Author: markt
Date: Fri Feb 21 11:10:22 2020
New Revision: 1874310
URL: http://svn.apache.org/viewvc?rev=1874310&view=rev
Log:
Add Tomcat 10 to security and help pages
Added:
tomcat/site/trunk/docs/security-10.html (with props)
tomcat/site/trunk/xdocs/security-10.xml (with props)
Modified:
tomcat/site/trunk/docs/findhelp.html
tomcat/site/trunk/docs/security.html
tomcat/site/trunk/xdocs/findhelp.xml
tomcat/site/trunk/xdocs/security.xml
Modified: tomcat/site/trunk/docs/findhelp.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/findhelp.html?rev=1874310&r1=1874309&r2=1874310&view=diff
==============================================================================
--- tomcat/site/trunk/docs/findhelp.html (original)
+++ tomcat/site/trunk/docs/findhelp.html Fri Feb 21 11:10:22 2020
@@ -11,7 +11,7 @@ of help are presented in the same order
<p>The first resource to check is the documentation. In addition to the Tomcat
documentation (make sure you check the documentation for the version you are
using) you should also check the relevant Servlet and/or JSP
-<a
href="https://cwiki.apache.org/confluence/display/TOMCAT/Servlet+and+JSP+specifications";>Specification</a>
+<a
href="https://cwiki.apache.org/confluence/display/TOMCAT/Specifications";>Specification</a>
documents. Much of Tomcat's behaviour is determined by these specifications and
the information in them is not typically duplicated in the Tomcat
documentation.</p>
Added: tomcat/site/trunk/docs/security-10.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-10.html?rev=1874310&view=auto
==============================================================================
--- tomcat/site/trunk/docs/security-10.html (added)
+++ tomcat/site/trunk/docs/security-10.html Fri Feb 21 11:10:22 2020
@@ -0,0 +1,52 @@
+<!DOCTYPE html SYSTEM "about:legacy-compat">
+<html lang="en"><head><META http-equiv="Content-Type" content="text/html;
charset=UTF-8"><meta name="viewport" content="width=device-width,
initial-scale=1"><link href="res/css/tomcat.css" rel="stylesheet"
type="text/css"><link href="res/css/fonts/fonts.css" rel="stylesheet"
type="text/css"><title>Apache Tomcat® - Apache Tomcat 10
vulnerabilities</title><meta name="author" content="Apache Tomcat
Project"></head><body><div id="wrapper"><header id="header"><div
class="clearfix"><div class="menu-toggler pull-left" tabindex="1"><div
class="hamburger"></div></div><a href="http://tomcat.apache.org/";><img
class="tomcat-logo pull-left noPrint" alt="Tomcat Home"
src="res/images/tomcat.png"></a><h1 class="pull-left">Apache
Tomcat<sup>®</sup></h1><div class="asf-logos pull-right"><a
href="https://www.apache.org/foundation/contributing.html"; target="_blank"
class="pull-left"><img
src="https://www.apache.org/images/SupportApache-small.png"; class="support-asf"
alt="Support Apache"></a><a
href="http://www.apache.org/"; target="_blank" class="pull-left"><img
src="res/images/asf_logo.svg" class="asf-logo" alt="The Apache Software
Foundation"></a></div></div></header><main id="middle"><div><div
id="mainLeft"><div id="nav-wrapper"><form
action="https://www.google.com/search"; method="get"><div
class="searchbox"><input value="tomcat.apache.org" name="sitesearch"
type="hidden"><input aria-label="Search text" placeholder="Search…"
required="required" name="q" id="query"
type="search"><button>GO</button></div></form><div class="asfevents"><a
href="https://www.apache.org/events/current-event.html";><img
src="https://www.apache.org/events/current-event-234x60.png"; alt="Next ASF
event"><br>
+ Save the date!
+ </a></div><nav><div><h2>Apache Tomcat</h2><ul><li><a
href="./index.html">Home</a></li><li><a
href="./taglibs.html">Taglibs</a></li><li><a href="./maven-plugin.html">Maven
Plugin</a></li></ul></div><div><h2>Download</h2><ul><li><a
href="./whichversion.html">Which version?</a></li><li><a
href="https://tomcat.apache.org/download-90.cgi";>Tomcat 9</a></li><li><a
href="https://tomcat.apache.org/download-80.cgi";>Tomcat 8</a></li><li><a
href="https://tomcat.apache.org/download-70.cgi";>Tomcat 7</a></li><li><a
href="https://tomcat.apache.org/download-connectors.cgi";>Tomcat
Connectors</a></li><li><a
href="https://tomcat.apache.org/download-native.cgi";>Tomcat
Native</a></li><li><a
href="https://tomcat.apache.org/download-taglibs.cgi";>Taglibs</a></li><li><a
href="https://archive.apache.org/dist/tomcat/";>Archives</a></li></ul></div><div><h2>Documentation</h2><ul><li><a
href="./tomcat-9.0-doc/index.html">Tomcat 9.0</a></li><li><a
href="./tomcat-8.5-doc/index.html">Tomcat 8.5</a></li><l
i><a href="./tomcat-7.0-doc/index.html">Tomcat 7.0</a></li><li><a
href="./connectors-doc/">Tomcat Connectors</a></li><li><a
href="./native-doc/">Tomcat Native</a></li><li><a
href="https://cwiki.apache.org/confluence/display/TOMCAT";>Wiki</a></li><li><a
href="./migration.html">Migration Guide</a></li><li><a
href="./presentations.html">Presentations</a></li></ul></div><div><h2>Problems?</h2><ul><li><a
href="./security.html">Security Reports</a></li><li><a
href="./findhelp.html">Find help</a></li><li><a
href="https://cwiki.apache.org/confluence/display/TOMCAT/FAQ";>FAQ</a></li><li><a
href="./lists.html">Mailing Lists</a></li><li><a href="./bugreport.html">Bug
Database</a></li><li><a href="./irc.html">IRC</a></li></ul></div><div><h2>Get
Involved</h2><ul><li><a href="./getinvolved.html">Overview</a></li><li><a
href="./source.html">Source code</a></li><li><a
href="./ci.html">Buildbot</a></li><li><a
href="https://cwiki.apache.org/confluence/x/vIPzBQ";>Translations</a></li><li><a
href="./tools
.html">Tools</a></li></ul></div><div><h2>Media</h2><ul><li><a
href="https://twitter.com/theapachetomcat";>Twitter</a></li><li><a
href="https://www.youtube.com/c/ApacheTomcatOfficial";>YouTube</a></li><li><a
href="https://blogs.apache.org/tomcat/";>Blog</a></li></ul></div><div><h2>Misc</h2><ul><li><a
href="./whoweare.html">Who We Are</a></li><li><a
href="https://www.redbubble.com/people/comdev/works/30885254-apache-tomcat";>Swag</a></li><li><a
href="./heritage.html">Heritage</a></li><li><a
href="http://www.apache.org";>Apache Home</a></li><li><a
href="./resources.html">Resources</a></li><li><a
href="./contact.html">Contact</a></li><li><a
href="./legal.html">Legal</a></li><li><a
href="https://www.apache.org/foundation/contributing.html";>Support
Apache</a></li><li><a
href="https://www.apache.org/foundation/sponsorship.html";>Sponsorship</a></li><li><a
href="http://www.apache.org/foundation/thanks.html";>Thanks</a></li><li><a
href="http://www.apache.org/licenses/";>License</a></li></ul></div></
nav></div></div><div id="mainRight"><div id="content"><h2 style="display:
none;">Content</h2><h3 id="Table_of_Contents">Table of Contents</h3><div
class="text">
+<ul><li><a href="#Apache_Tomcat_10.x_vulnerabilities">Apache Tomcat 10.x
vulnerabilities</a></li><li><a href="#Fixed_in_Apache_Tomcat_10.0.x">Fixed in
Apache Tomcat 10.0.x</a></li></ul>
+</div><h3 id="Apache_Tomcat_10.x_vulnerabilities">Apache Tomcat 10.x
vulnerabilities</h3><div class="text">
+ <p>This page lists all security vulnerabilities fixed in released versions
+ of Apache Tomcat 10.x. Each vulnerability is given a
+ <a href="security-impact.html">security impact rating</a> by the Apache
+ Tomcat security team — please note that this rating may vary from
+ platform to platform. We also list the versions of Apache Tomcat the
flaw
+ is known to affect, and where a flaw has not been verified list the
+ version with a question mark.</p>
+
+ <p><strong>Note:</strong> Vulnerabilities that are not Tomcat
vulnerabilities
+ but have either been incorrectly reported against Tomcat or where Tomcat
+ provides a workaround are listed at the end of this page.</p>
+
+ <p>Please note that binary patches are never provided. If you need to
+ apply a source code patch, use the building instructions for the
+ Apache Tomcat version that you are using. For Tomcat 10.0 those are
+ <a href="/tomcat-10.0-doc/building.html"><code>building.html</code></a>
and
+ <a href="/tomcat-10.0-doc/BUILDING.txt"><code>BUILDING.txt</code></a>.
+ Both files can be found in the <code>webapps/docs</code> subdirectory
+ of a binary distribution. You may also want to review the
+ <a href="/tomcat-10.0-doc/security-howto.html">Security
Considerations</a>
+ page in the documentation.</p>
+
+ <p>If you need help on building or configuring Tomcat or other help on
+ following the instructions to mitigate the known vulnerabilities listed
+ here, please send your questions to the public
+ <a href="lists.html">Tomcat Users mailing list</a>
+ </p>
+
+ <p>If you have encountered an unlisted security vulnerability or other
+ unexpected behaviour that has <a href="security-impact.html">security
+ impact</a>, or if the descriptions here are incomplete,
+ please report them privately to the
+ <a href="security.html">Tomcat Security Team</a>. Thank you.
+ </p>
+
+ </div><h3 id="Fixed_in_Apache_Tomcat_10.0.x">Fixed in Apache Tomcat
10.0.x</h3><div class="text">
+
+ <p>There are currently no known vulnerabilities for Apache Tomcat
10.0.x</p>
+
+ </div></div></div></div></main><footer id="footer">
+ Copyright © 1999-2020, The Apache Software Foundation
+ <br>
+ Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat
+ project logo are either registered trademarks or trademarks of the Apache
+ Software Foundation.
+ </footer></div><script src="res/js/tomcat.js"></script></body></html>
\ No newline at end of file
Propchange: tomcat/site/trunk/docs/security-10.html
------------------------------------------------------------------------------
svn:eol-style = native
Modified: tomcat/site/trunk/docs/security.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security.html?rev=1874310&r1=1874309&r2=1874310&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security.html (original)
+++ tomcat/site/trunk/docs/security.html Fri Feb 21 11:10:22 2020
@@ -19,6 +19,8 @@
<p>Lists of security problems fixed in released versions of Apache Tomcat
are available:</p>
<ul>
+ <li><a href="security-10.html">Apache Tomcat 10.x Security
Vulnerabilities
+ </a></li>
<li><a href="security-9.html">Apache Tomcat 9.x Security Vulnerabilities
</a></li>
<li><a href="security-8.html">Apache Tomcat 8.x Security Vulnerabilities
Modified: tomcat/site/trunk/xdocs/findhelp.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/findhelp.xml?rev=1874310&r1=1874309&r2=1874310&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/findhelp.xml (original)
+++ tomcat/site/trunk/xdocs/findhelp.xml Fri Feb 21 11:10:22 2020
@@ -17,7 +17,7 @@ of help are presented in the same order
<p>The first resource to check is the documentation. In addition to the Tomcat
documentation (make sure you check the documentation for the version you are
using) you should also check the relevant Servlet and/or JSP
-<a
href="https://cwiki.apache.org/confluence/display/TOMCAT/Servlet+and+JSP+specifications";>Specification</a>
+<a
href="https://cwiki.apache.org/confluence/display/TOMCAT/Specifications";>Specification</a>
documents. Much of Tomcat's behaviour is determined by these specifications and
the information in them is not typically duplicated in the Tomcat
documentation.</p>
Added: tomcat/site/trunk/xdocs/security-10.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-10.xml?rev=1874310&view=auto
==============================================================================
--- tomcat/site/trunk/xdocs/security-10.xml (added)
+++ tomcat/site/trunk/xdocs/security-10.xml Fri Feb 21 11:10:22 2020
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+
+ <properties>
+ <author>Apache Tomcat Project</author>
+ <title>Apache Tomcat 10 vulnerabilities</title>
+ </properties>
+
+<body>
+
+<section name="Table of Contents">
+<toc/>
+</section>
+
+ <section name="Apache Tomcat 10.x vulnerabilities">
+ <p>This page lists all security vulnerabilities fixed in released versions
+ of Apache Tomcat 10.x. Each vulnerability is given a
+ <a href="security-impact.html">security impact rating</a> by the Apache
+ Tomcat security team — please note that this rating may vary from
+ platform to platform. We also list the versions of Apache Tomcat the
flaw
+ is known to affect, and where a flaw has not been verified list the
+ version with a question mark.</p>
+
+ <p><strong>Note:</strong> Vulnerabilities that are not Tomcat
vulnerabilities
+ but have either been incorrectly reported against Tomcat or where Tomcat
+ provides a workaround are listed at the end of this page.</p>
+
+ <p>Please note that binary patches are never provided. If you need to
+ apply a source code patch, use the building instructions for the
+ Apache Tomcat version that you are using. For Tomcat 10.0 those are
+ <a href="/tomcat-10.0-doc/building.html"><code>building.html</code></a>
and
+ <a href="/tomcat-10.0-doc/BUILDING.txt"><code>BUILDING.txt</code></a>.
+ Both files can be found in the <code>webapps/docs</code> subdirectory
+ of a binary distribution. You may also want to review the
+ <a href="/tomcat-10.0-doc/security-howto.html">Security
Considerations</a>
+ page in the documentation.</p>
+
+ <p>If you need help on building or configuring Tomcat or other help on
+ following the instructions to mitigate the known vulnerabilities listed
+ here, please send your questions to the public
+ <a href="lists.html">Tomcat Users mailing list</a>
+ </p>
+
+ <p>If you have encountered an unlisted security vulnerability or other
+ unexpected behaviour that has <a href="security-impact.html">security
+ impact</a>, or if the descriptions here are incomplete,
+ please report them privately to the
+ <a href="security.html">Tomcat Security Team</a>. Thank you.
+ </p>
+
+ </section>
+
+ <section name="Fixed in Apache Tomcat 10.0.x">
+
+ <p>There are currently no known vulnerabilities for Apache Tomcat
10.0.x</p>
+
+ </section>
+
+</body>
+</document>
+
Propchange: tomcat/site/trunk/xdocs/security-10.xml
------------------------------------------------------------------------------
svn:eol-style = native
Modified: tomcat/site/trunk/xdocs/security.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security.xml?rev=1874310&r1=1874309&r2=1874310&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security.xml (original)
+++ tomcat/site/trunk/xdocs/security.xml Fri Feb 21 11:10:22 2020
@@ -25,6 +25,8 @@
<p>Lists of security problems fixed in released versions of Apache Tomcat
are available:</p>
<ul>
+ <li><a href="security-10.html">Apache Tomcat 10.x Security
Vulnerabilities
+ </a></li>
<li><a href="security-9.html">Apache Tomcat 9.x Security Vulnerabilities
</a></li>
<li><a href="security-8.html">Apache Tomcat 8.x Security Vulnerabilities
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
![https://www.apache.org/images/SupportApache-small.png"](https://www.apache.org/images/SupportApache-small.png"){kind=link}
![https://www.apache.org/events/current-event-234x60.png"](https://www.apache.org/events/current-event-234x60.png"){kind=link}