- up to 7.0.70; add patch that fixes CVE-2016-5388 auto/th/tomcat-7.0.70-1
authorArkadiusz Miśkiewicz <arekm@maven.pl>
Tue, 19 Jul 2016 13:56:42 +0000 (15:56 +0200)
committerArkadiusz Miśkiewicz <arekm@maven.pl>
Tue, 19 Jul 2016 13:56:42 +0000 (15:56 +0200)
tomcat-CVE-2016-5388.patch [new file with mode: 0644]
tomcat-build.patch [new file with mode: 0644]
tomcat.spec

diff --git a/tomcat-CVE-2016-5388.patch b/tomcat-CVE-2016-5388.patch
new file mode 100644 (file)
index 0000000..d856006
--- /dev/null
@@ -0,0 +1,12 @@
+--- apache-tomcat-7.0.70-src/java/org/apache/catalina/servlets/CGIServlet.java.orig    2016-06-15 18:45:50.000000000 +0200
++++ apache-tomcat-7.0.70-src/java/org/apache/catalina/servlets/CGIServlet.java 2016-07-19 15:35:56.656316104 +0200
+@@ -1107,7 +1107,8 @@ public final class CGIServlet extends Ht
+                 //REMIND: change character set
+                 //REMIND: I forgot what the previous REMIND means
+                 if ("AUTHORIZATION".equalsIgnoreCase(header) ||
+-                    "PROXY_AUTHORIZATION".equalsIgnoreCase(header)) {
++                    "PROXY_AUTHORIZATION".equalsIgnoreCase(header) ||
++                    "PROXY".equalsIgnoreCase(header)) {
+                     //NOOP per CGI specification section 11.2
+                 } else {
+                     envp.put("HTTP_" + header.replace('-', '_'),
diff --git a/tomcat-build.patch b/tomcat-build.patch
new file mode 100644 (file)
index 0000000..403779e
--- /dev/null
@@ -0,0 +1,33 @@
+--- apache-tomcat-7.0.70-src/build.xml~        2016-07-19 15:43:44.000000000 +0200
++++ apache-tomcat-7.0.70-src/build.xml 2016-07-19 15:48:19.615551746 +0200
+@@ -1836,7 +1836,7 @@ Apache Tomcat ${version} native binaries
+       encoding="ISO-8859-1"
+       docencoding="ISO-8859-1"
+       charset="ISO-8859-1"
+-      additionalparam="-breakiterator -notimestamp"
++      additionalparam="-Xdoclint:none -breakiterator -notimestamp"
+       maxmemory="512m"
+       failonerror="true"
+       executable="${java.7.home}/bin/javadoc">
+--- apache-tomcat-7.0.70-src/build.xml~        2016-07-19 15:48:55.000000000 +0200
++++ apache-tomcat-7.0.70-src/build.xml 2016-07-19 15:52:07.842156930 +0200
+@@ -1857,7 +1857,7 @@ Apache Tomcat ${version} native binaries
+       encoding="ISO-8859-1"
+       docencoding="ISO-8859-1"
+       charset="ISO-8859-1"
+-      additionalparam="-breakiterator -notimestamp"
++      additionalparam="-Xdoclint:none -breakiterator -notimestamp"
+       maxmemory="512m"
+       failonerror="true"
+       executable="${java.7.home}/bin/javadoc">
+--- apache-tomcat-7.0.70-src/build.xml~        2016-07-19 15:52:27.000000000 +0200
++++ apache-tomcat-7.0.70-src/build.xml 2016-07-19 15:53:28.337957151 +0200
+@@ -1919,7 +1919,7 @@ Apache Tomcat ${version} native binaries
+       encoding="ISO-8859-1"
+       docencoding="ISO-8859-1"
+       charset="ISO-8859-1"
+-      additionalparam="-breakiterator -notimestamp"
++      additionalparam="-Xdoclint:none -breakiterator -notimestamp"
+       maxmemory="512m"
+       failonerror="true"
+       executable="${java.7.home}/bin/javadoc">
index fd824c601788cd4fff01f552517f7b2f0d1863b1..40284e772c61b7210acf26dc81006cf9e64fdac4 100644 (file)
 Summary:       Web server and Servlet/JSP Engine, RI for Servlet %{servletapiver}/JSP %{jspapiver} API
 Summary(pl.UTF-8):     Serwer www i silnik Servlet/JSP będący wzorcową implementacją API Servlet %{servletapiver}/JSP %{jspapiver}
 Name:          tomcat
-Version:       7.0.69
+Version:       7.0.70
 Release:       1
 License:       Apache v2.0
 Group:         Networking/Daemons/Java
 Source0:       http://www.apache.org/dist/tomcat/tomcat-7/v%{version}/src/apache-%{name}-%{version}-src.tar.gz
-# Source0-md5: c055311b06f3f314b7cf7932ab31bd4a
+# Source0-md5: 0f56c888df5002cce25fce91634a65c9
 Source1:       apache-%{name}.init
 Source2:       apache-%{name}.sysconfig
 Source3:       %{name}-build.properties
@@ -40,6 +40,8 @@ Patch3:               %{name}-catalina.policy-javadir.patch
 Patch4:                %{name}-userdir.patch
 Patch5:                logging.patch
 Patch6:                jcl.patch
+Patch7:                %{name}-build.patch
+Patch8:                tomcat-CVE-2016-5388.patch
 Patch100:      jcl-build.xml.patch
 URL:           http://tomcat.apache.org/
 BuildRequires: ant >= 1.5.3
@@ -269,6 +271,8 @@ javax.servlet.http, javax.servlet.jsp i java.servlet.jsp.tagext).
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+%patch7 -p1
+%patch8 -p1
 
 # Prepare java-commmons-logging sources
 install -d output/extras/logging
This page took 0.114959 seconds and 4 git commands to generate.