Changelog for
tomcat-jsvc-9.0.10-1.fc29.noarch.rpm :
* Tue Jul 31 2018 Coty Sutherland
- 1:9.0.10-1- Update to 9.0.10
* Sat Jul 14 2018 Fedora Release Engineering - 1:9.0.7-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue May 01 2018 Coty Sutherland - 1:9.0.7-1- Update to 9.0.7
* Thu Mar 15 2018 Coty Sutherland - 1:8.5.29-1- Update to 8.5.29- Resolves: rhbz#1548290 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unitended exposure of resources- Resolves: rhbz#1548284 CVE-2018-1305 tomcat: Late application of security constraints can lead to resource exposure for unauthorised users
* Fri Feb 09 2018 Igor Gnatenko - 1:8.0.49-2- Escape macros in %changelog
* Thu Feb 01 2018 Coty Sutherland - 1:8.0.49-1- Update to 8.0.49
* Tue Dec 12 2017 Merlin Mathesius - 1:8.0.47-3- Cleanup spec file conditionals
* Tue Oct 24 2017 Troy Dawson - 1:8.0.47-2- Change \"zip -u\" to \"zip\"- Resolves: rhbz#1495241 [tomcat] zip -u in spec file causes race condition
* Wed Oct 04 2017 Coty Sutherland - 1:8.0.47-1- Update to 8.0.47- Resolves: rhbz#1497682 CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615
* Mon Aug 21 2017 Coty Sutherland - 1:8.0.46-1- Update to 8.0.46- Resolves: rhbz#1480620 CVE-2017-7674 tomcat: Cache Poisoning
* Thu Jul 27 2017 Fedora Release Engineering - 1:8.0.44-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Jun 09 2017 Coty Sutherland - 1:8.0.44-1- Resolves: rhbz#1459160 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism
* Tue Apr 11 2017 Coty Sutherland - 1:8.0.43-1- Update to 8.0.43
* Fri Mar 31 2017 Coty Sutherland - 1:8.0.42-1- Update to 8.0.42
* Thu Feb 16 2017 Coty Sutherland - 1:8.0.41-1- Update to 8.0.41- Resolves: rhbz#1403825 CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing
* Sat Feb 11 2017 Fedora Release Engineering - 1:8.0.39-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Nov 29 2016 Coty Sutherland - 1:8.0.39-1- Update to 8.0.39- Resolves: rhbz#1397493 CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 tomcat: various flaws
* Tue Oct 25 2016 Coty Sutherland - 1:8.0.38-1- Update to 8.0.38
* Sun Oct 23 2016 Coty Sutherland - 1:8.0.37-3- Resolves: rhbz#1383216 CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation- Resolves: rhbz#1382310 CVE-2016-5425 tomcat: Local privilege escalation via systemd-tmpfiles service
* Tue Sep 13 2016 Coty Sutherland - 1:8.0.37-1- Rebase to 8.0.37- Resolves: rhbz#1375581 CVE-2016-5388 CGI sets environmental variable based on user supplied Proxy request header- Resolves: rhbz#1370262 catalina.out is no longer in use in the main package, but still gets rotated
* Thu Aug 11 2016 Coty Sutherland - 1:8.0.36-2- Related: rhbz#1349469 Correct typo in changelog entry
* Mon Aug 08 2016 Coty Sutherland - 1:8.0.36-1- Resolves: rhbz#1349469 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service (updates to 8.0.36)- Resolves: rhbz#1364056 The command tomcat-digest doesn\'t work- Resolves: rhbz#1363884 The tomcat-tool-wrapper script is broken- Resolves: rhbz#1347864 The systemd service unit does not allow tomcat to shut down gracefully- Resolves: rhbz#1347835 The security manager doesn\'t work correctly (JSPs cannot be compiled)- Resolves: rhbz#1341853 rpm -V tomcat fails on /var/log/tomcat/catalina.out- Resolves: rhbz#1341850 tomcat-jsvc.service has TOMCAT_USER value hard-coded- Resolves: rhbz#1359737 Missing maven depmap for the following artifacts: org.apache.tomcat:tomcat-websocket, org.apache.tomcat:tomcat-websocket-api- Resolves: asfbz#59960 Building javadocs with java8 fails