Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package tomcat10 for openSUSE:Factory
checked in at 2024-07-10 16:49:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tomcat10 (Old)
and /work/SRC/openSUSE:Factory/.tomcat10.new.2080 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tomcat10"
Wed Jul 10 16:49:44 2024 rev:11 rq:1186460 version:10.1.25
Changes:
--------
--- /work/SRC/openSUSE:Factory/tomcat10/tomcat10.changes 2024-04-07
22:13:29.131037286 +0200
+++ /work/SRC/openSUSE:Factory/.tomcat10.new.2080/tomcat10.changes
2024-07-10 16:49:45.808164318 +0200
@@ -1,0 +2,160 @@
+Tue Jul 9 12:52:37 UTC 2024 - Ricardo Mestre <ricardo.mes...@suse.com>
+
+- Update to Tomcat 10.1.25
+ * Fixed CVEs:
+ + CVE-2024-34750: Improper handling of exceptional conditions
+ (bsc#1227399)
+ * Catalina
+ + Add: Add support for shallow copies when using WebDAV. (markt)
+ + Code: Deprecate the WebdavFixFilter as it is no longer required. (markt)
+ + Fix: 69066: Fix regression in SPNEGO authenticator when processing
Base64.
+ Submitted by Daniel Lyko. (remm)
+ + Add: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext) for
+ retrieving extended/additional information from an established GSS
+ context. (michaelo)
+ + Fix: Correct a regression in the fix for 68721 that caused some instances
+ of LinkageError to be reported as ClassNotFoundException. (markt)
+ + Fix: Ensure that static resources deployed via a JAR file remain
+ accessible when the context is configured to use a bloom filter. Based on
+ pull request #730 provided by bergander. (markt)
+ + Add: Introduce reference counting so the AprLifecycleListener is more
+ robust. This particularly targets more complex embedded configurations
+ with multiple server instances with independent lifecycles where more
than
+ one server instance requires the AprLifecycleListener. (markt)
+ + Add: Small performance optimization when logging cookies with no values.
+ (schultz)
+ + Fix: Correct error handling for asynchronous requests. If the application
+ performs an dispatch during AsyncListener.onError() the dispatch is now
+ performed rather than completing the request using the error page
+ mechanism. (markt)
+ + Add: Re-factor ElapsedTimeElement in AbstractAccessLogValve to use a
+ customizable style. (schultz)
+ + Add: Add more timescale options to AccessLogValve and
+ ExtendedAccessLogValve. Allow timescales to apply to "time-taken" token
in
+ ExtendedAccessLogValve. (schultz)
+ + Fix: Fix WebDAV lock null (locks for non existing resources) thread
safety
+ and removal. (remm)
+ + Fix: Add periodic checking for WebDAV locks expiration. (remm)
+ + Fix: Extend Asn1Parser to parse UTF8Strings. (michaelo)
+ + Fix: Remove MBean metadata for attibutes that have been removed. Based on
+ pull request #719 by Shawn Q. (markt)
+ + Update: Deprecate and remove sessionCounter (replaced by the addition of
+ the active session count and the expired session count, as a reasonable
+ approximation) and duplicates (which does not represent a possible event
+ in current implementations) statistics from the session manager. (remm)
+ + Fix: 68890 Align output encoding of JSPs in the Manager webapp with the
+ XML declarations in those same files. (schultz)
+ + Fix: Update Basic authentication to implement the requirements of RFC
7617
+ including the changing of the trimCredentials setting which is now
+ defaults to false. Note that the trimCredentials setting will be removed
+ in Tomcat 11. (markt)
+ + Fix: Change the thread-safety mechanism for protecting
+ StandardServer.services from a simple synchronized lock to a
+ ReentrantReadWriteLock to allow multiple readers to operate
+ simultaneously. Based upon a suggestion by Markus Wolfe. (schultz)
+ + Fix: Improve Service connectors, Container children and Service executors
+ access sync using a ReentrantReadWriteLock. (remm)
+ + Fix: Improve handling of integer overflow if an attempt is made to upload
+ a file via the Servlet API and the file is larger than
+ Integer.MAX_VALUE. (markt)
+ + Fix: 68862: Handle possible response commit when processing read errors.
+ (remm)
+ * Jasper
+ + Fix: 68546: Small additional optimisation for initial loading of Servlet
+ code generated for JSPs. Based on a suggestion by Dan Armstrong. (markt)
+ + Add: Add support for specifying Java 23 (with the value 23) as the
+ compiler source and/or compiler target for JSP compilation. If used with
+ an Eclipse JDT compiler version that does not support these values, a
+ warning will be logged and the default will used. (markt)
+ * Web applications
+ + Add: Add the ability to set a sub-title for the Manager web application
+ main page. This is intended to allow users with lots of instances to
+ easily distinguish them. Based on pull request #724 by Simon Arame.
+ (markt)
+ + Fix: Examples: Improve performance of WebSocket chat application when
+ multiple clients disconnect at the same time. (markt)
+ + Update: Examples: Increase the number of previous messages displayed when
+ using the WebSocket chat application. (markt)
+ + Fix: Examples: Improve performance of WebSocket snake application when
+ multiple clients disconnect at the same time. (markt)
+ * Coyote
+ + Fix: Fix OpenSSL FFM use of ERR_error_string with a 128 byte buffer, and
+ use ERR_error_string_n instead. (remm)
+ + Fix: Fix a crash on Windows setting CA certificate on null path. (remm)
+ + Fix: 69068: Ensure read timouts are triggered for asynchronous,
+ non-blocking reads when using HTTP/2. (markt)
+ + Update: 69133: Add task queue size configuration on the Connector
element,
+ similar to the Executor element, for consistency. (remm)
+ + Fix: Make counting of active HTTP/2 streams per connection more robust.
+ (markt)
+ + Add: Add support for TLS 1.3 client initiated re-keying. (markt)
+ + Fix: Improve the algorithm used to identify the IP address to use to
+ unlock the acceptor thread when a Connector is listening on all local
+ addresses. Interfaces that are configured for point to point connections
+ or are not currently up are now skipped. (markt)
+ + Fix: Align non-secure and secure writes with NIO and skip the write
+ attempt when there are no bytes to be written. (markt)
+ + Fix: Allow any positive value for socket.unlockTimeout. If a negative or
+ zero value is configured, the default of 250ms will be used. (mark)
+ + Fix: Reduce the time spent waiting for the connector to unlock. The
+ previous default of 10s was noticeably too long for cases where the
unlock
+ has failed. The wait time is now 100ms plus twice socket.unlockTimeout.
+ (markt)
+ + Fix: Ensure that the onAllDataRead() event is triggered when the request
+ body uses chunked encoding and is read using non-blocking IO. (markt)
+ + Fix: 68934: Add debug logging in the latch object when exceeding
+ maxConnections. (remm)
+ + Fix: Refactor trailer field handling to use a MimeHeaders instance to
+ store trailer fields. (markt)
+ + Fix: Ensure that multiple instances of the same trailer field are handled
+ correctly. (markt)
+ + Fix: Fix non-blocking reads of chunked request bodies. (markt)
+ + Fix: When an invalid HTTP response header was dropped, an off-by-one
error
+ meant that the first header in the response was also dropped. Fix based
on
+ pull request #710 by foremans. (markt)
+ + Fix: Fix bnd jar descriptor to include the OpenSSL FFM support. (remm)
+ + Fix: Add OpenSSL FFM classes to tomcat-embed-core.jar. (remm)
+ + Add: Add OpenSSL integration using the FFM API rather than Tomcat Native.
+ OpenSSL support may be enabled by adding the
+ org.apache.catalina.core.OpenSSLLifecycleListener listener on the Server
+ element when using Java 22 or later. (remm)
+ * WebSocket
+ + Fix: 68884: Reduce the write timeout when writing WebSocket close
messages
+ for abnormal closes. The timeout defaults to 50 milliseconds and may be
+ controlled using the
+ org.apache.tomcat.websocket.ABNORMAL_SESSION_CLOSE_SEND_TIMEOUT property
+ in the user properties collection associated with the WebSocket session.
