<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html lang="en">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<title>
GitLab
</title>
<style>img {
max-width: 100%; height: auto;
}
</style>
</head>
<body>
<div class="content">
<h3>
Markus Koschany pushed to branch jessie
at <a href="https://salsa.debian.org/java-team/tomcat7">Debian Java Maintainers / tomcat7</a>
</h3>
<h4>
Commits:
</h4>
<ul>
<li>
<strong><a href="https://salsa.debian.org/java-team/tomcat7/commit/8647b39ee8b57299448aa465e72af8a1cdfd921d">8647b39e</a></strong>
<div>
<span>by Markus Koschany</span>
<i>at 2018-10-23T20:53:08Z</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Import Upstream version 7.0.56-3+really7.0.91</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/tomcat7/commit/2fcc56adbefa3986ccefa8390b1b785947ad626f">2fcc56ad</a></strong>
<div>
<span>by Markus Koschany</span>
<i>at 2018-10-23T20:53:12Z</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Import Debian changes 7.0.56-3+really7.0.91-1
tomcat7 (7.0.56-3+really7.0.91-1) jessie-security; urgency=high
* Non-maintainer upload by the LTS team.
* Fix CVE-2018-11784:
Sergey Bobrov discovered that when the default servlet returned a redirect
to a directory (e.g. redirecting to /foo/ when the user requested /foo) a
specially crafted URL could be used to cause the redirect to be generated
to any URI of the attackers choice.
</pre>
</li>
</ul>
<h4>30 changed files:</h4>
<ul>
<li class="file-stats">
<a href="#0426576666947b851d4dcbe4b44ebfb8d143e67c">
BUILDING.txt
</a>
</li>
<li class="file-stats">
<a href="#021ef53208cddfa55fd4d0cdbe9f6c6156199b2f">
RELEASE-NOTES
</a>
</li>
<li class="file-stats">
<a href="#c42fa9de422a4110e36cf0e09e96cedd8c3c474c">
bin/daemon.sh
</a>
</li>
<li class="file-stats">
<a href="#65d04013ea262a52ba54c8de534eae494865583c">
build.properties.default
</a>
</li>
<li class="file-stats">
<a href="#bdc348bf75801c527f51cdeddc8edf027f7ef35a">
build.xml
</a>
</li>
<li class="file-stats">
<a href="#cec98519b001bb6e04c456eb4b182b986ad0f344">
conf/catalina.properties
</a>
</li>
<li class="file-stats">
<a href="#9c96da0e9f91d7d8937b69b524702c106258f0d1">
debian/changelog
</a>
</li>
<li class="file-stats">
<a href="#ae33e3f7fa05d56942b94aa650c6eed27df0251a">
debian/patches/0017-use-jdbc-pool-default.patch
</a>
</li>
<li class="file-stats">
<a href="#bc34014ab4b9a49dd7a27bdd8d352912607c3a96">
debian/patches/series
</a>
</li>
<li class="file-stats">
<a href="#729854ffab54c11505db00a27dc6caf851c627cd">
<span class="new-file">
+
debian/patches/tomcat-7.0.91-build-failure.patch
</span>
</a>
</li>
<li class="file-stats">
<a href="#8756c63497c8dc39f7773438edf53b220c773f67">
debian/rules
</a>
</li>
<li class="file-stats">
<a href="#2b9a4dce3833aeb45aa01b700acabf5f3feb5d87">
java/javax/servlet/resources/XMLSchema.dtd
</a>
</li>
<li class="file-stats">
<a href="#d50d2c70a3f984c4bd73e10ebf4ecdd10f092694">
java/javax/servlet/resources/j2ee_web_services_client_1_1.xsd
</a>
</li>
<li class="file-stats">
<a href="#33799d1809dc0dae85eefc713866e85312262e26">
java/org/apache/catalina/Globals.java
</a>
</li>
<li class="file-stats">
<a href="#db82a2c83bb25cbeaaaf4bf66ba0f320a740d0e7">
java/org/apache/catalina/connector/Request.java
</a>
</li>
<li class="file-stats">
<a href="#46c5042f6f5b0ee361f3205ca1cb43263e4574fa">
java/org/apache/catalina/core/ApplicationContext.java
</a>
</li>
<li class="file-stats">
<a href="#6aa65b63dc4d353254d5ad2dc1cb249c9afeb4c5">
java/org/apache/catalina/core/ContainerBase.java
</a>
</li>
<li class="file-stats">
<a href="#f59740786fce423c1d3e2fe031c4c3b52d90af26">
java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
</a>
</li>
<li class="file-stats">
<a href="#5e25c6e3a61bb4120d6f070427622e09fa17a9d6">
java/org/apache/catalina/deploy/LocalStrings.properties
</a>
</li>
<li class="file-stats">
<a href="#d47d1ff43e54e1daad3c2f112473b42b55fa824b">
java/org/apache/catalina/deploy/ResourceBase.java
</a>
</li>
<li class="file-stats">
<a href="#39a323d50b7b3f665a5036f7672e479c28444fc6">
java/org/apache/catalina/filters/CorsFilter.java
</a>
</li>
<li class="file-stats">
<a href="#80dde877a049c30b8753b663aa2c5b2000a6177f">
java/org/apache/catalina/filters/ExpiresFilter.java
</a>
</li>
<li class="file-stats">
<a href="#cc942f9d46d478e2d58414c9825acb3ff22aca20">
java/org/apache/catalina/ha/session/DeltaManager.java
</a>
</li>
<li class="file-stats">
<a href="#07f08902a0ff7f711c79635d66b42af1c2542617">
java/org/apache/catalina/ha/session/SessionMessageImpl.java
</a>
</li>
<li class="file-stats">
<a href="#45cbc8593b112e9d70ce299d2c477f5ee257ec2e">
java/org/apache/catalina/ha/session/mbeans-descriptors.xml
</a>
</li>
<li class="file-stats">
<a href="#eb59422684625aa66d8406ab468c3b5095d8c432">
java/org/apache/catalina/ha/tcp/SimpleTcpCluster.java
</a>
</li>
<li class="file-stats">
<a href="#cf9f7d42086a2262bc6c9e4f3b9f1085a296bced">
java/org/apache/catalina/loader/WebappLoader.java
</a>
</li>
<li class="file-stats">
<a href="#56a0cb337a6de69691273a68de72773e4d37a9dc">
java/org/apache/catalina/manager/LocalStrings.properties
</a>
</li>
<li class="file-stats">
<a href="#ffe3bd00394e1b0078ac8224d1c367733acd0762">
<span class="new-file">
+
java/org/apache/catalina/manager/LocalStrings_ru.properties
</span>
</a>
</li>
<li class="file-stats">
<a href="#dbde717cfe5b4b8f25d6c6b3e2b63f3b76cab511">
java/org/apache/catalina/manager/StatusManagerServlet.java
</a>
</li>
</ul>
<h5>The diff was not included because it is too large.</h5>
</div>
<div class="footer" style="margin-top: 10px;">
<p style="font-size: small; color: #777777;">
—
<br>
<a href="https://salsa.debian.org/java-team/tomcat7/compare/fa9d5f97f961decf002363aa811981897d581982...2fcc56adbefa3986ccefa8390b1b785947ad626f">View it on GitLab</a>.
<br>
You're receiving this email because of your account on salsa.debian.org.
If you'd like to receive fewer emails, you can
adjust your notification settings.
</p>
</div>
</body>
</html>