Bug 209669 - [PATCHE] www/tomcat7 and www/tomcat-native upgrade
Summary: [PATCHE] www/tomcat7 and www/tomcat-native upgrade
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Alex Dupre
URL:
Keywords: security
Depends on:
Blocks:
 
Reported: 2016-05-20 16:42 UTC by geoffroy desvernay
Modified: 2016-06-26 18:19 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (ale)
junovitch: merge-quarterly+


Attachments
www/tomcat7 svn diff (2.27 KB, patch)
2016-05-20 16:42 UTC, geoffroy desvernay
dgeo: maintainer-approval?
Details | Diff
www/tomcat-native svn diff (1.29 KB, patch)
2016-05-20 16:43 UTC, geoffroy desvernay
dgeo: maintainer-approval?
Details | Diff
svn diff www/tomcat8 to version 8.0.35 (1.53 KB, patch)
2016-05-28 10:25 UTC, geoffroy desvernay
dgeo: maintainer-approval?
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description geoffroy desvernay 2016-05-20 16:42:23 UTC
Created attachment 170514 [details]
www/tomcat7 svn diff

Hi, 

These patches are upgrades for:
 * tomcat7 to 7.0.69 - see https://tomcat.apache.org/tomcat-7.0-doc/changelog.html
 * tomcat-native to 1.2.7 - see https://tomcat.apache.org/native-doc/miscellaneous/changelog.html

Both are poudriere build here and in production.

Hope this helps
Comment 1 geoffroy desvernay 2016-05-20 16:43:08 UTC
Created attachment 170515 [details]
www/tomcat-native svn diff
Comment 2 geoffroy desvernay 2016-05-28 10:25:58 UTC
Created attachment 170745 [details]
svn diff www/tomcat8 to version 8.0.35

While I'm there, this one is for tomcat8 (poudriere build and in production too)
Comment 3 commit-hook freebsd_committer 2016-06-23 10:29:25 UTC
A commit references this bug:

Author: ale
Date: Thu Jun 23 10:28:45 UTC 2016
New revision: 417360
URL: https://svnweb.freebsd.org/changeset/ports/417360

Log:
  - Update tomcat-native to 1.2.7 release.
  - Update tomcat7 to 7.0.70 release.
  - Update tomcat8 to 8.0.36 release.

  PR:		209669
  Submitted by:	geoffroy desvernay <dgeo@centrale-marseille.fr>

Changes:
  head/www/tomcat-native/Makefile
  head/www/tomcat-native/distinfo
  head/www/tomcat7/Makefile
  head/www/tomcat7/distinfo
  head/www/tomcat7/pkg-plist
  head/www/tomcat8/Makefile
  head/www/tomcat8/distinfo
  head/www/tomcat8/pkg-plist
Comment 4 commit-hook freebsd_committer 2016-06-26 18:14:13 UTC
A commit references this bug:

Author: junovitch
Date: Sun Jun 26 18:13:40 UTC 2016
New revision: 417596
URL: https://svnweb.freebsd.org/changeset/ports/417596

Log:
  Document remote denial of service via FileUpload component in Tomcat

  PR:		209669 [1]
  Reported by:	Geoffroy Desvernay <dgeo@centrale-marseille.fr> [1]
  Reported by:	Roger Marquis <marquis@roble.com>
  Security:	CVE-2016-3092
  Security:	https://vuxml.FreeBSD.org/freebsd/cbceeb49-3bc7-11e6-8e82-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml
Comment 5 commit-hook freebsd_committer 2016-06-26 18:15:16 UTC
A commit references this bug:

Author: junovitch
Date: Sun Jun 26 18:14:14 UTC 2016
New revision: 417597
URL: https://svnweb.freebsd.org/changeset/ports/417597

Log:
  MFH: r417360

  - Update tomcat-native to 1.2.7 release.
  - Update tomcat7 to 7.0.70 release.
  - Update tomcat8 to 8.0.36 release.

  PR:		209669
  Submitted by:	geoffroy desvernay <dgeo@centrale-marseille.fr>
  Approved by:	ports-secteam (with hat)
  Security:	CVE-2016-3092
  Security:	https://vuxml.FreeBSD.org/freebsd/cbceeb49-3bc7-11e6-8e82-002590263bf5.html

Changes:
_U  branches/2016Q2/
  branches/2016Q2/www/tomcat-native/Makefile
  branches/2016Q2/www/tomcat-native/distinfo
  branches/2016Q2/www/tomcat7/Makefile
  branches/2016Q2/www/tomcat7/distinfo
  branches/2016Q2/www/tomcat7/pkg-plist
  branches/2016Q2/www/tomcat8/Makefile
  branches/2016Q2/www/tomcat8/distinfo
  branches/2016Q2/www/tomcat8/pkg-plist