Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: tomcat | Distribution: openSUSE Leap 15.2 |
Version: 9.0.36 | Vendor: openSUSE |
Release: lp152.2.7.1 | Build date: Mon Sep 7 23:18:38 2020 |
Group: Productivity/Networking/Web/Servers | Build host: obs-arm-9 |
Size: 326820 | Source RPM: tomcat-9.0.36-lp152.2.7.1.src.rpm |
Packager: http://bugs.opensuse.org | |
Url: https://tomcat.apache.org | |
Summary: Apache Servlet/JSP/EL Engine, RI for Servlet 4.0/JSP 2.3/EL 3.0 API |
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. ATTENTION: This tomcat is built with java 1.8.0.
Apache-2.0
* Thu Jul 23 2020 Matei Albu <malbu@suse.com> - Fix tomcat-servlet-4_0-api package alternatives to use /usr/share/java/servlet.jar instead of /usr/share/java/tomcat-servlet.jar. Keep /usr/share/java/tomcat-servlet.jar symlink for compatibility. (bsc#1092163) - Don't give write permissions for the tomcat group on files and directories where it's not needed (bsc#1172562) - Change tomcat.pid location from /var/run to /run (bsc#1173103) - Use %tmpfiles_create macro in %post instead of calling systemd-tmpfiles directly * Fri Jul 17 2020 Matei Albu <malbu@suse.com> - Fixed CVEs: * CVE-2020-13934 (bsc#1174121) * CVE-2020-13935 (bsc#1174117) - Added patches: * tomcat-9.0-CVE-2020-13934.patch * tomcat-9.0-CVE-2020-13935.patch - Rebased patches: * tomcat-9.0.31-java8compat.patch * Fri Jun 26 2020 Fridrich Strba <fstrba@suse.com> - Update to Tomcat 9.0.36. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.36_(markt) - Fixed CVEs: CVE-2020-11996 (bsc#1173389) * Tue May 26 2020 Matei Albu <malbu@suse.com> - Update to Tomcat 9.0.35. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.35_(markt) - Fixed CVEs: - CVE-2020-9484 (bsc#1171928) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch * Fri Apr 10 2020 Javier Llorente <javier@opensuse.org> - Update to Tomcat 9.0.34. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.34_(markt) - Notable changes: * Add support for default values when using ${...} property replacement in configuration files. Based on a pull request provided by Bernd Bohmann. * When configuring an HTTP Connector, warn if the encoding specified for URIEncoding is not a superset of US-ASCII as required by RFC 7230. * Replace the system property org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH with the Connector attribute encodedSolidusHandling that adds an additional option to pass the %2f sequence through to the application without decoding it in addition to rejecting such sequences and decoding such sequences. * Mon Mar 30 2020 Matei Albu <malbu@suse.com> - Update to Tomcat 9.0.33. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.33_(markt) - Notable fix: corrected a regression in the improvements to HTTP header parsing (bsc#1167438) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch * Fri Feb 28 2020 Matei Albu <malbu@suse.com> - Change default value of AJP connector secretRequired to false - Added patch: * tomcat-9.0.31-secretRequired-default.patch * Tue Feb 25 2020 Fridrich Strba <fstrba@suse.com> - Update to Tomcat 9.0.31. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs: * CVE-2019-17569 (bsc#1164825) * CVE-2020-1935 (bsc#1164860) * CVE-2020-1938 (bsc#1164692) - Modified patch * tomcat-9.0.30-java8compat.patch - > tomcat-9.0.31-java8compat.patch + Adapt to changed context * Wed Jan 29 2020 Matei Albu <malbu@suse.com> - Modified patch: * tomcat-9.0.30-java8compat.patch + add missing casts (bsc#1162081) * Mon Jan 20 2020 Fridrich Strba <fstrba@suse.com> - Change back the build to build with any Java >= 1.8 - Added patch: * tomcat-9.0.30-java8compat.patch + Cast java.nio.ByteBuffer and java.nio.CharBuffer to java.nio.Buffer in order to avoid calling Java 9+ APIs (functions with co-variant return types) - Renamed patch: * tomcat-9.0-disable-osgi-build.patch - > tomcat-9.0-osgi-build.patch + Do not disable, but fix OSGi build since we have now aqute-bnd * Fri Jan 17 2020 Matei Albu <malbu@suse.com> - Change build to always use Java 1.8 (bsc#1161025). * Fri Dec 27 2019 Matei Albu <malbu@suse.com> - Update to Tomcat 9.0.30. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs: - CVE-2019-0221 (bsc#1136085) - CVE-2019-10072 (bsc#1139924) - CVE-2019-12418 (bsc#1159723) - CVE-2019-17563 (bsc#1159729) - Removed patch: * tomcat-9.0-JDTCompiler-java.patch + It was not applied * Mon Nov 18 2019 Fridrich Strba <fstrba@suse.com> - Update to Tomcat 9.0.27. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.27_(markt) - Uset aqute-bnd to generate OSGi manifest, since we have that package now in openSUSE:Factory - Removed patch: * tomcat-9.0-disable-osgi-build.patch + not needed * Fri Nov 15 2019 Fridrich Strba <fstrba@suse.com> - Add maven pom files for tomcat-jni and tomcat-jaspic-api * Fri Oct 04 2019 Fridrich Strba <fstrba@suse.com> - Distribute the pom file also for tomcat-util-scan artifact * Tue Oct 01 2019 Fridrich Strba <fstrba@suse.com> - Build against compatibility log4j12 package * Wed Sep 25 2019 Fridrich Strba <fstrba@suse.com> - Adapt to the new ecj directory layout * Wed Jun 12 2019 Dominique Leuenberger <dimstar@opensuse.org> - BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini * Mon May 20 2019 Matei <malbu@suse.com> - Update to Tomcat 9.0.20. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.20_(markt) - increase maximum number of threads and open files for tomcat (bsc#1111966) * Mon Apr 22 2019 malbu@suse.com - Update to Tomcat 9.0.19. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.19_(markt) Notable packaging changes: - File /usr/share/java/tomcat/catalina-jmx-remote.jar was removed. The classes contained in this jar were merged into /usr/share/java/tomcat/catalina.jar. - Fixed CVEs: - CVE-2019-0199 (bsc#1131055) - Rebased patch: - tomcat-9.0-JDTCompiler-java.patch - tomcat-9.0-javadoc.patch * Mon Apr 15 2019 Fridrich Strba <fstrba@suse.com> - Build classpath directly with the geronimo jars instead of with symlinks to them * Tue Feb 19 2019 malbu@suse.com - Don't overwrite changes made to server.xml contexts when updating bundled webapps. * Mon Feb 18 2019 malbu@suse.com - Set javac target to 1.8 when building docs samples and serverxmltool * Tue Feb 05 2019 malbu@suse.com - Move webapps bundled with Tomcat to /usr/share/tomcat/tomcat-webapps (bsc#1092341). Affected packages: - tomcat-webapps - tomcat-admin-webapps - tomcat-docs-webapp - Remove %doc directive from tomcat-docs-webapps files section so that zypper installs files even if rpm.install.excludedocs is set to yes. * Mon Feb 04 2019 malbu@suse.com - Require Java 1.8 or later (bsc#1123407) * Sat Jan 26 2019 Fridrich Strba <fstrba@suse.com> - Clean up OSGi manifest injection - Put embed maven metadata into embed subpackage - Use the .mfiles* lists generated by %%add_maven_depmap macro * Wed Jan 16 2019 malbu@suse.com - Fix tomcat-tool-wrapper classpath error (bsc#1120745) * Fri Jan 11 2019 malbu@suse.com - Fix tomcat-digest classpath error (bsc#1120745) * Sat Dec 29 2018 ecsos@opensuse.org - Update to Tomcat 9.0.14. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.14_(markt) * Wed Dec 05 2018 Fridrich Strba <fstrba@suse.com> - Add pom files for tomcat-jdbc and tomcat-dbcp - Add org.eclipse.jetty.orbit* aliases to correspondant artifacts * Fri Nov 09 2018 sean@suspend.net - Update to Tomcat 9.0.13. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.13_(markt) * Thu Oct 18 2018 malbu@suse.com - Update to Tomcat 9.0.12. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt) - Fixed CVEs: - CVE-2018-11784 (bsc#1110850) - Rebased patches: - tomcat-9.0-disable-osgi-build.patch - tomcat-9.0-javadoc.patch - tomcat-9.0-sle.catalina.policy.patch - tomcat-9.0-tomcat-users-webapp.patch * Tue Sep 11 2018 ecsos@opensuse.org - Declare following files to config(noreplace) to prevent override access rights: - host-manager/META-INF/context.xml - manager/META-INF/context.xml * Sun Aug 26 2018 malbu@suse.com - Empty tomcat-9.0.sysconfig to avoid overwriting of customer's configuration during update (bsc#1067720) * Thu Aug 16 2018 malbu@suse.com - Update to Tomcat 9.0.10. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.10_(markt) - Fixed CVEs: - CVE-2018-1336 (bsc#1102400) - CVE-2018-8014 (bsc#1093697) - CVE-2018-8034 (bsc#1102379) - CVE-2018-8037 (bsc#1102410) - Rebased patch tomcat-9.0-JDTCompiler-java.patch - Added patch tomcat-9.0-disable-osgi-build.patch to disable adding OSGi metadata to JAR files * Fri Feb 16 2018 malbu@suse.de - Update to Tomcat 9.0.5. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.5_(markt) * Wed Jan 17 2018 fstrba@suse.com - Modified patch: * tomcat-9.0-javadoc.patch + Don't append to javadoc --add-modules since we are building with source=8 + Avoid accessing Internet URLs from build environment * Fri Dec 01 2017 malbu@suse.com - Update to Tomcat 9.0.2: * Major update for tomcat8 from tomcat9 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-9.0-doc/changelog.html * Rename all tomcat-8.0-* files to tomcat-9.0-* - Changed patches: * Deleted: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-8.0-sle.catalina.policy.patch * Deleted: tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-8.0.33-JDTCompiler-java.patch * Deleted: tomcat-8.0.44-javadoc.patch * Deleted: tomcat-8.0.9-property-build.windows.patch * Added: tomcat-9.0-JDTCompiler-java.patch * Added: tomcat-9.0-bootstrap-MANIFEST.MF.patch * Added: tomcat-9.0-javadoc.patch * Added: tomcat-9.0-sle.catalina.policy.patch * Added: tomcat-9.0-tomcat-users-webapp.patch - Renamed subpackage tomcat-3_1-api to tomcat-4_0-api to reflect the new Servlet API version. - Commented out JAVA_HOME in /etc/tomcat/tomcat.conf - Added "tomcat-" prefix to lib symlinks under /usr/share/java to avoid file conflicts with servletapi5 and geronimo-specs - Fixed wrong %ghost file paths for alternatives symlinks * Thu Nov 23 2017 rbrown@suse.com - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) * Mon Oct 23 2017 malbu@suse.com - Build with JDK 8 to fix runtime errors when running with JDK 7 and 8 - Fix tomcat-digest classpath error (bsc#977410) - Fix packaged /etc/alternatives symlinks for api libs that caused rpm -V to report link mismatch (bsc#1019016) * Mon Oct 23 2017 ecsos@opensuse.org - update to 8.0.47 http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-12617 - rebase tomcat-8.0-sle.catalina.policy.patch * Tue Sep 19 2017 fstrba@suse.com - Added patch: * tomcat-8.0.44-javadoc.patch - generate documentation with the same source level as class files - fixes build with jdk9 * Fri Jun 09 2017 ecsos@opensuse.org - Version update to 8.0.44: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-5664 (bsc#1042910) * Fri May 19 2017 dziolkowski@suse.com - New build dependency: javapackages-local * Tue May 09 2017 malbu@suse.com - Version update to 8.0.43: * Another bugfix release, for full details see: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVEs: - CVE-2017-5647 (bnc#1033448) - CVE-2017-5648 (bnc#1033447) - CVE-2016-8745 - Renamed and rebased patches: * tomcat-7.0-sle.catalina.policy.patch -> tomcat-8.0-sle.catalina.policy.patch - Enable optional setenv.sh script. See section "(3.4) Using the "setenv" script (optional, recommended)" in http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt (bnc#1002662) - Fix file conflicts when upgrading from SLES 12 to SLES 12 SP1 (bnc#1023412). Added explicit obsoletes for tomcat-el-2_2-api, tomcat-jsp-2_2-api, tomcat-servlet-3_0-api * Wed Dec 21 2016 astieger@suse.com - update to 8.0.39: (boo#1003911) * Improve handling of I/O errors with async processing * Fail earlier on invalid HTTP request - includes changes from 8.0.38: * Refactoring the non-container thread Async complete()/dispatch() handling to remove the possibility of deadlock * Improved UTF-8 handling for the RewriteValve - includes changes from 8.0.37: * Treat paths used to obtain a request dispatcher as encoded (configurable) * Various jdbc-pool fixes - drop tomcat-8.0.36-jar-scanner-loop.patch, upstream * Thu Sep 29 2016 tchvatal@suse.com - Switch to commons-dbcp2 fate#321029 * Fri Sep 02 2016 malbu@suse.com - Backport fix for inifinite loop in the jar scanner for 8.0.36. (bnc#993862) Added: tomcat-8.0.36-jar-scanner-loop.patch * Wed Jul 06 2016 malbu@suse.com - Version update to 8.0.36: * Another bugfix release for the 8.0 series. Full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.36_(markt) - CVE fixed by the version update: - CVE-2016-3092 (bnc#986359) - Fixed a deployment error in the examples webapp by changing the context.xml format to the new one introduced by Tomcat 8. See http://tomcat.apache.org/migration-8.html#Web_application_resources * Mon May 02 2016 dmacvicar@suse.de - fix maven fragments paths to build in multiple distribution versions * Thu Apr 21 2016 jcnengel@gmail.com - Version update to 8.0.33: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.33_(markt) - Rebase tomcat-8.0-tomcat-users-webapp.patch - Rebase tomcat-7.0.53-JDTCompiler-java.patch to tomcat-8.0.33-JDTCompiler-java.patch * Thu Apr 07 2016 tchvatal@suse.com - Fix fixme for the prereq preamble value - It seems systemd prints error on adding the @ services to macros so do not do that * Thu Mar 31 2016 dmacvicar@suse.de - package was partly merged with the scripts used in the Fedora distribution - support running multiple tomcat instances on the same server (fate#317783) - add catalina-jmx-remote.jar (fate#318403) - remove sysvinit support: systemd is required * Mon Feb 29 2016 dmacvicar@suse.de - update changes file for CVE information - Fixed CVEs: - CVE-2015-5346 (bnc#967814) in 8.0.32 - CVE-2015-5351 (bnc#967812) in 8.0.32 - CVE-2016-0706 (bnc#967815) in 8.0.32 - CVE-2016-0714 (bnc#967964) in 8.0.32 - CVE-2016-0763 (bnc#967966) in 8.0.32 - CVE-2015-5345 (bnc#967965) in 8.0.30 - CVE-2015-5174 (bnc#967967) in 8.0.27 * Wed Feb 17 2016 tchvatal@suse.com - Version update to 8.0.32: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.32_(markt) - Rebase patch: * tomcat-8.0.9-property-build.windows.patch * Tue Nov 10 2015 dmacvicar@suse.de - update to Tomcat 8.0.28 * Multiple fixes, read upstream changelog at: https://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.28_(markt) * Mon Jun 01 2015 tchvatal@suse.com - Some whitespace cleanups * Mon Jun 01 2015 tchvatal@suse.com - Remove pointless conflicts on provide/obsolete symbols * Mon Jun 01 2015 tchvatal@suse.com - Version bump to 8.0.23 fate#318913: * Multiple testfixes all around, read upstream changelog at: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.23_(markt) * Tue Mar 24 2015 tchvatal@suse.com - Fix previous commit. Fix one rpmlint warning * Wed Mar 18 2015 tchvatal@suse.com - Drop gpg verification from spec, it is done by obs * Wed Mar 18 2015 tchvatal@suse.com - Fix build with new jpackage-tools * Tue Feb 10 2015 wittemar@googlemail.com - update to Tomcat 8.0.18: * Major update for tomcat8 from tomcat7 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Rename all tomcat-7.0-* files to tomcat-8.0-* * Update keyring file - Update windows patch to apply again: * Deleted: tomcat-7.0.52-property-build.windows.patch * Added: tomcat-8.0.9-property-build.windows.patch * Added:tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-7.0-tomcat-users-webapp.patch * Added: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-7.0-bootstrap-MANIFEST.MF.patch * Tue Feb 03 2015 bmaryniuk@suse.com - Version 1.1.30 or higher is required for APR listener (bnc#914725)
/etc/logrotate.d/tomcat /etc/tomcat /etc/tomcat/Catalina /etc/tomcat/catalina.policy /etc/tomcat/catalina.properties /etc/tomcat/conf.d /etc/tomcat/conf.d/README /etc/tomcat/context.xml /etc/tomcat/jaspic-providers.xml /etc/tomcat/log4j.properties /etc/tomcat/logging.properties /etc/tomcat/server.xml /etc/tomcat/tomcat-users.xml /etc/tomcat/tomcat.conf /etc/tomcat/web.xml /srv/tomcat /srv/tomcat/webapps /usr/bin/tomcat-digest /usr/bin/tomcat-tool-wrapper /usr/lib/systemd/system/tomcat.service /usr/lib/systemd/system/tomcat@.service /usr/lib/tmpfiles.d/tomcat.conf /usr/lib/tomcat /usr/lib/tomcat/functions /usr/lib/tomcat/preamble /usr/lib/tomcat/server /usr/lib/tomcat/serverxml-tool.sh /usr/lib/tomcat/serverxmltool.jar /usr/sbin/rctomcat /usr/sbin/tomcat /usr/share/doc/packages/tomcat /usr/share/doc/packages/tomcat/LICENSE /usr/share/doc/packages/tomcat/NOTICE /usr/share/doc/packages/tomcat/RELEASE-NOTES /usr/share/fillup-templates/sysconfig.tomcat /usr/share/tomcat /usr/share/tomcat/bin/bootstrap.jar /usr/share/tomcat/bin/catalina-tasks.xml /usr/share/tomcat/bin/catalina.sh /usr/share/tomcat/conf /usr/share/tomcat/lib /usr/share/tomcat/logs /usr/share/tomcat/temp /usr/share/tomcat/tomcat-webapps /usr/share/tomcat/webapps /usr/share/tomcat/work /var/cache/tomcat /var/cache/tomcat/Catalina /var/cache/tomcat/temp /var/cache/tomcat/work /var/lib/tomcats /var/log/tomcat /var/log/tomcat/catalina.out
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 13:38:59 2024