Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

tomcat6-6.0.33-3.11.1 RPM for noarch

From OpenSuSE 12.1 updates for noarch

Name: tomcat6 Distribution: openSUSE 12.1
Version: 6.0.33 Vendor: openSUSE
Release: 3.11.1 Build date: Mon Jan 7 15:07:24 2013
Group: Productivity/Networking/Web/Servers Build host: build20
Size: 206520 Source RPM: tomcat6-6.0.33-3.11.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://tomcat.apache.org
Summary: Apache Servlet/JSP Engine, RI for Servlet 2.5/JSP 2.1 API
 
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is
intended to be a collaboration of the best-of-breed developers from
around the world.

Provides

Requires

License

Apache-2.0

Changelog

* Wed Jan 02 2013 mvyskocil@suse.com
  - fix bnc#794548 - denial of service (CVE-2012-4534)
    * apache-tomcat-CVE-2012-4534.patch
    fixes apache#53138, apache#52858
    http://svn.apache.org/viewvc?view=rev&rev=1372035
  - fix a minor issue in apache-tomcat-CVE-2012-4431.patch
    use the already initialized session variable instead of
    an another call req.getSesssion()
* Mon Dec 10 2012 mvyskocil@suse.com
  - fix bnc#793394 - bypass of security constraints (CVE-2012-3546)
    * apache-tomcat-CVE-2012-3546.patch
    http://svn.apache.org/viewvc?view=revision&revision=1381035
  - fix bnc#793391 - bypass of CSRF prevention filter (CVE-2012-4431)
    * apache-tomcat-CVE-2012-4431.patch
    http://svn.apache.org/viewvc?view=revision&revision=1394456
* Fri Dec 07 2012 mvyskocil@suse.com
  - document how to protect against slowloris DoS (CVE-2012-5568/bnc#791679)
    in README.SUSE
* Tue Dec 04 2012 mvyskocil@suse.com
  - fixes
    bnc#791423 - cnonce tracking weakness (CVE-2012-5885)
    bnc#791424 - authentication caching weakness (CVE-2012-5886)
    bnc#791426 - stale nonce weakness (CVE-2012-5887)
    * apache-tomcat-CVE-2009-2693-CVE-2009-2901-CVE-2009-2902.patch
    http://svn.apache.org/viewvc?view=revision&revision=1380829
* Fri Nov 23 2012 mvyskocil@suse.com
  - fix bnc#789406 - HTTP NIO connector OOM DoS via a request with
    large headers (CVE-2012-2733)
    * http://svn.apache.org/viewvc?view=revision&revision=1356208
* Mon Feb 06 2012 mvyskocil@suse.cz
  - fix bnc#742477 - iManager throws exception in its basic functionalities
    * http://svn.apache.org/viewvc?view=revision&revision=1206324
    * http://svn.apache.org/viewvc?view=revision&revision=1229027
  - fix bnc#743055 - VUL-1: CVE-2011-3375: tomcat: information disclosure
    due to improper response and request object recycling
* Thu Jan 05 2012 mvyskocil@suse.cz
  - fix bnc#727543 - VUL-0: Apache tomcat vulnerable to hash collision attack
    backport upstream changes:
    * add isConfigProblemFatal method
      http://svn.apache.org/viewvc?view=revision&revision=1199122
    * GET POST parameter processing performance. Adds maximum number of
      parameters per request (defaults to 10000) and new FailedRequestFilter for
      rejecting requests with excessive number of parameters
      http://svn.apache.org/viewvc?view=revision&revision=1200601
  - fix bnc#712784 - tomcat6: add missing Requires on java >= 1.6.0
    * add recommends on java >= 1.6.0 and java-devel >= 1.6.0
* Mon Aug 29 2011 mvyskocil@suse.cz
  - update to latest upstream version 6.0.33 (bugfix release)
  - fix bnc#714620 - tomcat6: use of /var/lock/subsys unsupported
    use /var/run/rctomcat6 instead
* Fri Feb 11 2011 mvyskocil@suse.cz
  - update to latest upstream version 6.0.32 (bugfix release)
  - obsolete CVE-2010-4172 patch
  - fixes bnc#669897 (CVE-2010-3718), bnc#669926 (CVE-2010-4476), bnc#669928
    (CVE-2011-0013) and bnc#669930 (CVE-2011-0534)
* Thu Dec 09 2010 mvyskocil@suse.cz
  - fix bnc#655440#c14 - clean workdir of tomcat's webapps to be sure
    our fixed jsps will be redeployed on each update
* Thu Nov 25 2010 mvyskocil@suse.cz
  - fix bnc#655440 - VUL-0: tomcat6: Apache Tomcat Manager application XSS
    vulnerability (CVE-2010-4172)
    http://svn.apache.org/viewvc?view=revision&revision=1037779
  - fix bnc#653586 - spacewalk 1.2 requires jasper 5.5
    * add offline jasper compiler /usr/bin/jspc
  - unpack tarball to apache-tomcat-$VERSION-src directory directly
* Tue Nov 02 2010 mvyskocil@suse.cz
  - Fix bnc#650130 - Update of tomcat6 not possible (cpio: Is a directory)
    * workaround the rpm bug - it cannot update directory to symlink
    * make /etc/tomcat6/Catalina/ as ghost file
    * create link in %posttrans
* Tue Sep 14 2010 mvyskocil@suse.cz
  - Update to 6.0.29 (bugfix release)
  - fix bnc#625415:  Tomcat6 does not have permissions to its own directories
    * also fix the /etc/tomcat6/Catalina link target
  - revert a setclasspath.sh changes
  - disable user/group verification of tomcat owned files and directories to
    allow easy change of the tomcat user without rpm --verify complaints
* Thu Jul 15 2010 mvyskocil@suse.cz
  - Update to 6.0.28 (bugfix release)
  - fix bnc#565901 - missing catalina.sh again
    * move catalina.sh to CATALINA_HOME/bin
    * add jpackage.org compatible CATALINA_HOME/bin/setclasspath.sh
  - add missing logrotate requires
  - install scripts with mode 0755
* Wed Feb 03 2010 mvyskocil@suse.cz
  - Update to 6.0.24 (bugfix release). This obsoletes patch
    * tomcat6-bug47316.patch
  - Merged with tomcat6-6.0.18-10.jpp6.src.rpm
    * return the jpackage.org license header in spec
    * polish in spec (use more macros)
    * add logrotate support
    * add patch to document webapps in %%{_sysconfdir}/%%{name}/tomcat-users.xml
    * move %%{_bindir}/d%%{name} to %%{_sbindir}/%%{name} and provide symlink to
      %%{_sbindir}/d%%{name}
    * add digest and tool-wrapper scripts
    * explicitly unset CLASSPATH
    * explicitly set OPT_JAR_LIST to include ant/ant-trax
    * build and install sample webapp
    * use copy instead of move to fix short-circuit install build
    * version jsp and servlet Provides with their spec versions
    * make initscript LSB-complaint
    * add el subpackage
* Tue Jan 05 2010 mvyskocil@suse.cz
  - fixed bnc#565901 - missing catalina.sh
    * added catalina.sh (link from dtomcat6) to improve upstream compatibility
* Wed Sep 30 2009 mvyskocil@suse.cz
  - fixed bnc#542634: Tomcat NPE on start
    applied patch from upstream bugzilla
    https://issues.apache.org/bugzilla/show_bug.cgi?id=47316#c3
* Wed Aug 26 2009 mvyskocil@suse.cz
  - fixed bnc#520532: marked all webapp/ROOT/* files as config(noreplace)
  - marked /etc/ant.d/catalina-ant as config(noreplace)
* Mon Jun 15 2009 mvyskocil@suse.cz
  - added a missing -p1 for %patch0
* Wed Jun 03 2009 mvyskocil@suse.cz
  - fixed bnc#488061: work directory clean on tomcat stop
  - update to 6.0.20 - the bugfix release:
    * MemoryUserDatabase is read-only by default
    * Allow huge request body packets for AJP13
    * Never return an empty HTTP status reason phrase
    * Prevent double initialisation of JSPs
    * A node should ignore its own heartbeat messages
    * Prettry error messages (instead of stacktrace) if shutdown port is disabled
* Mon Mar 16 2009 mvyskocil@suse.cz
  - fixed bnc#418664 - Tomcat6 installation has missing bits
    - added /etc/ant.d/catalina-ant
  - another fix for bnc#471639 - tomcat does not start/work
    * merged a sysconfig and tomcat6.conf to allow a dtomcat6 start works
    * also fixs (bnc#471639)
  - fixed bnc#424675 - Access rights to /etc/tomcat6 directory not set right
    * create a link from /etc/tomcat6/Catalina to /var/cache/tomcat6/Catalina
  - removed a CATALINA_OPTS from stop in dtcomcat6 (bao#42951)

Files

/etc/init.d/tomcat6
/etc/logrotate.d/tomcat6
/etc/tomcat6
/etc/tomcat6/Catalina
/etc/tomcat6/catalina.policy
/etc/tomcat6/catalina.properties
/etc/tomcat6/context.xml
/etc/tomcat6/logging.properties
/etc/tomcat6/server.xml
/etc/tomcat6/tomcat-users.xml
/etc/tomcat6/tomcat6.conf
/etc/tomcat6/web.xml
/srv/tomcat6
/srv/tomcat6/webapps
/usr/bin/jspc
/usr/bin/tomcat6-digest
/usr/bin/tomcat6-tool-wrapper
/usr/sbin/dtomcat6
/usr/sbin/rctomcat6
/usr/sbin/tomcat6
/usr/share/doc/packages/tomcat6
/usr/share/doc/packages/tomcat6/LICENSE
/usr/share/doc/packages/tomcat6/NOTICE
/usr/share/doc/packages/tomcat6/README.SUSE
/usr/share/doc/packages/tomcat6/RELEASE-NOTES
/usr/share/doc/packages/tomcat6/RELEASE-PLAN-6.0.txt
/usr/share/tomcat6
/usr/share/tomcat6/bin
/usr/share/tomcat6/bin/bootstrap-6.0.33.jar
/usr/share/tomcat6/bin/bootstrap.jar
/usr/share/tomcat6/bin/catalina-tasks.xml
/usr/share/tomcat6/bin/catalina.sh
/usr/share/tomcat6/bin/jasper.sh
/usr/share/tomcat6/bin/tomcat-juli-6.0.33.jar
/usr/share/tomcat6/bin/tomcat-juli.jar
/usr/share/tomcat6/conf
/usr/share/tomcat6/lib
/usr/share/tomcat6/logs
/usr/share/tomcat6/temp
/usr/share/tomcat6/webapps
/usr/share/tomcat6/work
/var/cache/tomcat6
/var/cache/tomcat6/Catalina
/var/cache/tomcat6/Catalina/localhost
/var/cache/tomcat6/temp
/var/log/tomcat6

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed May 22 02:59:28 2013