- Sat Dec 15 2018 daviddavid <daviddavid> 1:9.0.13-1.mga7
+ Revision: 1341345
- new version: 9.0.13, fixes CVE-2018-11784 - Wed Dec 5 2018 daviddavid <daviddavid> 1:9.0.10-1.mga7
+ Revision: 1338423
- new version: 9.0.10 (sync with fc29)
* CVE-2018-1336 tomcat: A bug in the UTF-8 decoder can lead to DoS
* CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins
* CVE-2018-8034 tomcat: host name verification missing in WebSocket client
* CVE-2018-8037 tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up - Fri Sep 21 2018 umeabot <umeabot> 1:8.0.50-2.mga7
+ Revision: 1291867
- Mageia 7 Mass Rebuild - Sun Feb 25 2018 daviddavid <daviddavid> 1:8.0.50-1.mga7
+ Revision: 1204886
- new version: 8.0.50, fixes CVE-2018-1304 and CVE-2018-1305 (mga#22644) - Thu Feb 1 2018 daviddavid <daviddavid> 1:8.0.49-1.mga7
+ Revision: 1198447
- change "zip -u" to "zip"
- resolves: rhbz#1495241 [tomcat] zip -u in spec file causes race condition
- The tomcat-native binary is no longer copied to bin. See http://svn.apache.org/r1818186
- new version: 8.0.49 - Wed Oct 25 2017 daviddavid <daviddavid> 1:8.0.47-1.mga7
+ Revision: 1173763
- new version: 8.0.47, fixes CVE-2017-12615 and CVE-2017-12617 (mga#21933) - Sun Sep 3 2017 daviddavid <daviddavid> 1:8.0.46-1.mga7
+ Revision: 1150989
- Update to 8.0.46
- Resolves: rhbz#1480620 CVE-2017-7674 tomcat: Cache Poisoning - Sat Jun 24 2017 daviddavid <daviddavid> 1:8.0.44-1.mga6
+ Revision: 1108269
- Update to 8.0.44, fixes CVE-2017-5664 (mga#21131) - Fri Apr 21 2017 neoclust <neoclust> 1:8.0.43-1.mga6
+ Revision: 1096991
- New version 8.0.43 ( Fixes CVE-2017-5647 and CVE-2017-5648 ) - Fri Feb 10 2017 daviddavid <daviddavid> 1:8.0.41-1.mga6
+ Revision: 1085490
- Update to 8.0.41, fixes CVE-2016-8745 (mga#20081)