| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: tomcat-embed | Distribution: SUSE Linux Enterprise 15 |
| Version: 9.0.43 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: 150200.38.1 | Build date: Fri Apr 7 11:14:56 2023 |
| Group: Productivity/Networking/Web/Servers | Build host: sheep07 |
| Size: 4573324 | Source RPM: tomcat-9.0.43-150200.38.1.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://tomcat.apache.org | |
| Summary: Libraries for Embedding Apache Tomcat | |
Embeddeding support (various libraries) for Apache Tomcat.
Apache-2.0
* Fri Apr 07 2023 michele.bussolotto@suse.com
- Fixed CVEs:
* CVE-2022-45143: JsonErrorReportValve: add escape for type, message or description (bsc#1206840)
- Added patches:
* tomcat-9.0.43-CVE-2022-45143.patch
* Thu Mar 23 2023 michele.bussolotto@suse.com
- Fixed CVEs:
* CVE-2023-28708: tomcat: not including the secure attribute
causes information disclosure (bsc#1209622)
- Added patches:
* tomcat-9.0.43-CVE-2023-28708.patch
* Tue Feb 28 2023 michele.bussolotto@suse.com
- Fixed CVEs:
* CVE-2023-24998: tomcat,tomcat6: FileUpload DoS with excessive parts (bsc#1208513)
- Added patches:
* tomcat-9.0.43-CVE-2023-24998.patch
* Fri Dec 23 2022 michele.bussolotto@suse.com
- set logrotate for localhost.log, manager.log, host-manager.log and localhost_access_log.txt
- use logrotate for catalina.out
* update tomcat-serverxml-tool and spec to configure server.xml
- Added patch:
* tomcat-9.0-logrotate_everything.patch
* tomcat-serverxml-tool.tar.gz
- Removed:
* tomcat-serverxml-tool-1.0.tar.gz
* Tue Nov 29 2022 michele.bussolotto@suse.com
- Use catalina.out for logging (bsc#1205647)
- Added patches:
* tomcat-9.0-fix_catalina.patch
* Mon Nov 21 2022 michele.bussolotto@suse.com
- Fixed CVEs:
* CVE-2022-42252: reject invalid content-length requests. (bsc#1204918)
- Added patches:
* tomcat-9.0.43-CVE-2022-42252.patch
* Thu Oct 20 2022 michele.bussolotto@suse.com
- Fixed CVEs:
* CVE-2021-43980: Improve the recycling of Processor objects to make it more robust. (bsc#1203868)
- Added patches:
* tomcat-9.0.43-CVE-2021-43980.patch
* Wed Jul 13 2022 fstrba@suse.com
- Do not hardcode /usr/libexec but use %%_libexecdir during the
build
* Fixes for platforms, where /usr/libexec and %%_libexecdir are
different
* Thu Jul 07 2022 fstrba@suse.com
- Fix bsc#1201081 by building with release=8 all files that can be
built this way. The one file remaining, build it with source=8 and
target=8
- Modified patch:
* tomcat-9.0.43-java8compat.patch
+ Do not cast ByteBuffer to Buffer to call the Java 8 compatible
methods. Build with release=8 instead
* Thu Apr 07 2022 michele.bussolotto@suse.com
- Security hardening. Deprecate getResources() and always return null. (bsc#1198136)
- Added patch: tomcat-9.0-hardening_getResources.patch
* Wed Feb 23 2022 fstrba@suse.com
- Remove dependency on log4j/reload4j completely (bsc#1196137)
* Tue Feb 22 2022 fstrba@suse.com
- Do not build against the log4j12 packages, use the new reload4j
* Fri Jan 28 2022 michele.bussolotto@suse.com
- Fixed CVEs:
* CVE-2022-23181: Make calculation of session storage location more robust (bsc#1195255)
- Added patches:
* tomcat-9.0-CVE-2022-23181.patch
* Mon Jan 10 2022 olaf@aepfle.de
- remove instance units from post scripts, they can not be reloaded
* Fri Dec 10 2021 michele.bussolotto@suse.com
- Fix NPE in JNDIRealm, when userRoleAttribute is not set (bsc#1193569)
- Added patch:
* tomcat-9.0-NPE-JNDIRealm.patch
* Wed Nov 10 2021 fstrba@suse.com
- Modified patch:
* tomcat-9.0-osgi-build.patch
+ account for biz.aQute.bnd.ant artifact in aqute-bnd >= 5.2.0
* Fri Oct 29 2021 michele.bussolotto@suse.com
- Fixed CVEs:
* CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279)
* CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278)
- Added patches:
* tomcat-9.0-CVE-2021-30640.patch
* tomcat-9.0-CVE-2021-33037.patch
* Thu Oct 28 2021 michele.bussolotto@suse.com
- Fixed CVEs:
* CVE-2021-41079: Validate incoming TLS packet (bsc#1190558)
- Added patches:
* tomcat-9.0-CVE-2021-41079.patch
* Mon Oct 18 2021 wittemar@googlemail.com
- Update to Tomcat 9.0.43. See changelog at
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.43_(markt)
- Removed Patches because fixed upstream now:
* tomcat-9.0-CVE-2021-25122.patch
* tomcat-9.0-CVE-2021-25329.patch
- Rebased patch:
tomcat-9.0.39-java8compat.patch -> tomcat-9.0.43-java8compat.patch
* Mon Oct 18 2021 wittemar@googlemail.com
- Update to Tomcat 9.0.41. See changelog at
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.41_(markt)
* Mon Oct 18 2021 wittemar@googlemail.com
- Update to Tomcat 9.0.40. See changelog at
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.40_(markt)
- Removed Patches because fixed upstream now:
* tomcat-9.0-CVE-2020-17527.patch
* tomcat-9.0-CVE-2021-24122.patch
* Mon Mar 22 2021 amehmood@suse.com
- Fixed CVEs:
* CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912)
* CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909)
- Added patches:
* tomcat-9.0-CVE-2021-25122.patch
* tomcat-9.0-CVE-2021-25329.patch
* Wed Mar 17 2021 amehmood@suse.com
- Log if file access is blocked due to symlinks: CVE-2021-24122 (bsc#1180947)
- Added patch:
* tomcat-9.0-CVE-2021-24122.patch
* Mon Mar 15 2021 wittemar@googlemail.com
- Update to Tomcat 9.0.39. See changelog at
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.39_(markt)
- Rebased patches:
* tomcat-9.0.38-java8compat.patch -> tomcat-9.0.39-java8compat.patch
* Mon Mar 15 2021 wittemar@googlemail.com
- Update to Tomcat 9.0.38. See changelog at
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.38_(markt)
- Rebased patches:
* tomcat-9.0.37-java8compat.patch -> tomcat-9.0.38-java8compat.patch
- Removed tomcat-9.0-CVE-2020-13943.patch because that fix is upstream now
* Mon Feb 22 2021 wittemar@googlemail.com
- Update to Tomcat 9.0.37. See changelog at
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.37_(markt)
- Fixed CVEs:
* CVE-2020-13934 (bsc#1174121)
* CVE-2020-13935 (bsc#1174117)
- Rebased patches:
* tomcat-9.0-osgi-build.patch
* tomcat-9.0.31-java8compat.patch -> tomcat-9.0.37-java8compat.patch
* Wed Dec 16 2020 amehmood@suse.com
- Fix HTTP/2 request header mix-up: CVE-2020-17527 (bsc#1179602)
- Added patch:
* tomcat-9.0-CVE-2020-17527.patch
* Tue Nov 03 2020 malbu@suse.com
- Add source url for tomcat-serverxml-tool
- Fix typo in tomcat-webapps %postun that caused /examples
context to remain in server.xml when package was removed
- Remove tomcat-9.0.init and /usr/lib/tmpfiles.d/tomcat.conf from
package. They're not used anymore becuse of systemd (bsc#1178396)
* Fri Oct 30 2020 malbu@suse.com
- Fix tomcat-servlet-4_0-api package alternatives to use
/usr/share/java/servlet.jar instead of /usr/share/java/tomcat-servlet.jar.
Keep /usr/share/java/tomcat-servlet.jar symlink for compatibility.
(bsc#1092163)
- Change default file ownership in tomcat-webapps from
tomcat:tomcat to root:tomcat
* Tue Oct 13 2020 malbu@suse.com
- Fix CVE-2020-13943 (bsc#1177582)
- Added patch:
* tomcat-9.0-CVE-2020-13943.patch
- Change /usr/lib/tomcat to /usr/libexec/tomcat in startup
scripts (bsc#1177601)
* Tue Oct 13 2020 jengelh@inai.de
- Replace old specfile constructs. Remove support for SUSE 11.x.
- Drop %systemd_requires, which is considered a no-op.
- Trim redundant license mention from description.
- Make documentation noarch.
- Do not suppress errors from useradd.
* Wed Aug 26 2020 fstrba@suse.com
- Avoid hardcoding /usr/lib as libexecdir
* Wed Jul 29 2020 malbu@suse.com
- Don't give write permissions for the tomcat group on files and
directories where it's not needed (bsc#1172562)
- Change tomcat.pid location from /var/run to /run (bsc#1173103)
- Use the /sbin/nologin shell when creating the tomcat user
- Use %tmpfiles_create macro in %post instead of calling
systemd-tmpfiles directly
* Fri Jun 26 2020 fstrba@suse.com
- Update to Tomcat 9.0.36. See changelog at
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.36_(markt)
- Fixed CVEs:
CVE-2020-11996 (bsc#1173389)
* Tue May 26 2020 malbu@suse.com
- Update to Tomcat 9.0.35. See changelog at
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.35_(markt)
- Fixed CVEs:
- CVE-2020-9484 (bsc#1171928)
- Rebased patches:
* tomcat-9.0-javadoc.patch
* tomcat-9.0-osgi-build.patch
* tomcat-9.0.31-java8compat.patch
* Fri Apr 10 2020 javier@opensuse.org
- Update to Tomcat 9.0.34. See changelog at
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.34_(markt)
- Notable changes:
* Add support for default values when using ${...} property
replacement in configuration files. Based on a pull request
provided by Bernd Bohmann.
* When configuring an HTTP Connector, warn if the encoding
specified for URIEncoding is not a superset of US-ASCII as
required by RFC 7230.
* Replace the system property
org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH with
the Connector attribute encodedSolidusHandling that adds an
additional option to pass the %2f sequence through to the
application without decoding it in addition to rejecting such
sequences and decoding such sequences.
* Mon Mar 30 2020 malbu@suse.com
- Update to Tomcat 9.0.33. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.33_(markt)
- Notable fix: corrected a regression in the improvements to HTTP
header parsing (bsc#1167438)
- Rebased patches:
* tomcat-9.0-javadoc.patch
* tomcat-9.0-osgi-build.patch
* tomcat-9.0.31-java8compat.patch
* Fri Feb 28 2020 malbu@suse.com
- Change default value of AJP connector secretRequired to false
- Added patch:
* tomcat-9.0.31-secretRequired-default.patch
* Tue Feb 25 2020 fstrba@suse.com
- Update to Tomcat 9.0.31. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt)
- Fixed CVEs:
* CVE-2019-17569 (bsc#1164825)
* CVE-2020-1935 (bsc#1164860)
* CVE-2020-1938 (bsc#1164692)
- Modified patch
* tomcat-9.0.30-java8compat.patch
- > tomcat-9.0.31-java8compat.patch
+ Adapt to changed context
* Wed Jan 29 2020 malbu@suse.com
- Modified patch:
* tomcat-9.0.30-java8compat.patch
+ add missing casts (bsc#1162081)
* Mon Jan 20 2020 fstrba@suse.com
- Change back the build to build with any Java >= 1.8
- Added patch:
* tomcat-9.0.30-java8compat.patch
+ Cast java.nio.ByteBuffer and java.nio.CharBuffer to
java.nio.Buffer in order to avoid calling Java 9+ APIs
(functions with co-variant return types)
- Renamed patch:
* tomcat-9.0-disable-osgi-build.patch
- > tomcat-9.0-osgi-build.patch
+ Do not disable, but fix OSGi build since we have now
aqute-bnd
* Fri Jan 17 2020 malbu@suse.com
- Change build to always use Java 1.8 (bsc#1161025).
* Fri Dec 27 2019 malbu@suse.com
- Update to Tomcat 9.0.30. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt)
- Fixed CVEs:
- CVE-2019-0221 (bsc#1136085)
- CVE-2019-10072 (bsc#1139924)
- CVE-2019-12418 (bsc#1159723)
- CVE-2019-17563 (bsc#1159729)
- Removed patch:
* tomcat-9.0-JDTCompiler-java.patch
+ It was not applied
* Mon Nov 18 2019 fstrba@suse.com
- Update to Tomcat 9.0.27. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.27_(markt)
- Uset aqute-bnd to generate OSGi manifest, since we have that
package now in openSUSE:Factory
- Removed patch:
* tomcat-9.0-disable-osgi-build.patch
+ not needed
* Fri Nov 15 2019 fstrba@suse.com
- Add maven pom files for tomcat-jni and tomcat-jaspic-api
* Fri Oct 04 2019 fstrba@suse.com
- Distribute the pom file also for tomcat-util-scan artifact
* Tue Oct 01 2019 fstrba@suse.com
- Build against compatibility log4j12 package
* Wed Sep 25 2019 fstrba@suse.com
- Adapt to the new ecj directory layout
* Wed Jun 12 2019 dimstar@opensuse.org
- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
shortcut the build queues by allowing usage of systemd-mini
* Mon May 20 2019 malbu@suse.com
- Update to Tomcat 9.0.20. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.20_(markt)
- increase maximum number of threads and open files for tomcat (bsc#1111966)
* Mon Apr 22 2019 malbu@suse.com
- Update to Tomcat 9.0.19. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.19_(markt)
Notable packaging changes:
- File /usr/share/java/tomcat/catalina-jmx-remote.jar was removed.
The classes contained in this jar were merged into
/usr/share/java/tomcat/catalina.jar.
- Fixed CVEs:
- CVE-2019-0199 (bsc#1131055)
- Rebased patch:
- tomcat-9.0-JDTCompiler-java.patch
- tomcat-9.0-javadoc.patch
* Mon Apr 15 2019 fstrba@suse.com
- Build classpath directly with the geronimo jars instead of with
symlinks to them
* Tue Feb 19 2019 malbu@suse.com
- Don't overwrite changes made to server.xml contexts when updating
bundled webapps.
* Mon Feb 18 2019 malbu@suse.com
- Set javac target to 1.8 when building docs samples and serverxmltool
* Tue Feb 05 2019 malbu@suse.com
- Move webapps bundled with Tomcat to /usr/share/tomcat/tomcat-webapps
(bsc#1092341). Affected packages:
- tomcat-webapps
- tomcat-admin-webapps
- tomcat-docs-webapp
- Remove %doc directive from tomcat-docs-webapps files section so that
zypper installs files even if rpm.install.excludedocs is set to yes.
* Mon Feb 04 2019 malbu@suse.com
- Require Java 1.8 or later (bsc#1123407)
* Sat Jan 26 2019 fstrba@suse.com
- Clean up OSGi manifest injection
- Put embed maven metadata into embed subpackage
- Use the .mfiles* lists generated by %%add_maven_depmap macro
* Wed Jan 16 2019 malbu@suse.com
- Fix tomcat-tool-wrapper classpath error (bsc#1120745)
* Fri Jan 11 2019 malbu@suse.com
- Fix tomcat-digest classpath error (bsc#1120745)
* Sat Dec 29 2018 ecsos@opensuse.org
- Update to Tomcat 9.0.14. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.14_(markt)
* Wed Dec 05 2018 fstrba@suse.com
- Add pom files for tomcat-jdbc and tomcat-dbcp
- Add org.eclipse.jetty.orbit* aliases to correspondant artifacts
* Fri Nov 09 2018 sean@suspend.net
- Update to Tomcat 9.0.13. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.13_(markt)
* Thu Oct 18 2018 malbu@suse.com
- Update to Tomcat 9.0.12. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt)
- Fixed CVEs:
- CVE-2018-11784 (bsc#1110850)
- Rebased patches:
- tomcat-9.0-disable-osgi-build.patch
- tomcat-9.0-javadoc.patch
- tomcat-9.0-sle.catalina.policy.patch
- tomcat-9.0-tomcat-users-webapp.patch
* Tue Sep 11 2018 ecsos@opensuse.org
- Declare following files to config(noreplace) to prevent override
access rights:
- host-manager/META-INF/context.xml
- manager/META-INF/context.xml
* Sun Aug 26 2018 malbu@suse.com
- Empty tomcat-9.0.sysconfig to avoid overwriting of customer's
configuration during update (bsc#1067720)
* Thu Aug 16 2018 malbu@suse.com
- Update to Tomcat 9.0.10. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.10_(markt)
- Fixed CVEs:
- CVE-2018-1336 (bsc#1102400)
- CVE-2018-8014 (bsc#1093697)
- CVE-2018-8034 (bsc#1102379)
- CVE-2018-8037 (bsc#1102410)
- Rebased patch tomcat-9.0-JDTCompiler-java.patch
- Added patch tomcat-9.0-disable-osgi-build.patch to disable adding
OSGi metadata to JAR files
* Fri Feb 16 2018 malbu@suse.de
- Update to Tomcat 9.0.5. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.5_(markt)
* Wed Jan 17 2018 fstrba@suse.com
- Modified patch:
* tomcat-9.0-javadoc.patch
+ Don't append to javadoc --add-modules since we are building
with source=8
+ Avoid accessing Internet URLs from build environment
* Fri Dec 01 2017 malbu@suse.com
- Update to Tomcat 9.0.2:
* Major update for tomcat8 from tomcat9
* For full changelog please read upstream changes at:
+ http://tomcat.apache.org/tomcat-9.0-doc/changelog.html
* Rename all tomcat-8.0-* files to tomcat-9.0-*
- Changed patches:
* Deleted: tomcat-8.0-bootstrap-MANIFEST.MF.patch
* Deleted: tomcat-8.0-sle.catalina.policy.patch
* Deleted: tomcat-8.0-tomcat-users-webapp.patch
* Deleted: tomcat-8.0.33-JDTCompiler-java.patch
* Deleted: tomcat-8.0.44-javadoc.patch
* Deleted: tomcat-8.0.9-property-build.windows.patch
* Added: tomcat-9.0-JDTCompiler-java.patch
* Added: tomcat-9.0-bootstrap-MANIFEST.MF.patch
* Added: tomcat-9.0-javadoc.patch
* Added: tomcat-9.0-sle.catalina.policy.patch
* Added: tomcat-9.0-tomcat-users-webapp.patch
- Renamed subpackage tomcat-3_1-api to tomcat-4_0-api
to reflect the new Servlet API version.
- Commented out JAVA_HOME in /etc/tomcat/tomcat.conf
- Added "tomcat-" prefix to lib symlinks under
/usr/share/java to avoid file conflicts with servletapi5
and geronimo-specs
- Fixed wrong %ghost file paths for alternatives symlinks
* Thu Nov 23 2017 rbrown@suse.com
- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)
* Mon Oct 23 2017 malbu@suse.com
- Build with JDK 8 to fix runtime errors when running with JDK 7
and 8
- Fix tomcat-digest classpath error (bsc#977410)
- Fix packaged /etc/alternatives symlinks for api libs that caused
rpm -V to report link mismatch (bsc#1019016)
* Mon Oct 23 2017 ecsos@opensuse.org
- update to 8.0.47
http://tomcat.apache.org/tomcat-8.0-doc/changelog.html
* Fixed CVE:
- CVE-2017-12617
- rebase tomcat-8.0-sle.catalina.policy.patch
* Tue Sep 19 2017 fstrba@suse.com
- Added patch:
* tomcat-8.0.44-javadoc.patch
- generate documentation with the same source level as class
files
- fixes build with jdk9
* Fri Jun 09 2017 ecsos@opensuse.org
- Version update to 8.0.44:
http://tomcat.apache.org/tomcat-8.0-doc/changelog.html
* Fixed CVE:
- CVE-2017-5664 (bsc#1042910)
* Fri May 19 2017 dziolkowski@suse.com
- New build dependency: javapackages-local
* Tue May 09 2017 malbu@suse.com
- Version update to 8.0.43:
* Another bugfix release, for full details see:
http://tomcat.apache.org/tomcat-8.0-doc/changelog.html
* Fixed CVEs:
- CVE-2017-5647 (bnc#1033448)
- CVE-2017-5648 (bnc#1033447)
- CVE-2016-8745
- Renamed and rebased patches:
* tomcat-7.0-sle.catalina.policy.patch -> tomcat-8.0-sle.catalina.policy.patch
- Enable optional setenv.sh script. See section
"(3.4) Using the "setenv" script (optional, recommended)" in
http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt
(bnc#1002662)
- Fix file conflicts when upgrading from SLES 12 to SLES 12 SP1 (bnc#1023412).
Added explicit obsoletes for tomcat-el-2_2-api, tomcat-jsp-2_2-api,
tomcat-servlet-3_0-api
* Wed Dec 21 2016 astieger@suse.com
- update to 8.0.39: (boo#1003911)
* Improve handling of I/O errors with async processing
* Fail earlier on invalid HTTP request
- includes changes from 8.0.38:
* Refactoring the non-container thread Async complete()/dispatch()
handling to remove the possibility of deadlock
* Improved UTF-8 handling for the RewriteValve
- includes changes from 8.0.37:
* Treat paths used to obtain a request dispatcher as encoded
(configurable)
* Various jdbc-pool fixes
- drop tomcat-8.0.36-jar-scanner-loop.patch, upstream
* Thu Sep 29 2016 tchvatal@suse.com
- Switch to commons-dbcp2 fate#321029
* Fri Sep 02 2016 malbu@suse.com
- Backport fix for inifinite loop in the jar scanner for 8.0.36. (bnc#993862)
Added: tomcat-8.0.36-jar-scanner-loop.patch
* Wed Jul 06 2016 malbu@suse.com
- Version update to 8.0.36:
* Another bugfix release for the 8.0 series. Full details:
http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.36_(markt)
- CVE fixed by the version update:
- CVE-2016-3092 (bnc#986359)
- Fixed a deployment error in the examples webapp by changing the context.xml format to the new one
introduced by Tomcat 8. See http://tomcat.apache.org/migration-8.html#Web_application_resources
* Mon May 02 2016 dmacvicar@suse.de
- fix maven fragments paths to build in multiple distribution
versions
* Thu Apr 21 2016 jcnengel@gmail.com
- Version update to 8.0.33:
* Another bugfix release for 8.0 series, full details:
http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.33_(markt)
- Rebase tomcat-8.0-tomcat-users-webapp.patch
- Rebase tomcat-7.0.53-JDTCompiler-java.patch
to tomcat-8.0.33-JDTCompiler-java.patch
* Thu Apr 07 2016 tchvatal@suse.com
- Fix fixme for the prereq preamble value
- It seems systemd prints error on adding the @ services to macros
so do not do that
* Thu Mar 31 2016 dmacvicar@suse.de
- package was partly merged with the scripts used in the
Fedora distribution
- support running multiple tomcat instances on the same server
(fate#317783)
- add catalina-jmx-remote.jar (fate#318403)
- remove sysvinit support: systemd is required
* Mon Feb 29 2016 dmacvicar@suse.de
- update changes file for CVE information
- Fixed CVEs:
- CVE-2015-5346 (bnc#967814) in 8.0.32
- CVE-2015-5351 (bnc#967812) in 8.0.32
- CVE-2016-0706 (bnc#967815) in 8.0.32
- CVE-2016-0714 (bnc#967964) in 8.0.32
- CVE-2016-0763 (bnc#967966) in 8.0.32
- CVE-2015-5345 (bnc#967965) in 8.0.30
- CVE-2015-5174 (bnc#967967) in 8.0.27
* Wed Feb 17 2016 tchvatal@suse.com
- Version update to 8.0.32:
* Another bugfix release for 8.0 series, full details:
http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.32_(markt)
- Rebase patch:
* tomcat-8.0.9-property-build.windows.patch
* Tue Nov 10 2015 dmacvicar@suse.de
- update to Tomcat 8.0.28
* Multiple fixes, read upstream changelog at:
https://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.28_(markt)
* Mon Jun 01 2015 tchvatal@suse.com
- Some whitespace cleanups
* Mon Jun 01 2015 tchvatal@suse.com
- Remove pointless conflicts on provide/obsolete symbols
* Mon Jun 01 2015 tchvatal@suse.com
- Version bump to 8.0.23 fate#318913:
* Multiple testfixes all around, read upstream changelog at:
http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.23_(markt)
* Tue Mar 24 2015 tchvatal@suse.com
- Fix previous commit. Fix one rpmlint warning
* Wed Mar 18 2015 tchvatal@suse.com
- Drop gpg verification from spec, it is done by obs
* Wed Mar 18 2015 tchvatal@suse.com
- Fix build with new jpackage-tools
* Tue Feb 10 2015 wittemar@googlemail.com
- update to Tomcat 8.0.18:
* Major update for tomcat8 from tomcat7
* For full changelog please read upstream changes at:
+ http://tomcat.apache.org/tomcat-8.0-doc/changelog.html
* Rename all tomcat-7.0-* files to tomcat-8.0-*
* Update keyring file
- Update windows patch to apply again:
* Deleted: tomcat-7.0.52-property-build.windows.patch
* Added: tomcat-8.0.9-property-build.windows.patch
* Added:tomcat-8.0-tomcat-users-webapp.patch
* Deleted: tomcat-7.0-tomcat-users-webapp.patch
* Added: tomcat-8.0-bootstrap-MANIFEST.MF.patch
* Deleted: tomcat-7.0-bootstrap-MANIFEST.MF.patch
* Tue Feb 03 2015 bmaryniuk@suse.com
- Version 1.1.30 or higher is required for APR listener (bnc#914725)
/usr/share/java/tomcat /usr/share/java/tomcat/tomcat-embed-core.jar /usr/share/java/tomcat/tomcat-embed-el.jar /usr/share/java/tomcat/tomcat-embed-jasper.jar /usr/share/java/tomcat/tomcat-embed-websocket.jar /usr/share/maven-metadata/tomcat-embed.xml /usr/share/maven-poms/JPP.tomcat-tomcat-embed-core.pom /usr/share/maven-poms/JPP.tomcat-tomcat-embed-el.pom /usr/share/maven-poms/JPP.tomcat-tomcat-embed-jasper.pom /usr/share/maven-poms/JPP.tomcat-tomcat-embed-websocket.pom
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Aug 9 14:49:38 2025