- up to 7.0.100; fixes CVE-2019-17563, CVE-2019-12418, CVE-2019-17569, CVE-2020-1935... auto/th/tomcat-7.0.100-1
authorArkadiusz Miśkiewicz <arekm@maven.pl>
Sat, 29 Feb 2020 18:33:54 +0000 (19:33 +0100)
committerArkadiusz Miśkiewicz <arekm@maven.pl>
Sat, 29 Feb 2020 18:33:54 +0000 (19:33 +0100)
jcl.patch
server.xml-URIEncoding-utf8.patch
tomcat-build.patch
tomcat-build.xml.patch
tomcat.spec

index 89c8709ea7fb7a3e94cc0e695fcec95adde8b9af..83cb394943cee6cb1acc25f916a65dbc5a2739d3 100644 (file)
--- a/jcl.patch
+++ b/jcl.patch
@@ -5,12 +5,13 @@ otherwise deps for jcl build don't get set
 
 --- tc7.0.x/build.xml~ 2015-07-26 22:42:44.873164872 +0300
 +++ tc7.0.x/build.xml  2015-07-26 22:53:44.930780044 +0300
-@@ -1613,7 +1613,7 @@
+@@ -1715,7 +1715,7 @@
  
      <ant antfile="${tomcat.extras}/logging/commons-logging-${commons-logging.version}-src/build2.xml"
           dir="${tomcat.extras}/logging/commons-logging-${commons-logging.version}-src"
--         inheritAll="false" target="compile" />
-+         inheritAll="true" target="compile" />
-     <jar jarfile="${tomcat-juli-extras.jar}"
-          manifest="${tomcat.manifests}/default.manifest"
+-         inheritAll="false" target="compile" >
++         inheritAll="true" target="compile" >
+       <property name="source.version" value="${logging.compile.source}" />
+       <property name="target.version" value="${logging.compile.target}" />
+     </ant>
+
index 7c22914a1cb6782b18918ea7fa4d0017c810ada6..0a7f8bc9ce1b51d68f7337a885780ffc4eca8bab 100644 (file)
@@ -18,7 +18,7 @@
                 redirectPort="8443" />
      -->
      <!-- Define a SSL HTTP/1.1 Connector on port 8443
-@@ -86,12 +86,12 @@
+@@ -87,7 +87,7 @@
           documentation -->
      <!--
      <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
                 clientAuth="false" sslProtocol="TLS" />
      -->
  
-     <!-- Define an AJP 1.3 Connector on port 8009 -->
--    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
-+    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" URIEncoding="UTF-8" />
+@@ -96,6 +96,7 @@
+     <Connector protocol="AJP/1.3"
+                address="::1"
+                port="8009"
++               URIEncoding="UTF-8"
+                redirectPort="8443" />
+     -->
  
-     <!-- An Engine represents the entry point (within Catalina) that processes
+
index 0a1afce72326c9eda3e7b64cebef00eb3e87b99c..7dee22546ec35375e1d7cda5850f347a3f485b19 100644 (file)
@@ -1,66 +1,56 @@
---- apache-tomcat-7.0.70-src/build.xml~        2016-07-19 15:43:44.000000000 +0200
-+++ apache-tomcat-7.0.70-src/build.xml 2016-07-19 15:48:19.615551746 +0200
-@@ -1836,7 +1836,7 @@ Apache Tomcat ${version} native binaries
+--- apache-tomcat-7.0.100-src/build.xml~       2020-02-29 19:29:03.000000000 +0100
++++ apache-tomcat-7.0.100-src/build.xml        2020-02-29 19:30:10.956020378 +0100
+@@ -1981,7 +1981,7 @@ Apache Tomcat ${version} native binaries
+       encoding="UTF-8"
+       docencoding="UTF-8"
+       charset="UTF-8"
+-      additionalparam="-breakiterator -notimestamp ${java9.javadoc.options}"
++      additionalparam="-Xdoclint:none -breakiterator -notimestamp ${java9.javadoc.options}"
+       source="${compile.source}"
+       maxmemory="512m"
+       failonerror="true">
+@@ -2002,7 +2002,7 @@ Apache Tomcat ${version} native binaries
        encoding="ISO-8859-1"
        docencoding="ISO-8859-1"
        charset="ISO-8859-1"
--      additionalparam="-breakiterator -notimestamp"
-+      additionalparam="-Xdoclint:none -breakiterator -notimestamp"
+-      additionalparam="-breakiterator -notimestamp ${java9.javadoc.options}"
++      additionalparam="-Xdoclint:none -breakiterator -notimestamp ${java9.javadoc.options}"
+       source="${compile.source}"
        maxmemory="512m"
        failonerror="true"
-       executable="${java.7.home}/bin/javadoc">
---- apache-tomcat-7.0.70-src/build.xml~        2016-07-19 15:48:55.000000000 +0200
-+++ apache-tomcat-7.0.70-src/build.xml 2016-07-19 15:52:07.842156930 +0200
-@@ -1857,7 +1857,7 @@ Apache Tomcat ${version} native binaries
+@@ -2024,7 +2024,7 @@ Apache Tomcat ${version} native binaries
        encoding="ISO-8859-1"
        docencoding="ISO-8859-1"
        charset="ISO-8859-1"
--      additionalparam="-breakiterator -notimestamp"
-+      additionalparam="-Xdoclint:none -breakiterator -notimestamp"
+-      additionalparam="-breakiterator -notimestamp ${java9.javadoc.options}"
++      additionalparam="-Xdoclint:none -breakiterator -notimestamp ${java9.javadoc.options}"
+       source="${compile.source}"
        maxmemory="512m"
        failonerror="true"
-       executable="${java.7.home}/bin/javadoc">
---- apache-tomcat-7.0.70-src/build.xml~        2016-07-19 15:52:27.000000000 +0200
-+++ apache-tomcat-7.0.70-src/build.xml 2016-07-19 15:53:28.337957151 +0200
-@@ -1919,7 +1919,7 @@ Apache Tomcat ${version} native binaries
+@@ -2046,7 +2046,7 @@ Apache Tomcat ${version} native binaries
        encoding="ISO-8859-1"
        docencoding="ISO-8859-1"
        charset="ISO-8859-1"
--      additionalparam="-breakiterator -notimestamp"
-+      additionalparam="-Xdoclint:none -breakiterator -notimestamp"
+-      additionalparam="-breakiterator -notimestamp ${java9.javadoc.options}"
++      additionalparam="-Xdoclint:none -breakiterator -notimestamp ${java9.javadoc.options}"
+       source="${compile.source}"
        maxmemory="512m"
        failonerror="true"
-       executable="${java.7.home}/bin/javadoc">
---- apache-tomcat-7.0.81-src/build.xml~        2017-10-04 11:16:30.000000000 +0200
-+++ apache-tomcat-7.0.81-src/build.xml 2017-10-04 11:48:42.218524719 +0200
-@@ -1932,7 +1932,7 @@ Apache Tomcat ${version} native binaries
+@@ -2068,7 +2068,7 @@ Apache Tomcat ${version} native binaries
        encoding="ISO-8859-1"
        docencoding="ISO-8859-1"
        charset="ISO-8859-1"
--      additionalparam="-breakiterator -notimestamp"
-+      additionalparam="-Xdoclint:none -breakiterator -notimestamp"
+-      additionalparam="-breakiterator -notimestamp ${java9.javadoc.options}"
++      additionalparam="-Xdoclint:none -breakiterator -notimestamp ${java9.javadoc.options}"
+       source="${compile.source}"
        maxmemory="512m"
        failonerror="true"
-       executable="${java.7.home}/bin/javadoc">
---- apache-tomcat-7.0.94-src/build.xml~        2019-05-08 09:40:51.000000000 +0200
-+++ apache-tomcat-7.0.94-src/build.xml 2019-05-08 09:42:01.675738032 +0200
-@@ -2559,7 +2559,7 @@ Apache Tomcat ${version} native binaries
-   <target name="download-deps"
-           description="Download the dependencies required to build and test"
--          depends="download-compile, download-dist, download-test-compile, download-validate, download-cobertura, extras-commons-logging-prepare, extras-webservices-prepare" />
-+          depends="download-compile, download-dist, download-test-compile, download-validate, download-cobertura, extras-webservices-prepare" />
-   <target name="download-validate"
-           description="Download components necessary to validate source"
---- apache-tomcat-7.0.94-src/build.xml~        2019-05-08 09:42:27.000000000 +0200
-+++ apache-tomcat-7.0.94-src/build.xml 2019-05-08 09:52:06.183789472 +0200
-@@ -1955,7 +1955,7 @@ Apache Tomcat ${version} native binaries
+@@ -2089,7 +2089,7 @@ Apache Tomcat ${version} native binaries
        encoding="ISO-8859-1"
        docencoding="ISO-8859-1"
        charset="ISO-8859-1"
--      additionalparam="-breakiterator -notimestamp"
-+      additionalparam="-Xdoclint:none -breakiterator -notimestamp"
+-      additionalparam="-breakiterator -notimestamp ${java9.javadoc.options} -J-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2 -XDignore.symbol.file"
++      additionalparam="-Xdoclint:none -breakiterator -notimestamp ${java9.javadoc.options} -J-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2 -XDignore.symbol.file"
+       source="${compile.source}"
        maxmemory="512m"
        failonerror="true"
-       executable="${java.7.home}/bin/javadoc">
index 2f33c985237ab4291e1c17f805cc574b1726ba15..ddd27972d2fc21483a84313ec5aa51206ce45803 100644 (file)
@@ -1,6 +1,6 @@
---- apache-tomcat-7.0.63-src/build.xml~        2015-06-30 11:15:44.000000000 +0300
-+++ apache-tomcat-7.0.63-src/build.xml 2015-07-26 21:31:46.613106110 +0300
-@@ -655,7 +655,7 @@
+--- apache-tomcat-7.0.100-src/build.xml.org    2020-02-11 09:39:54.000000000 +0100
++++ apache-tomcat-7.0.100-src/build.xml        2020-02-29 19:19:42.236875428 +0100
+@@ -683,7 +683,7 @@
    <target name="compile" depends="compile-java6, check-java7, compile-java7" />
  
    <target name="compile-java6"
@@ -9,7 +9,7 @@
      <!-- Compile internal server components -->
      <javac srcdir="java" destdir="${tomcat.classes}"
             debug="${compile.debug}"
-@@ -1198,7 +1198,7 @@
+@@ -1409,7 +1409,7 @@
  
    </target>
  
      <mkdir dir="${test.classes}"/>
      <!-- Compile -->
      <javac srcdir="test" destdir="${test.classes}"
-@@ -1371,7 +1310,7 @@
-     </path>
+@@ -1621,7 +1621,7 @@
    </target>
  
--  <target name="cobertura-instrument" depends="compile,download-cobertura,cobertura-disabled"
-+  <target name="cobertura-instrument" depends="compile,cobertura-disabled"
-           if="${test.cobertura}"
+   <target name="cobertura-instrument"
+-          depends="compile,download-cobertura,cobertura-disabled,cobertura-disabled-log"
++          depends="compile,cobertura-disabled,cobertura-disabled-log"
+           if="${cobertura.enabled}"
            description="Adds Cobertura instrumentation to the compiled bytecode">
  
-@@ -1556,67 +1556,10 @@
+@@ -1681,67 +1681,10 @@
      <mkdir dir="${tomcat.extras}/webservices"/>
    </target>
  
@@ -96,7 +96,7 @@
      <replace dir="${tomcat.extras}/logging/commons-logging-${commons-logging.version}-src/src/main/java/org/apache/commons"
          encoding="ISO-8859-1">
        <replacefilter token="org.apache.commons"
-@@ -1497,7 +1394,8 @@
+@@ -1763,7 +1706,8 @@
        file="${tomcat.extras}/logging/commons-logging-${commons-logging.version}-src/build.xml" />
  
      <copy todir="${tomcat.extras}/logging/commons-logging-${commons-logging.version}-src">
        <fileset file="${log4j.jar}" />
        <fileset file="${logkit.jar}" />
        <fileset file="${servletapi.jar}" />
-@@ -1660,24 +1660,6 @@
+@@ -1842,24 +1786,6 @@
            depends="extras-prepare"
            description="Prepare to build web services extras package">
  
      <copy file="${jaxrpc-lib.jar}"
            tofile="${tomcat.extras}/webservices/jaxrpc.jar" />
      <copy file="${wsdl4j-lib.jar}"
-@@ -1694,7 +1580,7 @@
+@@ -1961,7 +1887,7 @@
  
    </target>
  
      <mkdir dir="${tomcat.dist}"/>
      <mkdir dir="${tomcat.dist}/bin"/>
      <mkdir dir="${tomcat.dist}/conf"/>
-@@ -1832,13 +1832,6 @@
+@@ -2034,13 +1960,6 @@
        </fileset>
      </copy>
  
      <echo append="false" file="${tomcat.dist}/bin/x64/README">
  Apache Tomcat ${version} native binaries for Win64 AMD64/EMT64 platform.
      </echo>
-
+@@ -2791,7 +2791,7 @@ skip.installer property in build.propert
+   <target name="download-deps"
+           description="Download the dependencies required to build and test"
+-          depends="download-compile, download-dist, download-test-compile, download-validate, download-cobertura, extras-commons-logging-prepare, extras-webservices-prepare" />
++          depends="download-compile, download-dist, download-test-compile, download-validate, download-cobertura, extras-webservices-prepare" />
+   <target name="download-validate"
+           description="Download components necessary to validate source"
index 450f435db16192443dc3f2d9f93abc9d60bac1db..e8343e2e6b9ffbb9d7fcd604208a8b7c267f3d62 100644 (file)
 Summary:       Web server and Servlet/JSP Engine, RI for Servlet %{servletapiver}/JSP %{jspapiver} API
 Summary(pl.UTF-8):     Serwer www i silnik Servlet/JSP będący wzorcową implementacją API Servlet %{servletapiver}/JSP %{jspapiver}
 Name:          tomcat
-Version:       7.0.94
-Release:       2
+Version:       7.0.100
+Release:       1
 License:       Apache v2.0
 Group:         Networking/Daemons/Java
 Source0:       http://www.apache.org/dist/tomcat/tomcat-7/v%{version}/src/apache-%{name}-%{version}-src.tar.gz
-# Source0-md5: ab9ce1e8190fbfed2b4843c2ca69106c
+# Source0-md5: ad3d9bec243bfa25c2f66dd0961d8c83
 Source1:       apache-%{name}.init
 Source2:       apache-%{name}.sysconfig
 Source3:       %{name}-build.properties
This page took 0.228502 seconds and 4 git commands to generate.