Author: blues Date: Mon Jun 8 11:13:34 2009 GMT Module: packages Tag: HEAD ---- Log message: - 4 security blockers added and move CVE notes for previous releases
---- Files affected: packages/tomcat: tomcat.spec (1.125 -> 1.126) , TODO (NONE -> 1.1) (NEW) ---- Diffs: ================================================================ Index: packages/tomcat/tomcat.spec diff -u packages/tomcat/tomcat.spec:1.125 packages/tomcat/tomcat.spec:1.126 --- packages/tomcat/tomcat.spec:1.125 Fri Jun 5 16:26:19 2009 +++ packages/tomcat/tomcat.spec Mon Jun 8 13:13:28 2009 @@ -1,6 +1,5 @@ # $Revision$, $Date$ -# TODO -# - packages for *.renametojar files (-cgi and -ssi in server/lib) +# # Conditional build: %bcond_without javadoc # skip building javadocs %bcond_with jta # put jta jar into tomcat lib dir. @@ -32,6 +31,23 @@ Patch7: apache-%{name}-admin-struts.patch Patch8: apache-%{name}-no_links_to_examples.patch URL: http://tomcat.apache.org/ +# http://tomcat.apache.org/security-5.html +# Requires upgrade to 6.0.20 or (in future) 5.5.28. Or patch: +# http://svn.apache.org/viewvc?rev=781362&view=rev +BuildRequires: security(CVE-2009-0033) +# http://tomcat.apache.org/security-5.html +# Requires upgrade to 6.0.20 or (in future) 5.5.28. Or patch: +# http://svn.apache.org/viewvc?rev=781379&view=rev +BuildRequires: security(CVE-2009-0580) +# http://tomcat.apache.org/security-5.html +# Requires upgrade to 6.0.20 or (in future) 5.5.28. Or patches: +# http://svn.apache.org/viewvc?rev=781542&view=rev +# http://svn.apache.org/viewvc?rev=681156&view=rev +BuildRequires: security(CVE-2009-0783) +# http://tomcat.apache.org/security-5.html +# Requires upgrade to 6.0.20 or (in future) 5.5.28. Or patch: +# http://svn.apache.org/viewvc?rev=750928&view=rev +BuildRequires: security(CVE-2009-0781) %if %{with java_sun} BuildRequires: java-sun >= 1.5 BuildRequires: java-sun-jre >= 1.5 @@ -449,6 +465,9 @@ All persons listed below can be reached at <cvs_login>@pld-linux.org $Log$ +Revision 1.126 2009/06/08 11:13:28 blues +- 4 security blockers added and move CVE notes for previous releases + Revision 1.125 2009/06/05 14:26:19 pawelz - missing O: @@ -677,9 +696,11 @@ Revision 1.57 2008/10/03 18:59:48 glen - 5.5.27 + [fixes: CVE-2008-1232, CVE-2008-1947, CVE-2008-2370] Revision 1.56 2008-04-11 07:17:10 glen - 5.5.26 + [fixes: CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286] Revision 1.55 2007-12-07 18:58:08 glen - builds again, revised symlinks ================================================================ Index: packages/tomcat/TODO diff -u /dev/null packages/tomcat/TODO:1.1 --- /dev/null Mon Jun 8 13:13:34 2009 +++ packages/tomcat/TODO Mon Jun 8 13:13:28 2009 @@ -0,0 +1,4 @@ +# TODO: +- packages for *.renametojar files (-cgi and -ssi in server/lib) +- upgrade to 6.* series + ================================================================ ---- CVS-web: http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/tomcat/tomcat.spec?r1=1.125&r2=1.126&f=u _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit