 +1,39 @@ -+/* -+ * Licensed to the Apache Software Foundation (ASF) under one or more -+ * contributor license agreements. See the NOTICE file distributed with -+ * this work for additional information regarding copyright ownership. -+ * The ASF licenses this file to You under the Apache License, Version 2.0 -+ * (the "License"); you may not use this file except in compliance with -+ * the License. You may obtain a copy of the License at -+ * -+ * http://www.apache.org/licenses/LICENSE-2.0 -+ * -+ * Unless required by applicable law or agreed to in writing, software -+ * distributed under the License is distributed on an "AS IS" BASIS, -+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -+ * See the License for the specific language governing permissions and -+ * limitations under the License. -+ */ -+package org.apache.tomcat.util.net; -+ -+public enum SendfileKeepAliveState { -+ -+ /** -+ * Keep-alive is not in use. The socket can be closed when the response has -+ * been written. -+ */ -+ NONE, -+ -+ /** -+ * Keep-alive is in use and there is pipelined data in the input buffer to -+ * be read as soon as the current response has been written. -+ */ -+ PIPELINED, -+ -+ /** -+ * Keep-alive is in use. The socket should be added to the poller (or -+ * equivalent) to await more data as soon as the current response has been -+ * written. -+ */ -+ OPEN -+} diff --git a/debian/patches/CVE-2017-5650.patch b/debian/patches/CVE-2017-5650.patch deleted file mode 100644 index 74a8862..0000000 --- a/debian/patches/CVE-2017-5650.patch +++ /dev/null @@ -1,24 +0,0 @@ -From: Markus Koschany <[email protected]> -Date: Wed, 12 Apr 2017 00:00:50 +0200 -Subject: CVE-2017-5650 - -Bug-Debian: https://bugs.debian.org/860068 -Origin: http://svn.apache.org/r1788480 ---- - java/org/apache/coyote/http2/Http2UpgradeHandler.java | 5 +++++ - 1 file changed, 5 insertions(+) - ---- a/java/org/apache/coyote/http2/Http2UpgradeHandler.java -+++ b/java/org/apache/coyote/http2/Http2UpgradeHandler.java -@@ -983,6 +983,11 @@ - - private void close() { - connectionState.set(ConnectionState.CLOSED); -+ for (Stream stream : streams.values()) { -+ // The connection is closing. Close the associated streams as no -+ // longer required. -+ stream.receiveReset(Http2Error.CANCEL.getCode()); -+ } - try { - socketWrapper.close(); - } catch (IOException ioe) { diff --git a/debian/patches/CVE-2017-5651.patch b/debian/patches/CVE-2017-5651.patch deleted file mode 100644 index e737f68..0000000 --- a/debian/patches/CVE-2017-5651.patch +++ /dev/null @@ -1,155 +0,0 @@ -From: Markus Koschany <[email protected]> -Date: Wed, 12 Apr 2017 00:11:24 +0200 -Subject: CVE-2017-5651 - -Bug-Debian: https://bugs.debian.org/860068 -Origin: http://svn.apache.org/r1788546 ---- - java/org/apache/coyote/http11/Http11Processor.java | 52 ++++++++++------------ - 1 file changed, 24 insertions(+), 28 deletions(-) - ---- a/java/org/apache/coyote/http11/Http11Processor.java -+++ b/java/org/apache/coyote/http11/Http11Processor.java -@@ -58,6 +58,7 @@ - import org.apache.tomcat.util.net.AbstractEndpoint.Handler.SocketState; - import org.apache.tomcat.util.net.SSLSupport; - import org.apache.tomcat.util.net.SendfileDataBase; -+import org.apache.tomcat.util.net.SendfileState; - import org.apache.tomcat.util.net.SendfileKeepAliveState; - import org.apache.tomcat.util.net.SocketWrapperBase; - import org.apache.tomcat.util.res.StringManager; -@@ -659,9 +660,10 @@ - openSocket = false; - readComplete = true; - boolean keptAlive = false; -+ SendfileState sendfileState = SendfileState.DONE; - -- while (!getErrorState().isError() && keepAlive && !isAsync() && -- upgradeToken == null && !endpoint.isPaused()) { -+ while (!getErrorState().isError() && keepAlive && !isAsync() && upgradeToken == null && -+ sendfileState == SendfileState.DONE && !endpoint.isPaused()) { - - // Parsing the request header - try { -@@ -850,9 +852,7 @@ - - rp.setStage(org.apache.coyote.Constants.STAGE_KEEPALIVE); - -- if (breakKeepAliveLoop(socketWrapper)) { -- break; -- } -+ sendfileState = processSendfile(socketWrapper); - } - - rp.setStage(org.apache.coyote.Constants.STAGE_ENDED); -@@ -864,7 +864,7 @@ - } else if (isUpgrade()) { - return SocketState.UPGRADING; - } else { -- if (sendfileData != null) { -+ if (sendfileState == SendfileState.PENDING) { - return SocketState.SENDFILE; - } else { - if (openSocket) { -@@ -940,7 +940,6 @@ - http11 = true; - http09 = false; - contentDelimitation = false; -- sendfileData = null; - - if (endpoint.isSSLEnabled()) { - request.scheme().setString("https"); -@@ -1147,15 +1146,14 @@ - } - - // Sendfile support -- boolean sendingWithSendfile = false; - if (endpoint.getUseSendfile()) { -- sendingWithSendfile = prepareSendfile(outputFilters); -+ prepareSendfile(outputFilters); - } - - // Check for compression - boolean isCompressable = false; - boolean useCompression = false; -- if (entityBody && (compressionLevel > 0) && !sendingWithSendfile) { -+ if (entityBody && (compressionLevel > 0) && sendfileData == null) { - isCompressable = isCompressable(); - if (isCompressable) { - useCompression = useCompression(); -@@ -1297,10 +1295,12 @@ - return connection.equals(Constants.CLOSE); - } - -- private boolean prepareSendfile(OutputFilter[] outputFilters) { -+ private void prepareSendfile(OutputFilter[] outputFilters) { - String fileName = (String) request.getAttribute( - org.apache.coyote.Constants.SENDFILE_FILENAME_ATTR); -- if (fileName != null) { -+ if (fileName == null) { -+ sendfileData = null; -+ } else { - // No entity body sent here - outputBuffer.addActiveFilter(outputFilters[Constants.VOID_FILTER]); - contentDelimitation = true; -@@ -1309,9 +1309,7 @@ - long end = ((Long) request.getAttribute( - org.apache.coyote.Constants.SENDFILE_FILE_END_ATTR)).longValue(); - sendfileData = socketWrapper.createSendfileData(fileName, pos, end - pos); -- return true; - } -- return false; - } - - /** -@@ -1592,14 +1590,15 @@ - - - /** -- * Checks to see if the keep-alive loop should be broken, performing any -- * processing (e.g. sendfile handling) that may have an impact on whether -- * or not the keep-alive loop should be broken. - * -- * @return true if the keep-alive loop should be broken -+ * Trigger sendfile processing if required. -+ * -+ * @return The state of send file processing - */ -- private boolean breakKeepAliveLoop(SocketWrapperBase<?> socketWrapper) { -+ private SendfileState processSendfile(SocketWrapperBase<?> socketWrapper) { - openSocket = keepAlive; -+ // Done is equivalent to sendfile not being used -+ SendfileState result = SendfileState.DONE; - // Do sendfile as needed: add socket to sendfile and end - if (sendfileData != null && !getErrorState().isError()) { - if (keepAlive) { -@@ -1612,23 +1611,20 @@ - sendfileData.keepAliveState = SendfileKeepAliveState.NONE; - } - -- switch (socketWrapper.processSendfile(sendfileData)) { -- case DONE: -- // If sendfile is complete, no need to break keep-alive loop -- sendfileData = null; -- return false; -- case PENDING: -- return true; -+ result = socketWrapper.processSendfile(sendfileData); -+ switch (result) { - case ERROR: - // Write failed - if (log.isDebugEnabled()) { - log.debug(sm.getString("http11processor.sendfile.error")); - } - setErrorState(ErrorState.CLOSE_CONNECTION_NOW, null); -- return true; -+ //$FALL-THROUGH$ -+ default: -+ sendfileData = null; - } - } -- return false; -+ return result; - } - - diff --git a/debian/patches/series b/debian/patches/series index 8aabbe8..1b36989 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -8,6 +8,3 @@ 0018-fix-manager-webapp.patch 0019-add-distribution-to-error-page.patch 0021-dont-test-unsupported-ciphers.patch -CVE-2017-5647.patch -CVE-2017-5650.patch -CVE-2017-5651.patch -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tomcat8.git _______________________________________________ pkg-java-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits
