Bug 209669

Summary:

[PATCHE] www/tomcat7 and www/tomcat-native upgrade

Product:

Ports & Packages

Reporter:

geoffroy desvernay <dgeo>

Component:

Individual Port(s)

Assignee:

Alex Dupre <ale>

Status:

Closed FIXED

Severity:

Affects Only Me

CC:

junovitch

Priority:

---

Keywords:

security

Version:

Latest

Flags:

bugzilla: maintainer-feedback? (ale)
junovitch: merge-quarterly+

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
www/tomcat7 svn diff	dgeo: maintainer-approval?
www/tomcat-native svn diff	dgeo: maintainer-approval?
svn diff www/tomcat8 to version 8.0.35	dgeo: maintainer-approval?

Description geoffroy desvernay 2016-05-20 16:42:23 UTC

Created attachment 170514 [details]
www/tomcat7 svn diff

Hi, 

These patches are upgrades for:
 * tomcat7 to 7.0.69 - see https://tomcat.apache.org/tomcat-7.0-doc/changelog.html
 * tomcat-native to 1.2.7 - see https://tomcat.apache.org/native-doc/miscellaneous/changelog.html

Both are poudriere build here and in production.

Hope this helps

Comment 1 geoffroy desvernay 2016-05-20 16:43:08 UTC

Created attachment 170515 [details]
www/tomcat-native svn diff

Comment 2 geoffroy desvernay 2016-05-28 10:25:58 UTC

Created attachment 170745 [details]
svn diff www/tomcat8 to version 8.0.35

While I'm there, this one is for tomcat8 (poudriere build and in production too)

Comment 3 commit-hook freebsd_committer

2016-06-23 10:29:25 UTC

A commit references this bug:

Author: ale
Date: Thu Jun 23 10:28:45 UTC 2016
New revision: 417360
URL: https://svnweb.freebsd.org/changeset/ports/417360

Log:
  - Update tomcat-native to 1.2.7 release.
  - Update tomcat7 to 7.0.70 release.
  - Update tomcat8 to 8.0.36 release.

  PR:		209669
  Submitted by:	geoffroy desvernay <dgeo@centrale-marseille.fr>

Changes:
  head/www/tomcat-native/Makefile
  head/www/tomcat-native/distinfo
  head/www/tomcat7/Makefile
  head/www/tomcat7/distinfo
  head/www/tomcat7/pkg-plist
  head/www/tomcat8/Makefile
  head/www/tomcat8/distinfo
  head/www/tomcat8/pkg-plist

Comment 4 commit-hook freebsd_committer

2016-06-26 18:14:13 UTC

A commit references this bug:

Author: junovitch
Date: Sun Jun 26 18:13:40 UTC 2016
New revision: 417596
URL: https://svnweb.freebsd.org/changeset/ports/417596

Log:
  Document remote denial of service via FileUpload component in Tomcat

  PR:		209669 [1]
  Reported by:	Geoffroy Desvernay <dgeo@centrale-marseille.fr> [1]
  Reported by:	Roger Marquis <marquis@roble.com>
  Security:	CVE-2016-3092
  Security:	https://vuxml.FreeBSD.org/freebsd/cbceeb49-3bc7-11e6-8e82-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml

Comment 5 commit-hook freebsd_committer

2016-06-26 18:15:16 UTC

A commit references this bug:

Author: junovitch
Date: Sun Jun 26 18:14:14 UTC 2016
New revision: 417597
URL: https://svnweb.freebsd.org/changeset/ports/417597

Log:
  MFH: r417360

  - Update tomcat-native to 1.2.7 release.
  - Update tomcat7 to 7.0.70 release.
  - Update tomcat8 to 8.0.36 release.

  PR:		209669
  Submitted by:	geoffroy desvernay <dgeo@centrale-marseille.fr>
  Approved by:	ports-secteam (with hat)
  Security:	CVE-2016-3092
  Security:	https://vuxml.FreeBSD.org/freebsd/cbceeb49-3bc7-11e6-8e82-002590263bf5.html

Changes:
_U  branches/2016Q2/
  branches/2016Q2/www/tomcat-native/Makefile
  branches/2016Q2/www/tomcat-native/distinfo
  branches/2016Q2/www/tomcat7/Makefile
  branches/2016Q2/www/tomcat7/distinfo
  branches/2016Q2/www/tomcat7/pkg-plist
  branches/2016Q2/www/tomcat8/Makefile
  branches/2016Q2/www/tomcat8/distinfo
  branches/2016Q2/www/tomcat8/pkg-plist