[SCM] tomcat6 packaging branch, master, updated. debian/6.0.33-1-4-g3ac261c

Miguel Landaeta miguel at miguel.cc
Fri Dec 9 02:02:47 UTC 2011 

The following commit has been merged in the master branch:
commit 3ac261ca836cb99daf998adfbf13839d45757196
Author: Miguel Landaeta <miguel at miguel.cc>
Date:   Thu Dec 8 21:35:59 2011 -0430

    New upstream release

diff --git a/debian/changelog b/debian/changelog
index 98780ef..4f3c354 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,15 @@
-tomcat6 (6.0.33-2) UNRELEASED; urgency=low
+tomcat6 (6.0.35-1~miguel1) UNRELEASED; urgency=low
 
-  * Team upload.
-  * Update Vcs-* fields in debian/control for swith to git.
+  [ Miguel Landaeta ]
+  * New upstream release.
+  * Add myself to Uploaders.
+  * Remove 0013-CVE-2011-3190.patch since it was included upstream.
+  * Add mh_clean call in clean target.
+
+  [ tony mancill ]
+  * Update Vcs-* fields in debian/control for switch to git.
 
- -- tony mancill <tmancill at debian.org>  Fri, 02 Dec 2011 22:57:58 -0800
+ -- Miguel Landaeta <miguel at miguel.cc>  Thu, 08 Dec 2011 21:35:17 -0430
 
 tomcat6 (6.0.33-1) unstable; urgency=low
 
diff --git a/debian/control b/debian/control
index b8c4524..806d46d 100644
--- a/debian/control
+++ b/debian/control
@@ -4,7 +4,7 @@ Priority: optional
 Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
 Uploaders: Torsten Werner <twerner at debian.org>,
  Ludovic Claude <ludovic.claude at laposte.net>, Michael Koch <konqueror at gmx.de>,
- Damien Raude-Morvan <drazzib at debian.org>
+ Damien Raude-Morvan <drazzib at debian.org>, Miguel Landaeta <miguel at miguel.cc>
 Build-Depends: default-jdk, ant-optional, debhelper (>= 7), po-debconf
 Build-Depends-Indep: maven-repo-helper (>> 1.0.1), libecj-java
 Standards-Version: 3.9.2
diff --git a/debian/patches/0013-CVE-2011-3190.patch b/debian/patches/0013-CVE-2011-3190.patch
deleted file mode 100644
index 89fda13..0000000
--- a/debian/patches/0013-CVE-2011-3190.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-Description: [PATCH] Fix CVE-2011-3190 Fix
- https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
- Prevent AJP request forgery via unread request body packet
-Origin: https://github.com/apache/tomcat60/commit/1a04877e07c8ac9f924b130cbc372a11c273de66
-
-Index: tomcat6/java/org/apache/coyote/ajp/AjpAprProcessor.java
-===================================================================
---- tomcat6.orig/java/org/apache/coyote/ajp/AjpAprProcessor.java	2011-09-08 14:25:11.619833000 +0100
-+++ tomcat6/java/org/apache/coyote/ajp/AjpAprProcessor.java	2011-09-08 14:44:12.771697501 +0100
-@@ -390,11 +390,13 @@
-                     }
-                     continue;
-                 } else if(type != Constants.JK_AJP13_FORWARD_REQUEST) {
--                    // Usually the servlet didn't read the previous request body
--                    if(log.isDebugEnabled()) {
--                        log.debug("Unexpected message: "+type);
-+                    // Unexpected packet type. Unread body packets should have
-+                    // been swallowed in finish().
-+                    if (log.isDebugEnabled()) {
-+                        log.debug("Unexpected message: " + type);
-                     }
--                    continue;
-+                    error = true;
-+                    break;
-                 }
- 
-                 keptAlive = true;
-@@ -1033,6 +1035,11 @@
- 
-         finished = true;
- 
-+        // Swallow the unread body packet if present
-+        if (first && request.getContentLengthLong() > 0) {
-+            receive();
-+        }
-+        
-         // Add the end message
-         if (outputBuffer.position() + endMessageArray.length > outputBuffer.capacity()) {
-             flush();
-Index: tomcat6/java/org/apache/coyote/ajp/AjpProcessor.java
-===================================================================
---- tomcat6.orig/java/org/apache/coyote/ajp/AjpProcessor.java	2011-09-08 14:25:11.619833000 +0100
-+++ tomcat6/java/org/apache/coyote/ajp/AjpProcessor.java	2011-09-08 14:44:12.771697501 +0100
-@@ -408,11 +408,13 @@
-                     }
-                     continue;
-                 } else if(type != Constants.JK_AJP13_FORWARD_REQUEST) {
--                    // Usually the servlet didn't read the previous request body
--                    if(log.isDebugEnabled()) {
--                        log.debug("Unexpected message: "+type);
-+                    // Unexpected packet type. Unread body packets should have
-+                    // been swallowed in finish().
-+                    if (log.isDebugEnabled()) {
-+                        log.debug("Unexpected message: " + type);
-                     }
--                    continue;
-+                    error = true;
-+                    break;
-                 }
- 
-                 request.setStartTime(System.currentTimeMillis());
-@@ -1038,6 +1040,11 @@
- 
-         finished = true;
- 
-+        // Swallow the unread body packet if present
-+        if (first && request.getContentLengthLong() > 0) {
-+            receive();
-+        }
-+        
-         // Add the end message
-         output.write(endMessageArray);
diff --git a/debian/patches/series b/debian/patches/series
index 3df340a..f4fb4ad 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,4 +7,3 @@
 0007-add-OSGi-headers-to-servlet-api.patch
 0008-add-OSGI-headers-to-jsp-api.patch
 0010-Use-java.security.policy-file-in-catalina.sh.patch
-0013-CVE-2011-3190.patch
diff --git a/debian/rules b/debian/rules
index c9a6ea5..dbda264 100755
--- a/debian/rules
+++ b/debian/rules
@@ -66,6 +66,7 @@ clean:
 	rm -rf "output/"
 	rm -f build-stamp
 	dh_clean
+	mh_clean
 
 install: build
 	dh_testdir

-- 
tomcat6 packaging

More information about the pkg-java-commits mailing list