+ (markt)
+ * Other
+ + Update: Revert Derby to 10.16.1.1 as that is the latest version of Derby
+ that runs on Java 17. (markt)
+ + Update: Update to Commons Daemon 1.4.0. (markt)
+ + Update: Update to Objenesis 3.4. (markt)
+ + Update: Update to Checkstyle 10.17.0. (markt)
+ + Update: Update to SpotBugs 4.8.5. (markt)
+ + Add: Improvements to French translations. (remm)
+ + Add: Improvements to Japanese translations by tak7iji. (markt)
+ + Update: Switch to using the Base64 encoder and decoder provided by the
JRE
+ rather than the version provided by Commons Codec. The internal fork of
+ Commons Codec has been deprecated and will be removed in Tomcat 11.
+ (markt)
+ + Update: Update NSIS to 3.10. (mark0t)
+ + Update: Update UnboundID to 7.0.0. (markt)
+ + Update: Update Checkstyle to 10.16.0. (markt)
+ + Update: Update JaCoCo to 0.8.12. (markt)
+ + Update: Update SpotBugs to 4.8.4. (markt)
+ + Update: Update the internal fork of Apache Commons BCEL to 6.9.0. (markt)
+ + Update: Update the internal fork of Apache Commons DBCP to 2.12.0.
(markt)
+ + Add: Improvements to French translations. (remm)
+ + Add: Improvements to Japanese translations by tak7iji. (markt)
+ + Fix: Release re-built using correct JDK version.
+ + Update: Update the internal fork of Apache Commons BCEL to 6.8.2. (markt)
+ + Update: Update the internal fork of Apache Commons Codec to 1.16.1.
+ (markt)
+ + Add: Improvements to French translations. (remm)
+ + Add: Improvements to Japanese translations by tak7iji. (remm)
+ + Add: Improvements to Chinese translations by leeyazhou. (remm)
+- Modified patch:
+ * tomcat-10.1-build-with-java-11.patch
+ + rediff to changed context
+-------------------------------------------------------------------
Old:
----
apache-tomcat-10.1.20-src.tar.gz
apache-tomcat-10.1.20-src.tar.gz.asc
New:
----
apache-tomcat-10.1.25-src.tar.gz
apache-tomcat-10.1.25-src.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ tomcat10.spec ++++++
--- /var/tmp/diff_new_pack.ErvjZc/_old 2024-07-10 16:49:47.092211465 +0200
+++ /var/tmp/diff_new_pack.ErvjZc/_new 2024-07-10 16:49:47.092211465 +0200
@@ -29,7 +29,7 @@
%define elspec %{elspec_major}.%{elspec_minor}
%define major_version 10
%define minor_version 1
-%define micro_version 20
+%define micro_version 25
%define java_major 1
%define java_minor 11
%define java_version %{java_major}.%{java_minor}
++++++ apache-tomcat-10.1.20-src.tar.gz -> apache-tomcat-10.1.25-src.tar.gz
++++++
++++ 72966 lines of diff (skipped)
++++++ tomcat-10.1-build-with-java-11.patch ++++++
--- /var/tmp/diff_new_pack.ErvjZc/_old 2024-07-10 16:49:48.288255382 +0200
+++ /var/tmp/diff_new_pack.ErvjZc/_new 2024-07-10 16:49:48.292255529 +0200
@@ -1,14 +1,14 @@
-Index: apache-tomcat-10.1.18-src/build.xml
+Index: apache-tomcat-10.1.25-src/build.xml
===================================================================
---- apache-tomcat-10.1.18-src.orig/build.xml
-+++ apache-tomcat-10.1.18-src/build.xml
+--- apache-tomcat-10.1.25-src.orig/build.xml
++++ apache-tomcat-10.1.25-src/build.xml
@@ -108,7 +108,7 @@
<!-- Keep in sync with webapps/docs/tomcat-docs.xsl -->
<property name="compile.release" value="11"/>
<property name="min.java.version" value="11"/>
- <property name="build.java.version" value="17"/>
+ <property name="build.java.version" value="11"/>
+ <property name="release.java.version" value="22"/>
<!-- Check Java Build Version -->
- <fail message="Java version ${build.java.version} or newer is required
(${java.version} is installed)">
