Blame SPECS/tomcat.spec

262920
# Copyright (c) 2000-2008, JPackage Project
262920
# All rights reserved.
262920
#
262920
# Redistribution and use in source and binary forms, with or without
262920
# modification, are permitted provided that the following conditions
262920
# are met:
262920
#
262920
# 1. Redistributions of source code must retain the above copyright
262920
#    notice, this list of conditions and the following disclaimer.
262920
# 2. Redistributions in binary form must reproduce the above copyright
262920
#    notice, this list of conditions and the following disclaimer in the
262920
#    documentation and/or other materials provided with the
262920
#    distribution.
262920
# 3. Neither the name of the JPackage Project nor the names of its
262920
#    contributors may be used to endorse or promote products derived
262920
#    from this software without specific prior written permission.
262920
#
262920
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
262920
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
262920
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
262920
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
262920
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
262920
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
262920
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
262920
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
262920
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
262920
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
262920
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
262920
#
262920
262920
%global jspspec 2.2
262920
%global major_version 7
262920
%global minor_version 0
867542
%global micro_version 76
262920
%global packdname apache-tomcat-%{version}-src
262920
%global servletspec 3.0
262920
%global elspec 2.2
5ecf70
%global tcuid 53
262920
262920
# FHS 2.3 compliant tree structure - http://www.pathname.com/fhs/2.3/
262920
%global basedir %{_var}/lib/%{name}
262920
%global appdir %{basedir}/webapps
262920
%global homedir %{_datadir}/%{name}
262920
%global bindir %{homedir}/bin
262920
%global confdir %{_sysconfdir}/%{name}
262920
%global libdir %{_javadir}/%{name}
262920
%global logdir %{_var}/log/%{name}
262920
%global cachedir %{_var}/cache/%{name}
262920
%global tempdir %{cachedir}/temp
262920
%global workdir %{cachedir}/work
262920
%global _initrddir %{_sysconfdir}/init.d
262920
%global _systemddir /lib/systemd/system
262920
262920
Name:          tomcat
262920
Epoch:         0
262920
Version:       %{major_version}.%{minor_version}.%{micro_version}
841849
Release:       16%{?dist}
262920
Summary:       Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
262920
262920
Group:         System Environment/Daemons
262920
License:       ASL 2.0
262920
URL:           http://tomcat.apache.org/
262920
Source0:       http://www.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz
262920
Source1:       %{name}-%{major_version}.%{minor_version}.conf
262920
Source3:       %{name}-%{major_version}.%{minor_version}.sysconfig
262920
Source4:       %{name}-%{major_version}.%{minor_version}.wrapper
262920
Source5:       %{name}-%{major_version}.%{minor_version}.logrotate
262920
Source6:       %{name}-%{major_version}.%{minor_version}-digest.script
262920
Source7:       %{name}-%{major_version}.%{minor_version}-tool-wrapper.script
262920
Source8:       servlet-api-OSGi-MANIFEST.MF
262920
Source9:       jsp-api-OSGi-MANIFEST.MF
262920
Source10:      %{name}-%{major_version}.%{minor_version}-log4j.properties
262920
Source11:      %{name}-%{major_version}.%{minor_version}.service
262920
Source12:      el-api-OSGi-MANIFEST.MF
262920
Source13:      jasper-el-OSGi-MANIFEST.MF
262920
Source14:      jasper-OSGi-MANIFEST.MF
262920
Source15:      tomcat-api-OSGi-MANIFEST.MF
262920
Source16:      tomcat-juli-OSGi-MANIFEST.MF
262920
Source20:      %{name}-%{major_version}.%{minor_version}-jsvc.service
295e28
Source21:      tomcat-functions
295e28
Source22:      tomcat-preamble
295e28
Source23:      tomcat-server
295e28
Source24:      tomcat-named.service
04fb17
Source25:      tomcat-juli-adapters.jar
04fb17
Source26:      tomcat-juli.jar
262920
1af9a1
Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch
1af9a1
Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch
04fb17
Patch2: %{name}-7.0.54-rebase.patch
04fb17
Patch3: %{name}-7.0-catalina-policy.patch
867542
Patch4: %{name}-7.0.76-CVE-2017-5664.patch
867542
Patch5: %{name}-7.0.76-CVE-2017-5647.patch
9e6f2c
Patch6: %{name}-7.0.76-CVE-2017-7674.patch
9e6f2c
Patch7: %{name}-7.0.76-CVE-2017-12617.patch
880c94
Patch8: patch.rhbz1602060
b4e201
Patch9: %{name}-7.0.76-CVE-2018-1336.patch
a482a9
Patch10: %{name}-7.0.76-CVE-2018-11784.patch
6f268b
Patch11: %{name}-7.0.76-CVE-2018-1304.patch
6f268b
Patch12: %{name}-7.0.76-CVE-2018-1305.patch
6f268b
Patch13: %{name}-7.0.76-CVE-2018-8014.patch
6f268b
Patch14: %{name}-7.0.76-CVE-2018-8034.patch
6f268b
Patch15: %{name}-7.0.76-rhbz-1588703.patch
6f268b
Patch16: %{name}-7.0.76-rhbz-1455483.patch
637de5
Patch17: %{name}-7.0.76-CVE-2020-1938.patch
90ce6a
Patch18: %{name}-7.0.76-rhbz-1822453.patch
90ce6a
Patch19: %{name}-7.0.76-rhbz-1795645.patch
90ce6a
Patch20: %{name}-7.0.76-CVE-2019-17563.patch
90ce6a
Patch21: %{name}-7.0.76-CVE-2020-9484.patch
90ce6a
Patch22: %{name}-7.0.76-CVE-2020-13935.patch
841849
Patch23: %{name}-7.0.76-CVE-2020-1935.patch
262920
262920
BuildArch:     noarch
262920
262920
BuildRequires: ant
1af9a1
#BuildRequires: ant-nodeps
262920
BuildRequires: ecj >= 1:4.2.1
262920
BuildRequires: findutils
262920
BuildRequires: apache-commons-collections
262920
BuildRequires: apache-commons-daemon
262920
BuildRequires: apache-commons-dbcp
262920
BuildRequires: apache-commons-pool
262920
BuildRequires: jakarta-taglibs-standard
262920
BuildRequires: java-devel >= 1:1.6.0
262920
BuildRequires: jpackage-utils >= 0:1.7.0
262920
BuildRequires: junit
262920
BuildRequires: log4j
262920
BuildRequires: geronimo-jaxrpc
262920
BuildRequires: wsdl4j
262920
BuildRequires: systemd-units
262920
Requires:      apache-commons-daemon
262920
Requires:      apache-commons-logging
262920
Requires:      apache-commons-collections
262920
Requires:      apache-commons-dbcp
262920
Requires:      apache-commons-pool
262920
Requires:      java >= 1:1.6.0
262920
Requires:      procps
262920
Requires:      %{name}-lib = %{epoch}:%{version}-%{release}
262920
Requires(pre):    shadow-utils
262920
Requires(post):   chkconfig
262920
Requires(preun):  chkconfig
262920
Requires(post):   systemd-units
262920
Requires(preun):  systemd-units
262920
Requires(postun): systemd-units
262920
262920
%description
262920
Tomcat is the servlet container that is used in the official Reference
262920
Implementation for the Java Servlet and JavaServer Pages technologies.
262920
The Java Servlet and JavaServer Pages specifications are developed by
262920
Sun under the Java Community Process.
262920
262920
Tomcat is developed in an open and participatory environment and
262920
released under the Apache Software License version 2.0. Tomcat is intended
262920
to be a collaboration of the best-of-breed developers from around the world.
262920
262920
%package admin-webapps
262920
Group: Applications/System
262920
Summary: The host-manager and manager web applications for Apache Tomcat
262920
Requires: %{name} = %{epoch}:%{version}-%{release}
262920
262920
%description admin-webapps
262920
The host-manager and manager web applications for Apache Tomcat.
262920
262920
%package docs-webapp
262920
Group: Applications/Text
262920
Summary: The docs web application for Apache Tomcat
262920
Requires: %{name} = %{epoch}:%{version}-%{release}
262920
262920
%description docs-webapp
262920
The docs web application for Apache Tomcat.
262920
262920
%package javadoc
262920
Group: Documentation
262920
Summary: Javadoc generated documentation for Apache Tomcat
262920
Requires: jpackage-utils
262920
262920
%description javadoc
262920
Javadoc generated documentation for Apache Tomcat.
262920
262920
%package jsvc
262920
Group: System Environment/Daemons
262920
Summary: Apache jsvc wrapper for Apache Tomcat as separate service
262920
Requires: %{name} = %{epoch}:%{version}-%{release}
262920
Requires: apache-commons-daemon-jsvc
262920
262920
%description jsvc
262920
Systemd service and wrapper scripts to start tomcat with jsvc,
262920
which allows tomcat to perform some privileged operations
262920
(e.g. bind to a port < 1024) and then switch identity to a non-privileged user.
262920
262920
%package jsp-%{jspspec}-api
262920
Group: Development/Libraries
262920
Summary: Apache Tomcat JSP API implementation classes
262920
Provides: jsp = %{jspspec}
262920
Provides: jsp22
262920
Requires: %{name}-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release}
262920
Requires(post): chkconfig
262920
Requires(postun): chkconfig
262920
262920
%description jsp-%{jspspec}-api
262920
Apache Tomcat JSP API implementation classes.
262920
262920
%package lib
262920
Group: Development/Libraries
262920
Summary: Libraries needed to run the Tomcat Web container
262920
Requires: %{name}-jsp-%{jspspec}-api = %{epoch}:%{version}-%{release}
262920
Requires: %{name}-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release}
262920
Requires: %{name}-el-%{elspec}-api = %{epoch}:%{version}-%{release}
262920
Requires: ecj >= 1:4.2.1
262920
Requires: apache-commons-collections
262920
Requires: apache-commons-dbcp
262920
Requires: apache-commons-pool
262920
Requires(preun): coreutils
262920
262920
%description lib
262920
Libraries needed to run the Tomcat Web container.
262920
262920
%package servlet-%{servletspec}-api
262920
Group: Development/Libraries
262920
Summary: Apache Tomcat Servlet API implementation classes
262920
Provides: servlet = %{servletspec}
262920
Provides: servlet6
262920
Provides: servlet3
262920
Requires(post): chkconfig
262920
Requires(postun): chkconfig
262920
262920
%description servlet-%{servletspec}-api
262920
Apache Tomcat Servlet API implementation classes.
262920
262920
%package el-%{elspec}-api
262920
Group: Development/Libraries
295e28
Summary: Expression Language v%{elspec} API
262920
Provides: el_1_0_api = %{epoch}:%{version}-%{release}
262920
Provides: el_api = %{elspec}
262920
Requires(post): chkconfig
262920
Requires(postun): chkconfig
262920
262920
%description el-%{elspec}-api
295e28
Expression Language %{elspec}.
262920
262920
%package webapps
262920
Group: Applications/Internet
262920
Summary: The ROOT and examples web applications for Apache Tomcat
262920
Requires: %{name} = %{epoch}:%{version}-%{release}
262920
Requires: jakarta-taglibs-standard >= 0:1.1
262920
262920
%description webapps
262920
The ROOT and examples web applications for Apache Tomcat.
262920
262920
%prep
262920
%setup -q -n %{packdname}
262920
# remove pre-built binaries and windows files
262920
find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name "*.gz" -o \
262920
   -name "*.jar" -o -name "*.war" -o -name "*.zip" \) -delete
262920
262920
%patch0 -p0
262920
%patch1 -p0
1af9a1
%patch2 -p0
e41f6f
%patch3 -p0
130a60
%patch4 -p0
130a60
%patch5 -p0
9e6f2c
%patch6 -p0
9e6f2c
%patch7 -p0
880c94
%patch8 -p0
b4e201
%patch9 -p0
a482a9
%patch10 -p0
6f268b
%patch11 -p0
6f268b
%patch12 -p0
6f268b
%patch13 -p0
6f268b
%patch14 -p0
6f268b
%patch15 -p0
6f268b
%patch16 -p0
637de5
%patch17 -p0
f26674
%patch18 -p0
90ce6a
%patch19 -p0
90ce6a
%patch20 -p0
90ce6a
%patch21 -p0
90ce6a
%patch22 -p0
841849
%patch23 -p0
1af9a1
262920
%{__ln_s} $(build-classpath jakarta-taglibs-core) webapps/examples/WEB-INF/lib/jstl.jar
262920
%{__ln_s} $(build-classpath jakarta-taglibs-standard) webapps/examples/WEB-INF/lib/standard.jar
262920
262920
%build
262920
export OPT_JAR_LIST="xalan-j2-serializer"
1af9a1
262920
   # we don't care about the tarballs and we're going to replace
262920
   # tomcat-dbcp.jar with apache-commons-{collections,dbcp,pool}-tomcat5.jar
262920
   # so just create a dummy file for later removal
262920
   touch HACK
262920
   %{__mkdir_p} HACKDIR
262920
   touch HACKDIR/build.xml
262920
   # who needs a build.properties file anyway
262920
   %{ant} -Dbase.path="." \
262920
      -Dbuild.compiler="modern" \
262920
      -Dcommons-collections.jar="$(build-classpath apache-commons-collections)" \
262920
      -Dcommons-daemon.jar="$(build-classpath apache-commons-daemon)" \
262920
      -Dcommons-daemon.native.src.tgz="HACK" \
262920
      -Djasper-jdt.jar="$(build-classpath ecj)" \
262920
      -Djdt.jar="$(build-classpath ecj)" \
262920
      -Dtomcat-dbcp.jar="$(build-classpath apache-commons-dbcp)" \
262920
      -Dtomcat-native.tar.gz="HACK" \
262920
      -Dtomcat-native.home="." \
262920
      -Dcommons-daemon.native.win.mgr.exe="HACK" \
262920
      -Dnsis.exe="HACK" \
262920
      -Djaxrpc-lib.jar="$(build-classpath jaxrpc)" \
262920
      -Dwsdl4j-lib.jar="$(build-classpath wsdl4j)" \
262920
      -Dcommons-pool.home="HACKDIR" \
262920
      -Dcommons-dbcp.home="HACKDIR" \
262920
      -Dno.build.dbcp=true \
262920
      -Dversion="%{version}" \
262920
      -Dversion.build="%{micro_version}" \
295e28
      -Djava.7.home=%{java_home} \
262920
      deploy dist-prepare dist-source javadoc
262920
262920
    # remove some jars that we'll replace with symlinks later
262920
   %{__rm} output/build/bin/commons-daemon.jar \
262920
           output/build/lib/ecj.jar \
262920
           output/build/lib/apache-commons-dbcp.jar
262920
262920
    # remove the cruft we created
262920
   %{__rm} output/build/bin/tomcat-native.tar.gz
262920
pushd output/dist/src/webapps/docs/appdev/sample/src
262920
%{__mkdir_p} ../web/WEB-INF/classes
262920
%{javac} -cp ../../../../../../../../output/build/lib/servlet-api.jar -d ../web/WEB-INF/classes mypackage/Hello.java
262920
pushd ../web
262920
%{jar} cf ../../../../../../../../output/build/webapps/docs/appdev/sample/sample.war *
262920
popd
262920
popd
262920
262920
# inject OSGi manifests
262920
mkdir -p META-INF
262920
cp -p %{SOURCE8} META-INF/MANIFEST.MF
262920
touch META-INF/MANIFEST.MF
262920
zip -u output/build/lib/servlet-api.jar META-INF/MANIFEST.MF
262920
cp -p %{SOURCE9} META-INF/MANIFEST.MF
262920
touch META-INF/MANIFEST.MF
262920
zip -u output/build/lib/jsp-api.jar META-INF/MANIFEST.MF
262920
cp -p %{SOURCE12} META-INF/MANIFEST.MF
262920
touch META-INF/MANIFEST.MF
262920
zip -u output/build/lib/el-api.jar META-INF/MANIFEST.MF
262920
cp -p %{SOURCE13} META-INF/MANIFEST.MF
262920
touch META-INF/MANIFEST.MF
262920
zip -u output/build/lib/jasper-el.jar META-INF/MANIFEST.MF
262920
cp -p %{SOURCE14} META-INF/MANIFEST.MF
262920
touch META-INF/MANIFEST.MF
262920
zip -u output/build/lib/jasper.jar META-INF/MANIFEST.MF
262920
cp -p %{SOURCE15} META-INF/MANIFEST.MF
262920
touch META-INF/MANIFEST.MF
262920
zip -u output/build/lib/tomcat-api.jar META-INF/MANIFEST.MF
262920
cp -p %{SOURCE16} META-INF/MANIFEST.MF
262920
touch META-INF/MANIFEST.MF
262920
zip -u output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF
262920
262920
%install
262920
# build initial path structure
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_bindir}
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_sbindir}
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_javadocdir}/%{name}
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_initrddir}
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_systemddir}
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{appdir}
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{bindir}
262920
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{confdir}
262920
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{confdir}/Catalina/localhost
04fb17
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{confdir}/conf.d
04fb17
/bin/echo "Place your custom *.conf files here. Shell expansion is supported." > ${RPM_BUILD_ROOT}%{confdir}/conf.d/README
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{libdir}
262920
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{logdir}
262920
/bin/touch ${RPM_BUILD_ROOT}%{logdir}/catalina.out
295e28
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{_localstatedir}/lib/tomcats
262920
/bin/echo "%{name}-%{major_version}.%{minor_version}.%{micro_version} RPM installed" >> ${RPM_BUILD_ROOT}%{logdir}/catalina.out
262920
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{homedir}
262920
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{tempdir}
262920
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{workdir}
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_unitdir}
295e28
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_libexecdir}/%{name}
262920
262920
# move things into place
262920
# First copy supporting libs to tomcat lib
262920
pushd output/build
262920
    %{__cp} -a bin/*.{jar,xml} ${RPM_BUILD_ROOT}%{bindir}
262920
    %{__cp} %{SOURCE10} conf/log4j.properties
262920
    %{__cp} -a conf/*.{policy,properties,xml} ${RPM_BUILD_ROOT}%{confdir}
262920
    %{__cp} -a lib/*.jar ${RPM_BUILD_ROOT}%{libdir}
262920
    %{__cp} -a webapps/* ${RPM_BUILD_ROOT}%{appdir}
262920
popd
262920
# javadoc
262920
%{__cp} -a output/dist/webapps/docs/api/* ${RPM_BUILD_ROOT}%{_javadocdir}/%{name}
262920
262920
%{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \
262920
   -e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \
262920
   -e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE1} \
262920
    > ${RPM_BUILD_ROOT}%{confdir}/%{name}.conf
262920
%{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \
262920
   -e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \
262920
   -e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE3} \
262920
    > ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/%{name}
262920
%{__install} -m 0644 %{SOURCE4} \
262920
    ${RPM_BUILD_ROOT}%{_sbindir}/%{name}
262920
%{__install} -m 0644 %{SOURCE11} \
262920
    ${RPM_BUILD_ROOT}%{_unitdir}/%{name}.service
262920
%{__install} -m 0644 %{SOURCE20} \
262920
    ${RPM_BUILD_ROOT}%{_unitdir}/%{name}-jsvc.service
1af9a1
# %{__ln_s} %{name} ${RPM_BUILD_ROOT}%{_sbindir}/d%{name}
262920
%{__sed} -e "s|\@\@\@TCLOG\@\@\@|%{logdir}|g" %{SOURCE5} \
262920
    > ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name}
262920
%{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \
262920
   -e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \
262920
   -e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE6} \
262920
    > ${RPM_BUILD_ROOT}%{_bindir}/%{name}-digest
262920
%{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \
262920
   -e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \
262920
   -e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE7} \
262920
    > ${RPM_BUILD_ROOT}%{_bindir}/%{name}-tool-wrapper
295e28
295e28
%{__install} -m 0644 %{SOURCE21} \
295e28
    ${RPM_BUILD_ROOT}%{_libexecdir}/%{name}/functions         
295e28
%{__install} -m 0755 %{SOURCE22} \
295e28
    ${RPM_BUILD_ROOT}%{_libexecdir}/%{name}/preamble          
295e28
%{__install} -m 0755 %{SOURCE23} \
295e28
    ${RPM_BUILD_ROOT}%{_libexecdir}/%{name}/server            
295e28
%{__install} -m 0644 %{SOURCE24} \
295e28
    ${RPM_BUILD_ROOT}%{_unitdir}/%{name}@.service 
295e28
262920
# create jsp and servlet API symlinks
262920
pushd ${RPM_BUILD_ROOT}%{_javadir}
262920
   %{__mv} %{name}/jsp-api.jar %{name}-jsp-%{jspspec}-api.jar
262920
   %{__ln_s} %{name}-jsp-%{jspspec}-api.jar %{name}-jsp-api.jar
262920
   %{__mv} %{name}/servlet-api.jar %{name}-servlet-%{servletspec}-api.jar
262920
   %{__ln_s} %{name}-servlet-%{servletspec}-api.jar %{name}-servlet-api.jar
262920
   %{__mv} %{name}/el-api.jar %{name}-el-%{elspec}-api.jar
262920
   %{__ln_s} %{name}-el-%{elspec}-api.jar %{name}-el-api.jar
262920
popd
262920
262920
pushd output/build
262920
    %{_bindir}/build-jar-repository lib apache-commons-collections \
262920
                                        apache-commons-dbcp apache-commons-pool ecj 2>&1
262920
    # need to use -p here with b-j-r otherwise the examples webapp fails to
262920
    # load with a java.io.IOException
262920
    %{_bindir}/build-jar-repository -p webapps/examples/WEB-INF/lib \
262920
    taglibs-core.jar taglibs-standard.jar 2>&1
262920
popd
262920
262920
pushd ${RPM_BUILD_ROOT}%{libdir}
262920
    # symlink JSP and servlet API jars
262920
    %{__ln_s} ../%{name}-jsp-%{jspspec}-api.jar .
262920
    %{__ln_s} ../%{name}-servlet-%{servletspec}-api.jar .
262920
    %{__ln_s} ../%{name}-el-%{elspec}-api.jar .
262920
    %{__ln_s} $(build-classpath apache-commons-collections) commons-collections.jar
262920
    %{__ln_s} $(build-classpath apache-commons-dbcp) commons-dbcp.jar
262920
    %{__ln_s} $(build-classpath apache-commons-pool) commons-pool.jar
262920
    %{__ln_s} $(build-classpath log4j) log4j.jar
262920
    %{__ln_s} $(build-classpath ecj) jasper-jdt.jar
262920
262920
    # Temporary copy the juli jar here from /usr/share/java/tomcat (for maven depmap)
262920
    %{__cp} -a ${RPM_BUILD_ROOT}%{bindir}/tomcat-juli.jar ./
04fb17
04fb17
    # Add extras JULI jars
04fb17
    %{__mkdir} extras
04fb17
    pushd extras
04fb17
        %{__cp} -p %{SOURCE25} .
04fb17
        %{__cp} -p %{SOURCE26} .
04fb17
    popd
262920
popd
262920
262920
# symlink to the FHS locations where we've installed things
262920
pushd ${RPM_BUILD_ROOT}%{homedir}
262920
    %{__ln_s} %{appdir} webapps
262920
    %{__ln_s} %{confdir} conf
262920
    %{__ln_s} %{libdir} lib
262920
    %{__ln_s} %{logdir} logs
262920
    %{__ln_s} %{tempdir} temp
262920
    %{__ln_s} %{workdir} work
262920
popd
262920
262920
# install sample webapp
262920
%{__mkdir_p} ${RPM_BUILD_ROOT}%{appdir}/sample
262920
pushd ${RPM_BUILD_ROOT}%{appdir}/sample
262920
%{jar} xf ${RPM_BUILD_ROOT}%{appdir}/docs/appdev/sample/sample.war
262920
popd
262920
%{__rm} ${RPM_BUILD_ROOT}%{appdir}/docs/appdev/sample/sample.war
262920
262920
# Allow linking for example webapp
262920
%{__mkdir_p} ${RPM_BUILD_ROOT}%{appdir}/examples/META-INF
262920
pushd ${RPM_BUILD_ROOT}%{appdir}/examples/META-INF
262920
echo ''>context.xml
262920
echo '<Context allowLinking="true"/>'>>context.xml
262920
popd
262920
262920
pushd ${RPM_BUILD_ROOT}%{appdir}/examples/WEB-INF/lib
262920
%{__ln_s} -f $(build-classpath jakarta-taglibs-core) jstl.jar
262920
%{__ln_s} -f $(build-classpath jakarta-taglibs-standard) standard.jar
262920
popd
262920
262920
262920
# Install the maven metadata
262920
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_mavenpomdir}
262920
pushd output/dist/src/res/maven
262920
for pom in *.pom; do
262920
    # fix-up version in all pom files
262920
    sed -i 's/@MAVEN.DEPLOY.VERSION@/%{version}/g' $pom
262920
done
262920
262920
# we won't install dbcp, juli-adapters and juli-extras pom files
262920
for libname in annotations-api catalina jasper-el jasper catalina-ha; do
262920
    %{__cp} -a %{name}-$libname.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-$libname.pom
262920
    %add_maven_depmap JPP.%{name}-$libname.pom %{name}/$libname.jar
262920
done
262920
262920
# servlet-api jsp-api and el-api are not in tomcat subdir, since they are widely re-used elsewhere
262920
%{__cp} -a tomcat-jsp-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP-tomcat-jsp-api.pom
262920
%add_maven_depmap JPP-tomcat-jsp-api.pom tomcat-jsp-api.jar -f "tomcat-jsp-api" -a "javax.servlet.jsp:javax.servlet.jsp-api,javax.servlet:jsp-api,org.eclipse.jetty.orbit:javax.servlet.jsp"
262920
262920
%{__cp} -a tomcat-el-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP-tomcat-el-api.pom
262920
%add_maven_depmap JPP-tomcat-el-api.pom tomcat-el-api.jar -f "tomcat-el-api" -a "javax.el:javax.el-api,javax.el:el-api,org.eclipse.jetty.orbit:javax.el"
262920
262920
%{__cp} -a tomcat-servlet-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP-tomcat-servlet-api.pom
262920
# Generate a depmap fragment javax.servlet:servlet-api pointing to
262920
# tomcat-servlet-3.0-api for backwards compatibility
262920
# also provide jetty depmap (originally in jetty package, but it's cleaner to have it here
262920
%add_maven_depmap JPP-tomcat-servlet-api.pom tomcat-servlet-api.jar -f "tomcat-servlet-api" -a "javax.servlet:servlet-api,javax.servlet:javax.servlet-api,org.mortbay.jetty:servlet-api,org.eclipse.jetty.orbit:javax.servlet"
262920
262920
# two special pom where jar files have different names
262920
%{__cp} -a tomcat-tribes.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-catalina-tribes.pom
262920
%add_maven_depmap JPP.%{name}-catalina-tribes.pom %{name}/catalina-tribes.jar
262920
262920
%{__cp} -a tomcat-coyote.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-coyote.pom
262920
%add_maven_depmap JPP.%{name}-tomcat-coyote.pom %{name}/tomcat-coyote.jar
262920
262920
%{__cp} -a tomcat-juli.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-juli.pom
262920
%add_maven_depmap JPP.%{name}-tomcat-juli.pom %{name}/tomcat-juli.jar
262920
262920
%{__cp} -a tomcat-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-api.pom
262920
%add_maven_depmap JPP.%{name}-tomcat-api.pom %{name}/tomcat-api.jar
262920
262920
%{__cp} -a tomcat-util.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-util.pom
262920
%add_maven_depmap JPP.%{name}-tomcat-util.pom %{name}/tomcat-util.jar
262920
262920
# replace temporary copy with link
262920
%{__ln_s} -f %{bindir}/tomcat-juli.jar ${RPM_BUILD_ROOT}%{libdir}/
262920
262920
262920
%pre
262920
# add the tomcat user and group
5ecf70
getent group tomcat >/dev/null || %{_sbindir}/groupadd -f -g %{tcuid} -r tomcat
5ecf70
if ! getent passwd tomcat >/dev/null ; then
5ecf70
    if ! getent passwd %{tcuid} >/dev/null ; then
5ecf70
        %{_sbindir}/useradd -r -u %{tcuid} -g tomcat -d %{homedir} -s /sbin/nologin -c "Apache Tomcat" tomcat
5ecf70
        # Tomcat uses a reserved ID, so there should never be an else
5ecf70
    fi
5ecf70
fi
5ecf70
exit 0
262920
262920
%post
262920
# install but don't activate
262920
%systemd_post %{name}.service
262920
262920
%post jsp-%{jspspec}-api
262920
%{_sbindir}/update-alternatives --install %{_javadir}/jsp.jar jsp \
262920
    %{_javadir}/%{name}-jsp-%{jspspec}-api.jar 20200
262920
262920
%post servlet-%{servletspec}-api
262920
%{_sbindir}/update-alternatives --install %{_javadir}/servlet.jar servlet \
262920
    %{_javadir}/%{name}-servlet-%{servletspec}-api.jar 30000
262920
262920
%post el-%{elspec}-api
262920
%{_sbindir}/update-alternatives --install %{_javadir}/elspec.jar elspec \
262920
   %{_javadir}/%{name}-el-%{elspec}-api.jar 20300
262920
262920
%preun
262920
# clean tempdir and workdir on removal or upgrade
262920
%{__rm} -rf %{workdir}/* %{tempdir}/*
262920
%systemd_preun %{name}.service
262920
262920
%postun
262920
%systemd_postun_with_restart %{name}.service 
262920
262920
%postun jsp-%{jspspec}-api
262920
if [ "$1" = "0" ]; then
262920
    %{_sbindir}/update-alternatives --remove jsp \
262920
        %{_javadir}/%{name}-jsp-%{jspspec}-api.jar
262920
fi
262920
262920
%postun servlet-%{servletspec}-api
262920
if [ "$1" = "0" ]; then
262920
    %{_sbindir}/update-alternatives --remove servlet \
262920
