This is an automated email from the git hooks/post-receive script. ebourg-guest pushed a commit to branch jessie in repository tomcat8.
commit 407a89522165feaa8b1684af2bd5f469d1381c50 Author: Emmanuel Bourg <[email protected]> Date: Wed Jun 22 19:48:55 2016 +0200 Reordered the patches --- debian/patches/CVE-2015-5345.patch | 8 ++++---- debian/patches/CVE-2015-5346.patch | 10 +++++----- debian/patches/CVE-2015-5351.patch | 2 +- debian/patches/CVE-2016-0706.patch | 2 +- debian/patches/CVE-2016-0714.patch | 2 +- debian/patches/CVE-2016-0763.patch | 2 +- debian/patches/series | 4 ++-- 7 files changed, 15 insertions(+), 15 deletions(-) diff --git a/debian/patches/CVE-2015-5345.patch b/debian/patches/CVE-2015-5345.patch index f771868..01aad21 100644 --- a/debian/patches/CVE-2015-5345.patch +++ b/debian/patches/CVE-2015-5345.patch @@ -423,9 +423,9 @@ Origin: backport, https://svn.apache.org/r1715207 * is known that the timestamp was printed between {@code timeA} and --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml -@@ -188,6 +188,16 @@ - <bug>58809</bug>: Correctly recycle cookies when mapping requests for - parallel deployment. (markt) +@@ -184,6 +184,16 @@ + Reduce duplicated code. All AJP connectors use common method to + configuration of processor. (kfujino) </fix> + <add> + Move the functionality that provides redirects for context roots and @@ -440,7 +440,7 @@ Origin: backport, https://svn.apache.org/r1715207 </changelog> </subsection> <subsection name="Jasper"> -@@ -279,6 +289,11 @@ +@@ -275,6 +285,11 @@ leak fixes and support for application provided eviction policies. (markt) </fix> diff --git a/debian/patches/CVE-2015-5346.patch b/debian/patches/CVE-2015-5346.patch index 399196f..5b10e6a 100644 --- a/debian/patches/CVE-2015-5346.patch +++ b/debian/patches/CVE-2015-5346.patch @@ -108,9 +108,9 @@ Origin: backport, https://svn.apache.org/r1713185 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml -@@ -184,6 +184,10 @@ - Reduce duplicated code. All AJP connectors use common method to - configuration of processor. (kfujino) +@@ -168,6 +168,10 @@ + <bug>57011</bug>: Ensure that the request and response are correctly + recycled when processing errors during async processing. (markt) </fix> + <fix> + <bug>58809</bug>: Correctly recycle cookies when mapping requests for @@ -118,8 +118,8 @@ Origin: backport, https://svn.apache.org/r1713185 + </fix> </changelog> </subsection> - <subsection name="Jasper"> -@@ -318,6 +322,10 @@ + <subsection name="Coyote"> +@@ -333,6 +337,10 @@ page that has the <code>isErrorPage</code> page directive set to <code>true</code>. (markt) </fix> diff --git a/debian/patches/CVE-2015-5351.patch b/debian/patches/CVE-2015-5351.patch index 8ca74aa..df65650 100644 --- a/debian/patches/CVE-2015-5351.patch +++ b/debian/patches/CVE-2015-5351.patch @@ -6,7 +6,7 @@ Origin: backport, https://svn.apache.org/r1720658 https://svn.apache.org/r1720660 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml -@@ -326,6 +326,13 @@ +@@ -341,6 +341,13 @@ Handle the unlikely case where different versions of a web application are deployed with different session settings. (markt) </fix> diff --git a/debian/patches/CVE-2016-0706.patch b/debian/patches/CVE-2016-0706.patch index 84cdd5d..c896c24 100644 --- a/debian/patches/CVE-2016-0706.patch +++ b/debian/patches/CVE-2016-0706.patch @@ -14,7 +14,7 @@ Origin: backport, https://svn.apache.org/r1722800 +org.apache.catalina.manager.StatusManagerServlet=restricted --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml -@@ -333,6 +333,10 @@ +@@ -348,6 +348,10 @@ Don't create sessions unnecessarily in the Host Manager application. (markt) </fix> diff --git a/debian/patches/CVE-2016-0714.patch b/debian/patches/CVE-2016-0714.patch index 5d6fae2..d587408 100644 --- a/debian/patches/CVE-2016-0714.patch +++ b/debian/patches/CVE-2016-0714.patch @@ -487,7 +487,7 @@ Origin: backport, https://svn.apache.org/r1726196 extensionValidator.extension-not-found-error=ExtensionValidator[{0}][{1}]: Required extension [{2}] not found. --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml -@@ -308,6 +308,14 @@ +@@ -323,6 +323,14 @@ Add support for the EECDH alias when using the OpenSSL cipher syntax to define JSSE ciphers. (markt) </add> diff --git a/debian/patches/CVE-2016-0763.patch b/debian/patches/CVE-2016-0763.patch index 313cc21..39f5785 100644 --- a/debian/patches/CVE-2016-0763.patch +++ b/debian/patches/CVE-2016-0763.patch @@ -22,7 +22,7 @@ Origin: backport, https://svn.apache.org/r1725929 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml -@@ -337,6 +337,10 @@ +@@ -360,6 +360,10 @@ Add the <code>StatusManagerServlet</code> to the list of Servlets that can only be loaded by privileged applications. (markt) </fix> diff --git a/debian/patches/series b/debian/patches/series index 47a5947..d69cdee 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -14,10 +14,10 @@ #0020-disable-java8-support-with-jdtcompiler.patch CVE-2014-7810.patch CVE-2015-5174.patch +CVE-2015-5345.patch CVE-2015-5346.patch CVE-2015-5351.patch CVE-2016-0706.patch -CVE-2016-0763.patch CVE-2016-0714.patch -CVE-2015-5345.patch +CVE-2016-0763.patch CVE-2016-3092.patch -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tomcat8.git _______________________________________________ pkg-java-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits
