Author: tmancill Date: 2011-07-22 05:00:18 +0000 (Fri, 22 Jul 2011) New Revision: 13873
Added: trunk/tomcat6/debian/patches/0012-CVE-2011-2204.patch Modified: trunk/tomcat6/debian/patches/series Log: commit patch for CVE-2011-2204 Added: trunk/tomcat6/debian/patches/0012-CVE-2011-2204.patch =================================================================== --- trunk/tomcat6/debian/patches/0012-CVE-2011-2204.patch (rev 0) +++ trunk/tomcat6/debian/patches/0012-CVE-2011-2204.patch 2011-07-22 05:00:18 UTC (rev 13873) @@ -0,0 +1,170 @@ +From: tony mancill <tmanc...@debian.org> +Date: Wed Jul 06 21:21:17 PDT 2011 +Subject: CVE-2011-2204 +Source: upstream, http://svn.apache.org/viewvc?view=revision&revision=1140071 +Forwarded: not-needed + +Index: tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUser.java +=================================================================== +--- a/java/org/apache/catalina/users/MemoryUser.java (revision 1140070) ++++ b/java/org/apache/catalina/users/MemoryUser.java (revision 1140071) +@@ -246,7 +246,7 @@ + * <code>username</code> or </code>name</code> for the username + * property.</p> + */ +- public String toString() { ++ public String toXml() { + + StringBuffer sb = new StringBuffer("<user username=\""); + sb.append(RequestUtil.filter(username)); +@@ -293,5 +293,52 @@ + + } + ++ /** ++ * <p>Return a String representation of this user.</p> ++ */ ++ @Override ++ public String toString() { + ++ StringBuilder sb = new StringBuilder("User username=\""); ++ sb.append(RequestUtil.filter(username)); ++ sb.append("\""); ++ if (fullName != null) { ++ sb.append(", fullName=\""); ++ sb.append(RequestUtil.filter(fullName)); ++ sb.append("\""); ++ } ++ synchronized (groups) { ++ if (groups.size() > 0) { ++ sb.append(", groups=\""); ++ int n = 0; ++ Iterator<Group> values = groups.iterator(); ++ while (values.hasNext()) { ++ if (n > 0) { ++ sb.append(','); ++ } ++ n++; ++ sb.append(RequestUtil.filter(values.next().getGroupname())); ++ } ++ sb.append("\""); ++ } ++ } ++ synchronized (roles) { ++ if (roles.size() > 0) { ++ sb.append(", roles=\""); ++ int n = 0; ++ Iterator<Role> values = roles.iterator(); ++ while (values.hasNext()) { ++ if (n > 0) { ++ sb.append(','); ++ } ++ n++; ++ sb.append(RequestUtil.filter(values.next().getRolename())); ++ } ++ sb.append("\""); ++ } ++ } ++ return (sb.toString()); ++ } ++ ++ + } +Index: tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java +=================================================================== +--- a/java/org/apache/catalina/users/MemoryUserDatabase.java (revision 1140070) ++++ b/java/org/apache/catalina/users/MemoryUserDatabase.java (revision 1140071) +@@ -549,7 +549,7 @@ + values = getUsers(); + while (values.hasNext()) { + writer.print(" "); +- writer.println(values.next()); ++ writer.println(((MemoryUser) values.next()).toXml()); + } + + // Print the file epilog +Index: tc6.0.x/trunk/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java +=================================================================== +--- a/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java (revision 1140070) ++++ b/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java (revision 1140071) +@@ -180,7 +180,7 @@ + MBeanUtils.createMBean(group); + } catch (Exception e) { + IllegalArgumentException iae = new IllegalArgumentException +- ("Exception creating group " + group + " MBean"); ++ ("Exception creating group [" + groupname + "] MBean"); + iae.initCause(e); + throw iae; + } +@@ -203,7 +203,7 @@ + MBeanUtils.createMBean(role); + } catch (Exception e) { + IllegalArgumentException iae = new IllegalArgumentException +- ("Exception creating role " + role + " MBean"); ++ ("Exception creating role [" + rolename + "] MBean"); + iae.initCause(e); + throw iae; + } +@@ -228,7 +228,7 @@ + MBeanUtils.createMBean(user); + } catch (Exception e) { + IllegalArgumentException iae = new IllegalArgumentException +- ("Exception creating user " + user + " MBean"); ++ ("Exception creating user [" + username + "] MBean"); + iae.initCause(e); + throw iae; + } +@@ -256,7 +256,7 @@ + return (oname.toString()); + } catch (MalformedObjectNameException e) { + IllegalArgumentException iae = new IllegalArgumentException +- ("Cannot create object name for group " + group); ++ ("Cannot create object name for group [" + groupname + "]"); + iae.initCause(e); + throw iae; + } +@@ -283,7 +283,7 @@ + return (oname.toString()); + } catch (MalformedObjectNameException e) { + IllegalArgumentException iae = new IllegalArgumentException +- ("Cannot create object name for role " + role); ++ ("Cannot create object name for role [" + rolename + "]"); + iae.initCause(e); + throw iae; + } +@@ -310,7 +310,7 @@ + return (oname.toString()); + } catch (MalformedObjectNameException e) { + IllegalArgumentException iae = new IllegalArgumentException +- ("Cannot create object name for user " + user); ++ ("Cannot create object name for user [" + username + "]"); + iae.initCause(e); + throw iae; + } +@@ -335,7 +335,7 @@ + database.removeGroup(group); + } catch (Exception e) { + IllegalArgumentException iae = new IllegalArgumentException +- ("Exception destroying group " + group + " MBean"); ++ ("Exception destroying group [" + groupname + "] MBean"); + iae.initCause(e); + throw iae; + } +@@ -360,7 +360,7 @@ + database.removeRole(role); + } catch (Exception e) { + IllegalArgumentException iae = new IllegalArgumentException +- ("Exception destroying role " + role + " MBean"); ++ ("Exception destroying role [" + rolename + "] MBean"); + iae.initCause(e); + throw iae; + } +@@ -385,7 +385,7 @@ + database.removeUser(user); + } catch (Exception e) { + IllegalArgumentException iae = new IllegalArgumentException +- ("Exception destroying user " + user + " MBean"); ++ ("Exception destroying user [" + username + "] MBean"); + iae.initCause(e); + throw iae; + } Modified: trunk/tomcat6/debian/patches/series =================================================================== --- trunk/tomcat6/debian/patches/series 2011-07-21 19:32:13 UTC (rev 13872) +++ trunk/tomcat6/debian/patches/series 2011-07-22 05:00:18 UTC (rev 13873) @@ -8,3 +8,4 @@ 0008-add-OSGI-headers-to-jsp-api.patch 0010-Use-java.security.policy-file-in-catalina.sh.patch 0011-623242.patch +0012-CVE-2011-2204.patch _______________________________________________ pkg-java-commits mailing list pkg-java-comm...@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits