Sophie

• Search
• Distribution
• Explorer
• Source & Patches
• Chat
• Help
• About

distrib > Mageia > 5 > i586 > media > core-updates-src > by-pkgid > 93abaffb70e83168b5db77ddbbe5bcb6 > changelog

tomcat-7.0.77-1.mga5.src.rpm

• Info
• Deps
• Files
• Scripts
• ChangeLog
• Location
• Others versions
• Analyse

• Fri Apr 21 2017 neoclust <neoclust> 0:7.0.77-1.mga5

  + Revision: 1096992
  - New version 7.0.77 ( Fixes CVE-2017-5647 and CVE-2017-5648 )
  
  + daviddavid
  - new version: 7.0.75, fixes CVE-2016-8745 (mga#20081)
  - new version: 7.0.73, fixes CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 (mga#19828)
  - new version: 7.0.72, fixes CVE-2016-0762, CVE-2016-5018, CVE-2016-679[467] (mga#19672)
  - remove merged upstteam patches
  - Resolves: CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation (mga#19560)
  - Resolves: CVE-2016-5425 tomcat: Local privilege escalation via systemd-tmpfiles service (mga#19560)
  - fix a typo in previous patch adding the missing closing '-->' to line
  357 of web.xml file (thanks to Dave Hodgins to pointing that out)
  - add and rediff upstream patch to fix CVE-2016-5388 (mga#19306)
  * https://svn.apache.org/viewvc?view=revision&revision=1756941
  - add and rediff patch from debian to fix CVE-2016-3092 (mga#18803)
  - sync some changes with fc22
  
  + luigiwalser
  - 7.0.68 (sync with fedora 22)

• Sun Feb 22 2015 luigiwalser <luigiwalser> 0:7.0.59-2.mga5

  + Revision: 816331
  - sync with f21

• Sat Feb 14 2015 luigiwalser <luigiwalser> 0:7.0.59-1.mga5

  + Revision: 814932
  - 7.0.59 (fixes CVE-2014-0227)

• Sun Jan 11 2015 daviddavid <daviddavid> 0:7.0.54-5.mga5

  + Revision: 809900
  - Sync with fc21
  - fix Group

• Wed Oct 15 2014 umeabot <umeabot> 0:7.0.54-4.mga5

  + Revision: 744471
  - Second Mageia 5 Mass Rebuild

• Tue Sep 16 2014 umeabot <umeabot> 0:7.0.54-3.mga5

  + Revision: 689916
  - Mageia 5 Mass Rebuild

• Mon Jun 23 2014 luigiwalser <luigiwalser> 0:7.0.54-2.mga5

  + Revision: 638886
  - jsp-api requires el-api (from fedora)

• Thu Jun 12 2014 luigiwalser <luigiwalser> 0:7.0.54-1.mga5

  + Revision: 635821
  - 7.0.54 (sync with fedora)
  - add patch from apache bug #56373 to fix build with java7
  - sync changes from fedora:
  - re-add log4j subpackage with bundled log4j
  - Don't provide maven javax.jsp:jsp-api and
  javax.servlet.jsp:javax.servlet.jsp-api (rhbz#1076949)
  - Drop servlet/el api provides to reduce user machines ending with both