commit bdef47f6371f21103933b115ba75680331459214 Author: Arkadiusz Miśkiewicz <ar...@maven.pl> Date: Thu Jul 26 14:25:54 2018 +0200
- up to 7.0.90; fixes CVE-2017-12617 tomcat-build.xml.patch | 25 +++++++++++++++++++++++-- tomcat.spec | 8 ++++---- 2 files changed, 27 insertions(+), 6 deletions(-) --- diff --git a/tomcat.spec b/tomcat.spec index 0a8f854..cb9adc6 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -9,18 +9,18 @@ %define tomcatnatver 1.1.27 # Java Commons Logging version. Must be >= 1.1. -%define jclver 1.1.3 +%define jclver 1.2 %include /usr/lib/rpm/macros.java Summary: Web server and Servlet/JSP Engine, RI for Servlet %{servletapiver}/JSP %{jspapiver} API Summary(pl.UTF-8): Serwer www i silnik Servlet/JSP będący wzorcową implementacją API Servlet %{servletapiver}/JSP %{jspapiver} Name: tomcat -Version: 7.0.88 +Version: 7.0.90 Release: 1 License: Apache v2.0 Group: Networking/Daemons/Java Source0: http://www.apache.org/dist/tomcat/tomcat-7/v%{version}/src/apache-%{name}-%{version}-src.tar.gz -# Source0-md5: 839796dfd31ac436c009006f1f815b10 +# Source0-md5: d5b2197a0a5fcc2101aa54648acab2b2 Source1: apache-%{name}.init Source2: apache-%{name}.sysconfig Source3: %{name}-build.properties @@ -32,7 +32,7 @@ Source14: %{name}-context-examples.xml Source15: %{name}.logrotate Source16: log4j.properties Source100: http://www.apache.org/dist/commons/logging/source/commons-logging-%{jclver}-src.tar.gz -# Source100-md5: e8e197d628436490886d17cffa108fe3 +# Source100-md5: ce977548f1cbf46918e93cd38ac35163 Patch0: %{name}-build.xml.patch Patch1: server.xml-URIEncoding-utf8.patch Patch2: %{name}-LDAPUserDatabase.patch diff --git a/tomcat-build.xml.patch b/tomcat-build.xml.patch index 487f131..52ed244 100644 --- a/tomcat-build.xml.patch +++ b/tomcat-build.xml.patch @@ -27,7 +27,7 @@ if="${test.cobertura}" description="Adds Cobertura instrumentation to the compiled bytecode"> -@@ -1430,52 +1369,10 @@ +@@ -1556,67 +1556,10 @@ <mkdir dir="${tomcat.extras}/webservices"/> </target> @@ -40,30 +40,45 @@ - <param name="sourcefile.2" value="${commons-logging-src.loc.2}"/> - <param name="destfile" value="${commons-logging-src.tar.gz}"/> - <param name="destdir" value="${commons-logging.home}"/> +- <param name="checksum.enabled" value="${commons-logging-src.checksum.enabled}"/> +- <param name="checksum.algorithm" value="${commons-logging-src.checksum.algorithm}"/> +- <param name="checksum.value" value="${commons-logging-src.checksum.value}"/> - </antcall> - - <antcall target="downloadfile"> - <param name="sourcefile" value="${avalon-framework.loc}"/> - <param name="destfile" value="${avalon-framework.jar}"/> - <param name="destdir" value="${avalon-framework.home}"/> +- <param name="checksum.enabled" value="${avalon-framework.checksum.enabled}"/> +- <param name="checksum.algorithm" value="${avalon-framework.checksum.algorithm}"/> +- <param name="checksum.value" value="${avalon-framework.checksum.value}"/> - </antcall> - - <antcall target="downloadfile"> - <param name="sourcefile" value="${log4j.loc}"/> - <param name="destfile" value="${log4j.jar}"/> - <param name="destdir" value="${log4j.home}"/> +- <param name="checksum.enabled" value="${log4j.checksum.enabled}"/> +- <param name="checksum.algorithm" value="${log4j.checksum.algorithm}"/> +- <param name="checksum.value" value="${log4j.checksum.value}"/> - </antcall> - - <antcall target="downloadfile"> - <param name="sourcefile" value="${logkit.loc}"/> - <param name="destfile" value="${logkit.jar}"/> - <param name="destdir" value="${logkit.home}"/> +- <param name="checksum.enabled" value="${logkit.checksum.enabled}"/> +- <param name="checksum.algorithm" value="${logkit.checksum.algorithm}"/> +- <param name="checksum.value" value="${logkit.checksum.value}"/> - </antcall> - - <antcall target="downloadfile"> - <param name="sourcefile" value="${servletapi.loc}"/> - <param name="destfile" value="${servletapi.jar}"/> - <param name="destdir" value="${servletapi.home}"/> +- <param name="checksum.enabled" value="${servletapi.checksum.enabled}"/> +- <param name="checksum.algorithm" value="${servletapi.checksum.algorithm}"/> +- <param name="checksum.value" value="${servletapi.checksum.value}"/> - </antcall> - - </target> @@ -91,7 +106,7 @@ <fileset file="${log4j.jar}" /> <fileset file="${logkit.jar}" /> <fileset file="${servletapi.jar}" /> -@@ -1577,18 +1475,6 @@ +@@ -1660,24 +1660,6 @@ depends="extras-prepare" description="Prepare to build web services extras package"> @@ -99,12 +114,18 @@ - <param name="sourcefile" value="${jaxrpc-lib.loc}"/> - <param name="destfile" value="${jaxrpc-lib.jar}"/> - <param name="destdir" value="${jaxrpc-lib.home}"/> +- <param name="checksum.enabled" value="${jaxrpc-lib.checksum.enabled}"/> +- <param name="checksum.algorithm" value="${jaxrpc-lib.checksum.algorithm}"/> +- <param name="checksum.value" value="${jaxrpc-lib.checksum.value}"/> - </antcall> - - <antcall target="downloadfile"> - <param name="sourcefile" value="${wsdl4j-lib.loc}"/> - <param name="destfile" value="${wsdl4j-lib.jar}"/> - <param name="destdir" value="${wsdl4j-lib.home}"/> +- <param name="checksum.enabled" value="${wsdl4j-lib.checksum.enabled}"/> +- <param name="checksum.algorithm" value="${wsdl4j-lib.checksum.algorithm}"/> +- <param name="checksum.value" value="${wsdl4j-lib.checksum.value}"/> - </antcall> - <copy file="${jaxrpc-lib.jar}" ================================================================ ---- gitweb: http://git.pld-linux.org/gitweb.cgi/packages/tomcat.git/commitdiff/bdef47f6371f21103933b115ba75680331459214 _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit