[pkg-java] r13170 - in trunk/tomcat6/debian: . patches
Tony Mancill
tmancill at alioth.debian.org
Fri Dec 10 06:53:13 UTC 2010
Author: tmancill
Date: 2010-12-10 06:53:06 +0000 (Fri, 10 Dec 2010)
New Revision: 13170
Modified:
trunk/tomcat6/debian/changelog
trunk/tomcat6/debian/patches/0011-CVE-2010-4172.patch
Log:
reduce whitespace changes in CVE-2010-4172 patch
Modified: trunk/tomcat6/debian/changelog
===================================================================
--- trunk/tomcat6/debian/changelog 2010-12-10 06:08:40 UTC (rev 13169)
+++ trunk/tomcat6/debian/changelog 2010-12-10 06:53:06 UTC (rev 13170)
@@ -1,11 +1,11 @@
-tomcat6 (6.0.28-9) UNRELEASED; urgency=medium
+tomcat6 (6.0.28-9) unstable; urgency=medium
* Team upload.
* Update URL for manager application in README.Debian
Thanks to Ernesto Ongaro (Closes: #606170)
* Add patch for CVE-2010-4172. (Closes: #606388)
- -- tony mancill <tmancill at debian.org> Wed, 08 Dec 2010 21:10:07 -0800
+ -- tony mancill <tmancill at debian.org> Thu, 09 Dec 2010 22:52:08 -0800
tomcat6 (6.0.28-8) unstable; urgency=low
Modified: trunk/tomcat6/debian/patches/0011-CVE-2010-4172.patch
===================================================================
--- trunk/tomcat6/debian/patches/0011-CVE-2010-4172.patch 2010-12-10 06:08:40 UTC (rev 13169)
+++ trunk/tomcat6/debian/patches/0011-CVE-2010-4172.patch 2010-12-10 06:53:06 UTC (rev 13170)
@@ -1,3 +1,9 @@
+From: tony mancill <tmancill at debian.org>
+Subject: CVE-2010-4172 patches for 6.0.28
+Description: Backport changes in tomcat6's SVN tree to 6.0.28.
+Origin: http://svn.apache.org/viewvc?view=revision&revision=1037779
+Forwarded: not-needed
+
--- a/java/org/apache/catalina/manager/JspHelper.java
+++ b/java/org/apache/catalina/manager/JspHelper.java
@@ -58,7 +58,7 @@
@@ -11,7 +17,7 @@
}
--- a/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
+++ b/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
-@@ -30,22 +30,24 @@
+@@ -30,8 +30,10 @@
<% String path = (String) request.getAttribute("path");
Session currentSession = (Session)request.getAttribute("currentSession");
HttpSession currentHttpSession = currentSession.getSession();
@@ -24,22 +30,8 @@
%>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1"/>
-- <meta http-equiv="pragma" content="no-cache"/><!-- HTTP 1.0 -->
-- <meta http-equiv="cache-control" content="no-cache,must-revalidate"/><!-- HTTP 1.1 -->
-- <meta http-equiv="expires" content="0"/><!-- 0 is an invalid value and should be treated as 'now' -->
-- <meta http-equiv="content-language" content="en"/>
-- <meta name="author" content="Cedrik LIME"/>
-- <meta name="copyright" content="copyright 2005-2010 the Apache Software Foundation"/>
-- <meta name="robots" content="noindex,nofollow,noarchive"/>
-- <title>Sessions Administration: details for <%= currentSessionId %></title>
-+ <meta http-equiv="pragma" content="no-cache"/><!-- HTTP 1.0 -->
-+ <meta http-equiv="cache-control" content="no-cache,must-revalidate"/><!-- HTTP 1.1 -->
-+ <meta http-equiv="expires" content="0"/><!-- 0 is an invalid value and should be treated as 'now' -->
-+ <meta http-equiv="content-language" content="en"/>
-+ <meta name="author" content="Cedrik LIME"/>
-+ <meta name="copyright" content="copyright 2005-2010 the Apache Software Foundation"/>
-+ <meta name="robots" content="noindex,nofollow,noarchive"/>
-+ <title>Sessions Administration: details for <%= currentSessionId %></title>
+@@ -45,7 +47,7 @@
+ <title>Sessions Administration: details for <%= currentSessionId %></title>
</head>
<body>
-<h1>Details for Session <%= JspHelper.escapeXml(currentSessionId) %></h1>
@@ -62,59 +54,11 @@
<div class="error"><%= JspHelper.escapeXml(request.getAttribute("error")) %></div>
<div class="message"><%= JspHelper.escapeXml(request.getAttribute("message")) %></div>
-@@ -95,52 +103,65 @@
- <% int nAttributes = 0;
- Enumeration attributeNamesEnumeration = currentHttpSession.getAttributeNames();
- while (attributeNamesEnumeration.hasMoreElements()) {
-- attributeNamesEnumeration.nextElement();
-- ++nAttributes;
-+ attributeNamesEnumeration.nextElement();
-+ ++nAttributes;
- }
+@@ -120,7 +128,16 @@
+ String attributeName = (String) attributeNamesEnumeration.nextElement();
%>
-- <caption style="font-variant: small-caps;"><%= JspHelper.formatNumber(nAttributes) %> attributes</caption>
-- <thead>
-- <tr>
-- <th>Remove Attribute</th>
-- <th>Attribute name</th>
-- <th>Attribute value</th>
-- </tr>
-- </thead>
-- <%--tfoot>
-- <tr>
-- <td colspan="3" style="text-align: center;">
-- TODO: set Max Inactive Interval on sessions
-- </td>
-- </tr>
-- </tfoot--%>
-- <tbody>
-+ <caption style="font-variant: small-caps;"><%= JspHelper.formatNumber(nAttributes) %> attributes</caption>
-+ <thead>
-+ <tr>
-+ <th>Remove Attribute</th>
-+ <th>Attribute name</th>
-+ <th>Attribute value</th>
-+ </tr>
-+ </thead>
-+ <%--tfoot>
-+ <tr>
-+ <td colspan="3" style="text-align: center;">
-+ TODO: set Max Inactive Interval on sessions
-+ </td>
-+ </tr>
-+ </tfoot--%>
-+ <tbody>
- <% attributeNamesEnumeration = currentHttpSession.getAttributeNames();
- while (attributeNamesEnumeration.hasMoreElements()) {
-- String attributeName = (String) attributeNamesEnumeration.nextElement();
-+ String attributeName = (String) attributeNamesEnumeration.nextElement();
- %>
-- <tr>
+ <tr>
- <td align="center"><form action="<%= submitUrl %>"><div><input type="hidden" name="path" value="<%= path %>" /><input type="hidden" name="action" value="removeSessionAttribute" /><input type="hidden" name="sessionId" value="<%= currentSessionId %>" /><input type="hidden" name="attributeName" value="<%= attributeName %>" /><input type="submit" value="Remove" /></div></form></td>
-- <td><%= JspHelper.escapeXml(attributeName) %></td>
-- <td><% Object attributeValue = currentHttpSession.getAttribute(attributeName); %><span title="<%= attributeValue == null ? "" : attributeValue.getClass().toString() %>"><%= JspHelper.escapeXml(attributeValue) %></span></td>
-- </tr>
-+ <tr>
+ <td align="center">
+ <form method="post" action="<%= submitUrl %>">
+ <div>
@@ -125,12 +69,11 @@
+ </div>
+ </form>
+ </td>
-+ <td><%= JspHelper.escapeXml(attributeName) %></td>
-+ <td><% Object attributeValue = currentHttpSession.getAttribute(attributeName); %><span title="<%= attributeValue == null ? "" : attributeValue.getClass().toString() %>"><%= JspHelper.escapeXml(attributeValue) %></span></td>
-+ </tr>
- <% } // end while %>
-- </tbody>
-+ </tbody>
+ <td><%= JspHelper.escapeXml(attributeName) %></td>
+ <td><% Object attributeValue = currentHttpSession.getAttribute(attributeName); %><span title="<%= attributeValue == null ? "" : attributeValue.getClass().toString() %>"><%= JspHelper.escapeXml(attributeValue) %></span></td>
+ </tr>
+@@ -128,7 +145,11 @@
+ </tbody>
</table>
-<p style="text-align: center;"><button type="button" onclick="window.close()">Close window</button></p>
@@ -142,27 +85,6 @@
<%--div style="display: none;">
<p>
-- <a href="http://validator.w3.org/check?uri=referer"><img
-- src="http://www.w3.org/Icons/valid-html401"
-- alt="Valid HTML 4.01!" height="31" width="88"></a>
-- <a href="http://validator.w3.org/check?uri=referer"><img
-- src="http://www.w3.org/Icons/valid-xhtml10"
-- alt="Valid XHTML 1.0!" height="31" width="88" /></a>
-- <a href="http://validator.w3.org/check?uri=referer"><img
-- src="http://www.w3.org/Icons/valid-xhtml11"
-- alt="Valid XHTML 1.1!" height="31" width="88" /></a>
-+ <a href="http://validator.w3.org/check?uri=referer"><img
-+ src="http://www.w3.org/Icons/valid-html401"
-+ alt="Valid HTML 4.01!" height="31" width="88"></a>
-+ <a href="http://validator.w3.org/check?uri=referer"><img
-+ src="http://www.w3.org/Icons/valid-xhtml10"
-+ alt="Valid XHTML 1.0!" height="31" width="88" /></a>
-+ <a href="http://validator.w3.org/check?uri=referer"><img
-+ src="http://www.w3.org/Icons/valid-xhtml11"
-+ alt="Valid XHTML 1.1!" height="31" width="88" /></a>
- </p>
- </div--%>
-
--- a/webapps/manager/WEB-INF/jsp/sessionsList.jsp
+++ b/webapps/manager/WEB-INF/jsp/sessionsList.jsp
@@ -26,7 +26,9 @@
More information about the pkg-java-commits
mailing list