[tomcat8] 02/03: Refreshed the patches

Emmanuel Bourg ebourg-guest at moszumanska.debian.org
Wed Jun 21 11:48:53 UTC 2017


This is an automated email from the git hooks/post-receive script.

ebourg-guest pushed a commit to branch master
in repository tomcat8.

commit 691a4c050e791a06576d50156ca174b4d0d8ae6f
Author: Emmanuel Bourg <ebourg at apache.org>
Date:   Wed Jun 21 13:00:38 2017 +0200

    Refreshed the patches
---
 debian/changelog                                   |  8 ++++
 .../0021-dont-test-unsupported-ciphers.patch       |  2 +-
 debian/patches/CVE-2017-5664.patch                 | 56 ----------------------
 debian/patches/series                              |  1 -
 4 files changed, 9 insertions(+), 58 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 9045d40..2e3cb01 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+tomcat8 (8.5.15-1) UNRELEASED; urgency=medium
+
+  * Team upload.
+  * New upstream release
+    - Refreshed the patches
+
+ -- Emmanuel Bourg <ebourg at apache.org>  Wed, 21 Jun 2017 13:00:15 +0200
+
 tomcat8 (8.5.14-2) unstable; urgency=high
 
   * Team upload.
diff --git a/debian/patches/0021-dont-test-unsupported-ciphers.patch b/debian/patches/0021-dont-test-unsupported-ciphers.patch
index b957b42..f2fd8a0 100644
--- a/debian/patches/0021-dont-test-unsupported-ciphers.patch
+++ b/debian/patches/0021-dont-test-unsupported-ciphers.patch
@@ -3,7 +3,7 @@ Author: Emmanuel Bourg <ebourg at apache.org>
 Forwarded: not-needed
 --- a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
 +++ b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
-@@ -100,6 +100,7 @@
+@@ -104,6 +104,7 @@
          unimplemented.add(Cipher.SSL2_RC4_128_EXPORT40_WITH_MD5);
          unimplemented.add(Cipher.SSL2_IDEA_128_CBC_WITH_MD5);
          unimplemented.add(Cipher.SSL2_DES_192_EDE3_CBC_WITH_MD5);
diff --git a/debian/patches/CVE-2017-5664.patch b/debian/patches/CVE-2017-5664.patch
deleted file mode 100644
index 44476c9..0000000
--- a/debian/patches/CVE-2017-5664.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-Description: CVE-2017-5664: Static error pages can be overwritten
- if the DefaultServlet is configured to permit writes.
-Origin: backport, https://svn.apache.org/r1793469
-                  https://svn.apache.org/r1793488
---- a/java/org/apache/catalina/servlets/DefaultServlet.java
-+++ b/java/org/apache/catalina/servlets/DefaultServlet.java
-@@ -407,6 +407,18 @@
-     }
- 
- 
-+    @Override
-+    protected void service(HttpServletRequest req, HttpServletResponse resp)
-+            throws ServletException, IOException {
-+
-+        if (req.getDispatcherType() == DispatcherType.ERROR) {
-+            doGet(req, resp);
-+        } else {
-+            super.service(req, resp);
-+        }
-+    }
-+
-+
-     /**
-      * Process a GET request for the specified resource.
-      *
-@@ -794,7 +806,7 @@
-             return;
-         }
- 
--        boolean isError = response.getStatus() >= HttpServletResponse.SC_BAD_REQUEST;
-+        boolean isError = DispatcherType.ERROR == request.getDispatcherType();
- 
-         boolean included = false;
-         // Check if the conditions specified in the optional If headers are
---- a/java/org/apache/catalina/servlets/WebdavServlet.java
-+++ b/java/org/apache/catalina/servlets/WebdavServlet.java
-@@ -30,6 +30,7 @@
- import java.util.TimeZone;
- import java.util.Vector;
- 
-+import javax.servlet.DispatcherType;
- import javax.servlet.RequestDispatcher;
- import javax.servlet.ServletContext;
- import javax.servlet.ServletException;
-@@ -315,6 +316,11 @@
-             return;
-         }
- 
-+        if (req.getDispatcherType() == DispatcherType.ERROR) {
-+            doGet(req, resp);
-+            return;
-+        }
-+
-         final String method = req.getMethod();
- 
-         if (debug > 0) {
diff --git a/debian/patches/series b/debian/patches/series
index fe0ccae..1b36989 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -8,4 +8,3 @@
 0018-fix-manager-webapp.patch
 0019-add-distribution-to-error-page.patch
 0021-dont-test-unsupported-ciphers.patch
-CVE-2017-5664.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tomcat8.git



More information about the pkg-java-commits mailing list