[SCM] tomcat6 packaging branch, master, updated. debian/6.0.35-2-7-g2cfc46b
tony mancill
tmancill at debian.org
Sat Apr 14 18:14:18 UTC 2012
The following commit has been merged in the master branch:
commit b7157ed2bf794a94e147cee5e0299be1b1e13910
Author: tony mancill <tmancill at debian.org>
Date: Sat Apr 14 10:54:02 2012 -0700
apply patch for #659748
diff --git a/debian/changelog b/debian/changelog
index a580ab9..2cbedce 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,10 +6,11 @@ tomcat6 (6.0.35-3) unstable; urgency=low
[ tony mancill ]
* Add libservlet2.4-java transitional package.
- * Remove /etc/authbind/byuid and /etc/authbind in postrm.
- (Closes: #668761)
+ * Remove /etc/authbind/byuid, /etc/authbind in postrm. (Closes: #668761)
+ * Add 0011-CVE-2012-0022-regression-fix.patch. (Closes: #659748)
+ - Thank you to Marc Deslauriers
- -- tony mancill <tmancill at debian.org> Sat, 14 Apr 2012 10:32:02 -0700
+ -- tony mancill <tmancill at debian.org> Sat, 14 Apr 2012 10:49:52 -0700
tomcat6 (6.0.35-2) unstable; urgency=low
@@ -23,9 +24,6 @@ tomcat6 (6.0.35-2) unstable; urgency=low
* Bump Standards-Version to 3.9.3. No changes were required.
* Provide 'debian' version symlink for Maven artifacts. (Closes: #665393).
- [ tony mancill ]
- *
-
-- tony mancill <tmancill at debian.org> Thu, 29 Mar 2012 07:05:34 -0700
tomcat6 (6.0.35-1) unstable; urgency=low
diff --git a/debian/patches/0011-CVE-2012-0022-regression-fix.patch b/debian/patches/0011-CVE-2012-0022-regression-fix.patch
new file mode 100644
index 0000000..abd2bf9
--- /dev/null
+++ b/debian/patches/0011-CVE-2012-0022-regression-fix.patch
@@ -0,0 +1,83 @@
+Description: fix regression from the CVE-2012-0022 security fix that
+ went into 6.0.35.
+Origin: upstream, http://svn.apache.org/viewvc?view=revision&revision=1229027
+Bug: https://issues.apache.org/bugzilla/show_bug.cgi?id=52384
+
+Index: tomcat6-6.0.35/java/org/apache/tomcat/util/http/LocalStrings.properties
+===================================================================
+--- tomcat6-6.0.35.orig/java/org/apache/tomcat/util/http/LocalStrings.properties 2011-11-12 03:36:55.000000000 -0500
++++ tomcat6-6.0.35/java/org/apache/tomcat/util/http/LocalStrings.properties 2012-02-13 09:03:10.865891860 -0500
+@@ -17,6 +17,7 @@
+ parameters.copyFail=Failed to create copy of original parameter values for debug logging purposes
+ parameters.decodeFail.debug=Character decoding failed. Parameter [{0}] with value [{1}] has been ignored.
+ parameters.decodeFail.info=Character decoding failed. Parameter [{0}] with value [{1}] has been ignored. Note that the name and value quoted here may be corrupted due to the failed decoding. Use debug level logging to see the original, non-corrupted values.
++parameters.emptyChunk=Empty parameter chunk ignored
+ parameters.invalidChunk=Invalid chunk starting at byte [{0}] and ending at byte [{1}] with a value of [{2}] ignored
+ parameters.maxCountFail=More than the maximum number of request parameters (GET plus POST) for a single request ([{0}]) were detected. Any parameters beyond this limit have been ignored. To change this limit, set the maxParameterCount attribute on the Connector.
+ parameters.multipleDecodingFail=Character decoding failed. A total of [{0}] failures were detected but only the first was logged. Enable debug level logging for this logger to log all failures.
+Index: tomcat6-6.0.35/java/org/apache/tomcat/util/http/Parameters.java
+===================================================================
+--- tomcat6-6.0.35.orig/java/org/apache/tomcat/util/http/Parameters.java 2011-11-25 16:11:35.000000000 -0500
++++ tomcat6-6.0.35/java/org/apache/tomcat/util/http/Parameters.java 2012-02-13 09:03:10.889891861 -0500
+@@ -314,6 +314,15 @@
+ }
+
+ if (nameEnd <= nameStart ) {
++ if (valueStart == -1) {
++ // &&
++ if (log.isDebugEnabled()) {
++ log.debug(sm.getString("parameters.emptyChunk"));
++ }
++ // Do not flag as error
++ continue;
++ }
++ // &=foo&
+ if (log.isInfoEnabled()) {
+ if (valueEnd >= nameStart && log.isDebugEnabled()) {
+ String extract = null;
+@@ -341,7 +350,11 @@
+ }
+
+ tmpName.setBytes(bytes, nameStart, nameEnd - nameStart);
+- tmpValue.setBytes(bytes, valueStart, valueEnd - valueStart);
++ if (valueStart >= 0) {
++ tmpValue.setBytes(bytes, valueStart, valueEnd - valueStart);
++ } else {
++ tmpValue.setBytes(bytes, 0, 0);
++ }
+
+ // Take copies as if anything goes wrong originals will be
+ // corrupted. This means original values can be logged.
+@@ -349,7 +362,11 @@
+ if (log.isDebugEnabled()) {
+ try {
+ origName.append(bytes, nameStart, nameEnd - nameStart);
+- origValue.append(bytes, valueStart, valueEnd - valueStart);
++ if (valueStart >= 0) {
++ origValue.append(bytes, valueStart, valueEnd - valueStart);
++ } else {
++ origValue.append(bytes, 0, 0);
++ }
+ } catch (IOException ioe) {
+ // Should never happen...
+ log.error(sm.getString("parameters.copyFail"), ioe);
+@@ -366,11 +383,15 @@
+ tmpName.setCharset(charset);
+ name = tmpName.toString();
+
+- if (decodeValue) {
+- urlDecode(tmpValue);
++ if (valueStart >= 0) {
++ if (decodeValue) {
++ urlDecode(tmpValue);
++ }
++ tmpValue.setCharset(charset);
++ value = tmpValue.toString();
++ } else {
++ value = "";
+ }
+- tmpValue.setCharset(charset);
+- value = tmpValue.toString();
+
+ addParam(name, value);
+ } catch (IOException e) {
diff --git a/debian/patches/series b/debian/patches/series
index f4fb4ad..7f918c6 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,3 +7,4 @@
0007-add-OSGi-headers-to-servlet-api.patch
0008-add-OSGI-headers-to-jsp-api.patch
0010-Use-java.security.policy-file-in-catalina.sh.patch
+0011-CVE-2012-0022-regression-fix.patch
--
tomcat6 packaging
More information about the pkg-java-commits
mailing list