- Sun Feb 25 2018 daviddavid <daviddavid> 1:8.0.50-1.mga6
+ Revision: 1204887
- new version: 8.0.50, fixes CVE-2018-1304 and CVE-2018-1305 (mga#22644)
- new version: 8.0.49 fixes CVE-2017-15706 (mga#22503)
- new version: 8.0.47, fixes CVE-2017-12615 and CVE-2017-12617 (mga#21933)
- Update to 8.0.46, fixes CVE-2017-7674 (mga#21714) - Sat Jun 24 2017 daviddavid <daviddavid> 1:8.0.44-1.mga6
+ Revision: 1108269
- Update to 8.0.44, fixes CVE-2017-5664 (mga#21131) - Fri Apr 21 2017 neoclust <neoclust> 1:8.0.43-1.mga6
+ Revision: 1096991
- New version 8.0.43 ( Fixes CVE-2017-5647 and CVE-2017-5648 ) - Fri Feb 10 2017 daviddavid <daviddavid> 1:8.0.41-1.mga6
+ Revision: 1085490
- Update to 8.0.41, fixes CVE-2016-8745 (mga#20081) - Thu Dec 1 2016 daviddavid <daviddavid> 1:8.0.39-1.mga6
+ Revision: 1071447
- Update to 8.0.39, fixes CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 (mga#19828) - Tue Oct 25 2016 daviddavid <daviddavid> 1:8.0.38-1.mga6
+ Revision: 1063493
- Update to 8.0.38 - Mon Oct 24 2016 daviddavid <daviddavid> 1:8.0.37-2.mga6
+ Revision: 1063410
- Resolves: CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation (mga#19560)
- Resolves: CVE-2016-5425 tomcat: Local privilege escalation via systemd-tmpfiles service (mga#19560)
- move logrotate.d and catalina.out files to -jsvc subpackage (like fedora) - Fri Sep 9 2016 daviddavid <daviddavid> 1:8.0.37-1.mga6
+ Revision: 1051080
- new version: 8.0.37 fixes CVE-2016-5388 (mga#19306)
- remove merged upstream asfbz-59960 patch - Fri Aug 12 2016 daviddavid <daviddavid> 1:8.0.36-1.mga6
+ Revision: 1046047
- new version: 8.0.36 (sync with fc24)
* Resolves: rhbz#1349469 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service (updates to 8.0.36)
* Resolves: rhbz#1364056 The command tomcat-digest doesn't work
* Resolves: rhbz#1363884 The tomcat-tool-wrapper script is broken
* Resolves: rhbz#1347864 The systemd service unit does not allow tomcat to shut down gracefully
* Resolves: rhbz#1347835 The security manager doesn't work correctly (JSPs cannot be compiled)
* Resolves: rhbz#1341853 rpm -V tomcat fails on /var/log/tomcat/catalina.out
* Resolves: rhbz#1341850 tomcat-jsvc.service has TOMCAT_USER value hard-coded
* Resolves: rhbz#1359737 Missing maven depmap for the following artifacts: org.apache.tomcat:tomcat-websocket, org.apache.tomcat:tomcat-websocket-api
* Resolves: asfbz#59960 Building javadocs with java8 fails
- remove merged upstream patch - Sat Jul 2 2016 daviddavid <daviddavid> 1:8.0.32-2.mga6
+ Revision: 1038313
- add and rediff patch from debian to fix CVE-2016-3092 (mga#18803)
- sync some changes with fc24
+ neoclust
- Second rebuild of the java stack - Wed Feb 24 2016 daviddavid <daviddavid> 1:8.0.32-1.mga6
+ Revision: 978689
- update to 8.0.32 (sync package tomcat with fedora 24):
* Fix symlinks from $CATALINA_HOME/lib perspective, resolves: rhbz#1308685
* Remove log4j support. It has never been working actually. See rhbz#1236297
* Move shipped config to /etc/sysconfig/tomcat. /etc/tomcat/tomcat.conf can now
be used to override it with shell expansion, resolves rhbz#1293636
* Recommend tomcat-native, resolves: rhbz#1243132
* Resolves: rhbz#1286800 Failed to start component due to wrong
allowLinking="true" in context.xml
* Program /bin/nologin does not exist (#1302718) - Wed Feb 24 2016 neoclust <neoclust> 1:8.0.26-3.mga6
+ Revision: 978602
- First rebuild of the java stack
- sync package tomcat with fedora
+ umeabot
- Mageia 6 Mass Rebuild