- Fri Mar 6 2020 daviddavid <daviddavid> 1:9.0.31-1.mga7
+ Revision: 1554313
- new version: 3.0.31, fixes CVE-2019-17569, CVE-2020-1935, CVE-2020-1938 (mga#26305)
- new version: 9.0.30, fixes CVE-2019-12418 and CVE-2019-17563 (mga#25987)
- new version: 9.0.21, fixes CVE-2019-0199 and CVE-2019-0221 (mga#24799) - Sat Dec 15 2018 daviddavid <daviddavid> 1:9.0.13-1.mga7
+ Revision: 1341345
- new version: 9.0.13, fixes CVE-2018-11784 - Wed Dec 5 2018 daviddavid <daviddavid> 1:9.0.10-1.mga7
+ Revision: 1338423
- new version: 9.0.10 (sync with fc29)
* CVE-2018-1336 tomcat: A bug in the UTF-8 decoder can lead to DoS
* CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins
* CVE-2018-8034 tomcat: host name verification missing in WebSocket client
* CVE-2018-8037 tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up - Fri Sep 21 2018 umeabot <umeabot> 1:8.0.50-2.mga7
+ Revision: 1291867
- Mageia 7 Mass Rebuild