Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

tomcat-9.0.36-lp152.2.7.1 RPM for noarch

From OpenSuSE Ports Leap 15.2 updates for noarch

Name: tomcat Distribution: openSUSE Leap 15.2
Version: 9.0.36 Vendor: openSUSE
Release: lp152.2.7.1 Build date: Mon Sep 7 23:18:38 2020
Group: Productivity/Networking/Web/Servers Build host: obs-arm-9
Size: 326820 Source RPM: tomcat-9.0.36-lp152.2.7.1.src.rpm
Packager: http://bugs.opensuse.org
Url: https://tomcat.apache.org
Summary: Apache Servlet/JSP/EL Engine, RI for Servlet 4.0/JSP 2.3/EL 3.0 API
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is
intended to be a collaboration of the best-of-breed developers from
around the world.

ATTENTION: This tomcat is built with java 1.8.0.

Provides

Requires

License

Apache-2.0

Changelog

* Thu Jul 23 2020 Matei Albu <malbu@suse.com>
  - Fix tomcat-servlet-4_0-api package alternatives to use
    /usr/share/java/servlet.jar instead of /usr/share/java/tomcat-servlet.jar.
    Keep /usr/share/java/tomcat-servlet.jar symlink for compatibility.
    (bsc#1092163)
  - Don't give write permissions for the tomcat group on files and
    directories where it's not needed (bsc#1172562)
  - Change tomcat.pid location from /var/run to /run (bsc#1173103)
  - Use %tmpfiles_create macro in %post instead of calling
    systemd-tmpfiles directly
* Fri Jul 17 2020 Matei Albu <malbu@suse.com>
  - Fixed CVEs:
    * CVE-2020-13934 (bsc#1174121)
    * CVE-2020-13935 (bsc#1174117)
  - Added patches:
    * tomcat-9.0-CVE-2020-13934.patch
    * tomcat-9.0-CVE-2020-13935.patch
  - Rebased patches:
    * tomcat-9.0.31-java8compat.patch
* Fri Jun 26 2020 Fridrich Strba <fstrba@suse.com>
  - Update to Tomcat 9.0.36. See changelog at
    https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.36_(markt)
  - Fixed CVEs:
    CVE-2020-11996 (bsc#1173389)
* Tue May 26 2020 Matei Albu <malbu@suse.com>
  - Update to Tomcat 9.0.35. See changelog at
    https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.35_(markt)
  - Fixed CVEs:
    - CVE-2020-9484 (bsc#1171928)
  - Rebased patches:
    * tomcat-9.0-javadoc.patch
    * tomcat-9.0-osgi-build.patch
    * tomcat-9.0.31-java8compat.patch
* Fri Apr 10 2020 Javier Llorente <javier@opensuse.org>
  - Update to Tomcat 9.0.34. See changelog at
    https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.34_(markt)
  - Notable changes:
    * Add support for default values when using ${...} property
      replacement in configuration files. Based on a pull request
      provided by Bernd Bohmann.
    * When configuring an HTTP Connector, warn if the encoding
      specified for URIEncoding is not a superset of US-ASCII as
      required by RFC 7230.
    * Replace the system property
      org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH with
      the Connector attribute encodedSolidusHandling that adds an
      additional option to pass the %2f sequence through to the
      application without decoding it in addition to rejecting such
      sequences and decoding such sequences.
* Mon Mar 30 2020 Matei Albu <malbu@suse.com>
  - Update to Tomcat 9.0.33. See changelog at
    http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.33_(markt)
  - Notable fix: corrected a regression in the improvements to HTTP
    header parsing (bsc#1167438)
  - Rebased patches:
    * tomcat-9.0-javadoc.patch
    * tomcat-9.0-osgi-build.patch
    * tomcat-9.0.31-java8compat.patch
* Fri Feb 28 2020 Matei Albu <malbu@suse.com>
  - Change default value of AJP connector secretRequired to false
  - Added patch:
    * tomcat-9.0.31-secretRequired-default.patch
* Tue Feb 25 2020 Fridrich Strba <fstrba@suse.com>
  - Update to Tomcat 9.0.31. See changelog at
    http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt)
  - Fixed CVEs:
    * CVE-2019-17569 (bsc#1164825)
    * CVE-2020-1935 (bsc#1164860)
    * CVE-2020-1938 (bsc#1164692)
  - Modified patch
    * tomcat-9.0.30-java8compat.patch
    - > tomcat-9.0.31-java8compat.patch
      + Adapt to changed context
* Wed Jan 29 2020 Matei Albu <malbu@suse.com>
  - Modified patch:
    * tomcat-9.0.30-java8compat.patch
      + add missing casts (bsc#1162081)
* Mon Jan 20 2020 Fridrich Strba <fstrba@suse.com>
  - Change back the build to build with any Java >= 1.8
  - Added patch:
    * tomcat-9.0.30-java8compat.patch
      + Cast java.nio.ByteBuffer and java.nio.CharBuffer to
      java.nio.Buffer in order to avoid calling Java 9+ APIs
      (functions with co-variant return types)
  - Renamed patch:
    * tomcat-9.0-disable-osgi-build.patch
    - > tomcat-9.0-osgi-build.patch
      + Do not disable, but fix OSGi build since we have now
      aqute-bnd
* Fri Jan 17 2020 Matei Albu <malbu@suse.com>
  - Change build to always use Java 1.8 (bsc#1161025).
* Fri Dec 27 2019 Matei Albu <malbu@suse.com>
  - Update to Tomcat 9.0.30. See changelog at
    http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt)
  - Fixed CVEs:
    - CVE-2019-0221 (bsc#1136085)
    - CVE-2019-10072 (bsc#1139924)
    - CVE-2019-12418 (bsc#1159723)
    - CVE-2019-17563 (bsc#1159729)
  - Removed patch:
    * tomcat-9.0-JDTCompiler-java.patch
      + It was not applied
* Mon Nov 18 2019 Fridrich Strba <fstrba@suse.com>
  - Update to Tomcat 9.0.27. See changelog at
    http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.27_(markt)
  - Uset aqute-bnd to generate OSGi manifest, since we have that
    package now in openSUSE:Factory
  - Removed patch:
    * tomcat-9.0-disable-osgi-build.patch
      + not needed
* Fri Nov 15 2019 Fridrich Strba <fstrba@suse.com>
  - Add maven pom files for tomcat-jni and tomcat-jaspic-api
* Fri Oct 04 2019 Fridrich Strba <fstrba@suse.com>
  - Distribute the pom file also for tomcat-util-scan artifact
* Tue Oct 01 2019 Fridrich Strba <fstrba@suse.com>
  - Build against compatibility log4j12 package
* Wed Sep 25 2019 Fridrich Strba <fstrba@suse.com>
  - Adapt to the new ecj directory layout
* Wed Jun 12 2019 Dominique Leuenberger <dimstar@opensuse.org>
  - BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
    shortcut the build queues by allowing usage of systemd-mini
* Mon May 20 2019 Matei <malbu@suse.com>
  - Update to Tomcat 9.0.20. See changelog at
    http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.20_(markt)
  - increase maximum number of threads and open files for tomcat (bsc#1111966)
* Mon Apr 22 2019 malbu@suse.com
  - Update to Tomcat 9.0.19. See changelog at
    http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.19_(markt)
    Notable packaging changes:
    - File /usr/share/java/tomcat/catalina-jmx-remote.jar was removed.
      The classes contained in this jar were merged into
      /usr/share/java/tomcat/catalina.jar.
  - Fixed CVEs:
    - CVE-2019-0199 (bsc#1131055)
  - Rebased patch:
    - tomcat-9.0-JDTCompiler-java.patch
    - tomcat-9.0-javadoc.patch
* Mon Apr 15 2019 Fridrich Strba <fstrba@suse.com>
  - Build classpath directly with the geronimo jars instead of with
    symlinks to them
* Tue Feb 19 2019 malbu@suse.com
  - Don't overwrite changes made to server.xml contexts when updating
    bundled webapps.
* Mon Feb 18 2019 malbu@suse.com
  - Set javac target to 1.8 when building docs samples and serverxmltool
* Tue Feb 05 2019 malbu@suse.com
  - Move webapps bundled with Tomcat to /usr/share/tomcat/tomcat-webapps
    (bsc#1092341). Affected packages:
    - tomcat-webapps
    - tomcat-admin-webapps
    - tomcat-docs-webapp
  - Remove %doc directive from tomcat-docs-webapps files section so that
    zypper installs files even if rpm.install.excludedocs is set to yes.
* Mon Feb 04 2019 malbu@suse.com
  - Require Java 1.8 or later (bsc#1123407)
* Sat Jan 26 2019 Fridrich Strba <fstrba@suse.com>
  - Clean up OSGi manifest injection
  - Put embed maven metadata into embed subpackage
  - Use the .mfiles* lists generated by %%add_maven_depmap macro
* Wed Jan 16 2019 malbu@suse.com
  - Fix tomcat-tool-wrapper classpath error (bsc#1120745)
* Fri Jan 11 2019 malbu@suse.com
  - Fix tomcat-digest classpath error (bsc#1120745)
* Sat Dec 29 2018 ecsos@opensuse.org
  - Update to Tomcat 9.0.14. See changelog at
    http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.14_(markt)
* Wed Dec 05 2018 Fridrich Strba <fstrba@suse.com>
  - Add pom files for tomcat-jdbc and tomcat-dbcp
  - Add org.eclipse.jetty.orbit* aliases to correspondant artifacts
* Fri Nov 09 2018 sean@suspend.net
  - Update to Tomcat 9.0.13. See changelog at
    http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.13_(markt)
* Thu Oct 18 2018 malbu@suse.com
  - Update to Tomcat 9.0.12. See changelog at
    http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt)
  - Fixed CVEs:
    - CVE-2018-11784 (bsc#1110850)
  - Rebased patches:
    - tomcat-9.0-disable-osgi-build.patch
    - tomcat-9.0-javadoc.patch
    - tomcat-9.0-sle.catalina.policy.patch
    - tomcat-9.0-tomcat-users-webapp.patch
* Tue Sep 11 2018 ecsos@opensuse.org
  - Declare following files to config(noreplace) to prevent override
    access rights:
    - host-manager/META-INF/context.xml
    - manager/META-INF/context.xml
* Sun Aug 26 2018 malbu@suse.com
  - Empty tomcat-9.0.sysconfig to avoid overwriting of customer's
    configuration during update (bsc#1067720)
* Thu Aug 16 2018 malbu@suse.com
  - Update to Tomcat 9.0.10. See changelog at
    http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.10_(markt)
  - Fixed CVEs:
    - CVE-2018-1336 (bsc#1102400)
    - CVE-2018-8014 (bsc#1093697)
    - CVE-2018-8034 (bsc#1102379)
    - CVE-2018-8037 (bsc#1102410)
  - Rebased patch tomcat-9.0-JDTCompiler-java.patch
  - Added patch tomcat-9.0-disable-osgi-build.patch to disable adding
    OSGi metadata to JAR files
* Fri Feb 16 2018 malbu@suse.de
  - Update to Tomcat 9.0.5. See changelog at
    http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.5_(markt)
* Wed Jan 17 2018 fstrba@suse.com
  - Modified patch:
    * tomcat-9.0-javadoc.patch
      + Don't append to javadoc --add-modules since we are building
      with source=8
      + Avoid accessing Internet URLs from build environment
* Fri Dec 01 2017 malbu@suse.com
  - Update to Tomcat 9.0.2:
    * Major update for tomcat8 from tomcat9
    * For full changelog please read upstream changes at:
      + http://tomcat.apache.org/tomcat-9.0-doc/changelog.html
    * Rename all tomcat-8.0-* files to tomcat-9.0-*
  - Changed patches:
    * Deleted: tomcat-8.0-bootstrap-MANIFEST.MF.patch
    * Deleted: tomcat-8.0-sle.catalina.policy.patch
    * Deleted: tomcat-8.0-tomcat-users-webapp.patch
    * Deleted: tomcat-8.0.33-JDTCompiler-java.patch
    * Deleted: tomcat-8.0.44-javadoc.patch
    * Deleted: tomcat-8.0.9-property-build.windows.patch
    * Added: tomcat-9.0-JDTCompiler-java.patch
    * Added: tomcat-9.0-bootstrap-MANIFEST.MF.patch
    * Added: tomcat-9.0-javadoc.patch
    * Added: tomcat-9.0-sle.catalina.policy.patch
    * Added: tomcat-9.0-tomcat-users-webapp.patch
  - Renamed subpackage tomcat-3_1-api to tomcat-4_0-api
    to reflect the new Servlet API version.
  - Commented out JAVA_HOME in /etc/tomcat/tomcat.conf
  - Added "tomcat-" prefix to lib symlinks under
    /usr/share/java to avoid file conflicts with servletapi5
    and geronimo-specs
  - Fixed wrong %ghost file paths for alternatives symlinks
* Thu Nov 23 2017 rbrown@suse.com
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)
* Mon Oct 23 2017 malbu@suse.com
  - Build with JDK 8 to fix runtime errors when running with JDK 7
    and 8
  - Fix tomcat-digest classpath error (bsc#977410)
  - Fix packaged /etc/alternatives symlinks for api libs that caused
    rpm -V to report link mismatch (bsc#1019016)
* Mon Oct 23 2017 ecsos@opensuse.org
  - update to 8.0.47
    http://tomcat.apache.org/tomcat-8.0-doc/changelog.html
    * Fixed CVE:
    - CVE-2017-12617
  - rebase tomcat-8.0-sle.catalina.policy.patch
* Tue Sep 19 2017 fstrba@suse.com
  - Added patch:
    * tomcat-8.0.44-javadoc.patch
    - generate documentation with the same source level as class
      files
    - fixes build with jdk9
* Fri Jun 09 2017 ecsos@opensuse.org
  - Version update to 8.0.44:
    http://tomcat.apache.org/tomcat-8.0-doc/changelog.html
    * Fixed CVE:
    - CVE-2017-5664 (bsc#1042910)
* Fri May 19 2017 dziolkowski@suse.com
  - New build dependency: javapackages-local
* Tue May 09 2017 malbu@suse.com
  - Version update to 8.0.43:
    * Another bugfix release, for full details see:
      http://tomcat.apache.org/tomcat-8.0-doc/changelog.html
    * Fixed CVEs:
    - CVE-2017-5647 (bnc#1033448)
    - CVE-2017-5648 (bnc#1033447)
    - CVE-2016-8745
  - Renamed and rebased patches:
    * tomcat-7.0-sle.catalina.policy.patch -> tomcat-8.0-sle.catalina.policy.patch
  - Enable optional setenv.sh script. See section
    "(3.4) Using the "setenv" script (optional, recommended)" in
    http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt
    (bnc#1002662)
  - Fix file conflicts when upgrading from SLES 12 to SLES 12 SP1 (bnc#1023412).
    Added explicit obsoletes for tomcat-el-2_2-api, tomcat-jsp-2_2-api,
    tomcat-servlet-3_0-api
* Wed Dec 21 2016 astieger@suse.com
  - update to 8.0.39: (boo#1003911)
    * Improve handling of I/O errors with async processing
    * Fail earlier on invalid HTTP request
  - includes changes from  8.0.38:
    * Refactoring the non-container thread Async complete()/dispatch()
      handling to remove the possibility of deadlock
    * Improved UTF-8 handling for the RewriteValve
  - includes changes from 8.0.37:
    * Treat paths used to obtain a request dispatcher as encoded
      (configurable)
    * Various jdbc-pool fixes
  - drop tomcat-8.0.36-jar-scanner-loop.patch, upstream
* Thu Sep 29 2016 tchvatal@suse.com
  - Switch to commons-dbcp2 fate#321029
* Fri Sep 02 2016 malbu@suse.com
  - Backport fix for inifinite loop in the jar scanner for 8.0.36. (bnc#993862)
    Added: tomcat-8.0.36-jar-scanner-loop.patch
* Wed Jul 06 2016 malbu@suse.com
  - Version update to 8.0.36:
    * Another bugfix release for the 8.0 series. Full details:
      http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.36_(markt)
  - CVE fixed by the version update:
    - CVE-2016-3092 (bnc#986359)
  - Fixed a deployment error in the examples webapp by changing the context.xml format to the new one
    introduced by Tomcat 8. See http://tomcat.apache.org/migration-8.html#Web_application_resources
* Mon May 02 2016 dmacvicar@suse.de
  - fix maven fragments paths to build in multiple distribution
    versions
* Thu Apr 21 2016 jcnengel@gmail.com
  - Version update to 8.0.33:
    * Another bugfix release for 8.0 series, full details:
      http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.33_(markt)
  - Rebase tomcat-8.0-tomcat-users-webapp.patch
  - Rebase tomcat-7.0.53-JDTCompiler-java.patch
    to tomcat-8.0.33-JDTCompiler-java.patch
* Thu Apr 07 2016 tchvatal@suse.com
  - Fix fixme for the prereq preamble value
  - It seems systemd prints error on adding the @ services to macros
    so do not do that
* Thu Mar 31 2016 dmacvicar@suse.de
  - package was partly merged with the scripts used in the
    Fedora distribution
  - support running multiple tomcat instances on the same server
    (fate#317783)
  - add catalina-jmx-remote.jar (fate#318403)
  - remove sysvinit support: systemd is required
* Mon Feb 29 2016 dmacvicar@suse.de
  - update changes file for CVE information
  - Fixed CVEs:
    - CVE-2015-5346 (bnc#967814) in 8.0.32
    - CVE-2015-5351 (bnc#967812) in 8.0.32
    - CVE-2016-0706 (bnc#967815) in 8.0.32
    - CVE-2016-0714 (bnc#967964) in 8.0.32
    - CVE-2016-0763 (bnc#967966) in 8.0.32
    - CVE-2015-5345 (bnc#967965) in 8.0.30
    - CVE-2015-5174 (bnc#967967) in 8.0.27
* Wed Feb 17 2016 tchvatal@suse.com
  - Version update to 8.0.32:
    * Another bugfix release for 8.0 series, full details:
      http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.32_(markt)
  - Rebase patch:
    * tomcat-8.0.9-property-build.windows.patch
* Tue Nov 10 2015 dmacvicar@suse.de
  - update to Tomcat 8.0.28
    * Multiple fixes, read upstream changelog at:
    https://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.28_(markt)
* Mon Jun 01 2015 tchvatal@suse.com
  - Some whitespace cleanups
* Mon Jun 01 2015 tchvatal@suse.com
  - Remove pointless conflicts on provide/obsolete symbols
* Mon Jun 01 2015 tchvatal@suse.com
  - Version bump to 8.0.23 fate#318913:
    * Multiple testfixes all around, read upstream changelog at:
    http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.23_(markt)
* Tue Mar 24 2015 tchvatal@suse.com
  - Fix previous commit. Fix one rpmlint warning
* Wed Mar 18 2015 tchvatal@suse.com
  - Drop gpg verification from spec, it is done by obs
* Wed Mar 18 2015 tchvatal@suse.com
  - Fix build with new jpackage-tools
* Tue Feb 10 2015 wittemar@googlemail.com
  - update to Tomcat 8.0.18:
    * Major update for tomcat8 from tomcat7
    * For full changelog please read upstream changes at:
      + http://tomcat.apache.org/tomcat-8.0-doc/changelog.html
    * Rename all tomcat-7.0-* files to tomcat-8.0-*
    * Update keyring file
  - Update windows patch to apply again:
    * Deleted: tomcat-7.0.52-property-build.windows.patch
    * Added: tomcat-8.0.9-property-build.windows.patch
    * Added:tomcat-8.0-tomcat-users-webapp.patch
    * Deleted: tomcat-7.0-tomcat-users-webapp.patch
    * Added: tomcat-8.0-bootstrap-MANIFEST.MF.patch
    * Deleted: tomcat-7.0-bootstrap-MANIFEST.MF.patch
* Tue Feb 03 2015 bmaryniuk@suse.com
  - Version 1.1.30 or higher is required for APR listener (bnc#914725)

Files

/etc/logrotate.d/tomcat
/etc/tomcat
/etc/tomcat/Catalina
/etc/tomcat/catalina.policy
/etc/tomcat/catalina.properties
/etc/tomcat/conf.d
/etc/tomcat/conf.d/README
/etc/tomcat/context.xml
/etc/tomcat/jaspic-providers.xml
/etc/tomcat/log4j.properties
/etc/tomcat/logging.properties
/etc/tomcat/server.xml
/etc/tomcat/tomcat-users.xml
/etc/tomcat/tomcat.conf
/etc/tomcat/web.xml
/srv/tomcat
/srv/tomcat/webapps
/usr/bin/tomcat-digest
/usr/bin/tomcat-tool-wrapper
/usr/lib/systemd/system/tomcat.service
/usr/lib/systemd/system/tomcat@.service
/usr/lib/tmpfiles.d/tomcat.conf
/usr/lib/tomcat
/usr/lib/tomcat/functions
/usr/lib/tomcat/preamble
/usr/lib/tomcat/server
/usr/lib/tomcat/serverxml-tool.sh
/usr/lib/tomcat/serverxmltool.jar
/usr/sbin/rctomcat
/usr/sbin/tomcat
/usr/share/doc/packages/tomcat
/usr/share/doc/packages/tomcat/LICENSE
/usr/share/doc/packages/tomcat/NOTICE
/usr/share/doc/packages/tomcat/RELEASE-NOTES
/usr/share/fillup-templates/sysconfig.tomcat
/usr/share/tomcat
/usr/share/tomcat/bin/bootstrap.jar
/usr/share/tomcat/bin/catalina-tasks.xml
/usr/share/tomcat/bin/catalina.sh
/usr/share/tomcat/conf
/usr/share/tomcat/lib
/usr/share/tomcat/logs
/usr/share/tomcat/temp
/usr/share/tomcat/tomcat-webapps
/usr/share/tomcat/webapps
/usr/share/tomcat/work
/var/cache/tomcat
/var/cache/tomcat/Catalina
/var/cache/tomcat/temp
/var/cache/tomcat/work
/var/lib/tomcats
/var/log/tomcat
/var/log/tomcat/catalina.out


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 13:38:59 2024