Information for build tomcat-9.0.7-2.fc29
ID | 61252 | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Package Name | tomcat | |||||||||||||||||||||||||
Version | 9.0.7 | |||||||||||||||||||||||||
Release | 2.fc29 | |||||||||||||||||||||||||
Epoch | 1 | |||||||||||||||||||||||||
Summary | Apache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API | |||||||||||||||||||||||||
Description | Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. | |||||||||||||||||||||||||
Built by | davidlt | |||||||||||||||||||||||||
State | complete | |||||||||||||||||||||||||
Volume | DEFAULT | |||||||||||||||||||||||||
Started | Thu, 19 Jul 2018 20:03:05 UTC | |||||||||||||||||||||||||
Completed | Thu, 19 Jul 2018 20:03:05 UTC | |||||||||||||||||||||||||
Tags |
|
|||||||||||||||||||||||||
RPMs |
|
|||||||||||||||||||||||||
Changelog | * Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:9.0.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Tue May 01 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.7-1 - Update to 9.0.7 * Thu Mar 15 2018 Coty Sutherland <csutherl@redhat.com> - 1:8.5.29-1 - Update to 8.5.29 - Resolves: rhbz#1548290 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unitended exposure of resources - Resolves: rhbz#1548284 CVE-2018-1305 tomcat: Late application of security constraints can lead to resource exposure for unauthorised users * Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1:8.0.49-2 - Escape macros in %changelog * Thu Feb 01 2018 Coty Sutherland <csutherl@redhat.com> - 1:8.0.49-1 - Update to 8.0.49 * Tue Dec 12 2017 Merlin Mathesius <mmathesi@redhat.com> - 1:8.0.47-3 - Cleanup spec file conditionals * Tue Oct 24 2017 Troy Dawson <tdawson@redhat.com> - 1:8.0.47-2 - Change "zip -u" to "zip" - Resolves: rhbz#1495241 [tomcat] zip -u in spec file causes race condition * Wed Oct 04 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.47-1 - Update to 8.0.47 - Resolves: rhbz#1497682 CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615 * Mon Aug 21 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.46-1 - Update to 8.0.46 - Resolves: rhbz#1480620 CVE-2017-7674 tomcat: Cache Poisoning * Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:8.0.44-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Fri Jun 09 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.44-1 - Resolves: rhbz#1459160 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism * Tue Apr 11 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.43-1 - Update to 8.0.43 * Fri Mar 31 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.42-1 - Update to 8.0.42 * Thu Feb 16 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.41-1 - Update to 8.0.41 - Resolves: rhbz#1403825 CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing * Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:8.0.39-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Tue Nov 29 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.39-1 - Update to 8.0.39 - Resolves: rhbz#1397493 CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 tomcat: various flaws * Tue Oct 25 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.38-1 - Update to 8.0.38 * Sun Oct 23 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.37-3 - Resolves: rhbz#1383216 CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation - Resolves: rhbz#1382310 CVE-2016-5425 tomcat: Local privilege escalation via systemd-tmpfiles service * Tue Sep 13 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.37-1 - Rebase to 8.0.37 - Resolves: rhbz#1375581 CVE-2016-5388 CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz#1370262 catalina.out is no longer in use in the main package, but still gets rotated * Thu Aug 11 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.36-2 - Related: rhbz#1349469 Correct typo in changelog entry * Mon Aug 08 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.36-1 - Resolves: rhbz#1349469 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service (updates to 8.0.36) - Resolves: rhbz#1364056 The command tomcat-digest doesn't work - Resolves: rhbz#1363884 The tomcat-tool-wrapper script is broken - Resolves: rhbz#1347864 The systemd service unit does not allow tomcat to shut down gracefully - Resolves: rhbz#1347835 The security manager doesn't work correctly (JSPs cannot be compiled) - Resolves: rhbz#1341853 rpm -V tomcat fails on /var/log/tomcat/catalina.out - Resolves: rhbz#1341850 tomcat-jsvc.service has TOMCAT_USER value hard-coded - Resolves: rhbz#1359737 Missing maven depmap for the following artifacts: org.apache.tomcat:tomcat-websocket, org.apache.tomcat:tomcat-websocket-api - Resolves: asfbz#59960 Building javadocs with java8 fails |