        %{_javadir}/%{name}-servlet-%{servletspec}-api.jar
262920
fi
262920
262920
%postun el-%{elspec}-api
262920
if [ "$1" = "0" ]; then
262920
    %{_sbindir}/update-alternatives --remove elspec \
262920
        %{_javadir}/%{name}-el-%{elspec}-api.jar
262920
fi
262920
262920
%triggerun -- tomcat < 0:7.0.22-2
262920
/usr/bin/systemd-sysv-convert -- save tomcat > /dev/null 2>&1 || :
262920
# Run these becasue the SysV package being removed won't do them
262920
/sbin/chkconfig --del tomcat > /dev/null 2>&1 || :
262920
/bin/systemctl try-restart tomcat.service > /dev/null 2>&1 || :
262920
262920
%files
262920
%defattr(0664,root,tomcat,0755)
262920
%doc {LICENSE,NOTICE,RELEASE*}
262920
%attr(0755,root,root) %{_bindir}/%{name}-digest
262920
%attr(0755,root,root) %{_bindir}/%{name}-tool-wrapper
262920
%attr(0755,root,root) %{_sbindir}/%{name}
262920
%attr(0644,root,root) %{_unitdir}/%{name}.service
295e28
%attr(0644,root,root) %{_unitdir}/%{name}@.service
295e28
%attr(0755,root,root) %dir %{_libexecdir}/%{name}
295e28
%attr(0755,root,root) %dir %{_localstatedir}/lib/tomcats
295e28
%attr(0644,root,root) %{_libexecdir}/%{name}/functions
295e28
%attr(0755,root,root) %{_libexecdir}/%{name}/preamble
295e28
%attr(0755,root,root) %{_libexecdir}/%{name}/server
262920
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
130a60
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/%{name}
262920
%attr(0755,root,tomcat) %dir %{basedir}
262920
%attr(0755,root,tomcat) %dir %{confdir}
130a60
262920
%defattr(0664,tomcat,root,0770)
262920
%attr(0770,tomcat,root) %dir %{logdir}
130a60
262920
%defattr(0664,root,tomcat,0770)
04fb17
%attr(0660,tomcat,tomcat) %verify(not size md5 mtime) %{logdir}/catalina.out
262920
%attr(0770,root,tomcat) %dir %{cachedir}
262920
%attr(0770,root,tomcat) %dir %{tempdir}
262920
%attr(0770,root,tomcat) %dir %{workdir}
130a60
130a60
%defattr(0644,root,tomcat,0775)
262920
%attr(0775,root,tomcat) %dir %{appdir}
262920
%attr(0775,root,tomcat) %dir %{confdir}/Catalina
262920
%attr(0775,root,tomcat) %dir %{confdir}/Catalina/localhost
04fb17
%attr(0755,root,tomcat) %dir %{confdir}/conf.d
04fb17
%{confdir}/conf.d/README
130a60
%config(noreplace) %{confdir}/%{name}.conf
130a60
%config(noreplace) %{confdir}/*.policy
130a60
%config(noreplace) %{confdir}/*.properties
130a60
%config(noreplace) %{confdir}/context.xml
130a60
%config(noreplace) %{confdir}/server.xml
130a60
%attr(0640,root,tomcat) %config(noreplace) %{confdir}/tomcat-users.xml
130a60
%config(noreplace) %{confdir}/web.xml
262920
%dir %{homedir}
262920
%{bindir}/bootstrap.jar
262920
%{bindir}/catalina-tasks.xml
262920
%{homedir}/lib
262920
%{homedir}/temp
262920
%{homedir}/webapps
262920
%{homedir}/work
262920
%{homedir}/logs
262920
%{homedir}/conf
262920
262920
%files admin-webapps
262920
%defattr(0664,root,tomcat,0755)
262920
%{appdir}/host-manager
262920
%{appdir}/manager
04fb17
%config(noreplace) %{appdir}/manager/WEB-INF/web.xml
04fb17
%config(noreplace) %{appdir}/host-manager/WEB-INF/web.xml
262920
262920
%files docs-webapp
262920
%defattr(-,root,root,-)
262920
%{appdir}/docs
262920
262920
%files javadoc
262920
%defattr(-,root,root,-)
262920
%{_javadocdir}/%{name}
262920
262920
%files jsp-%{jspspec}-api
262920
%defattr(-,root,root,-)
262920
%{_javadir}/%{name}-jsp-%{jspspec}*.jar
262920
%{_javadir}/%{name}-jsp-api.jar
262920
%{_mavenpomdir}/JPP-%{name}-jsp-api.pom
262920
%{_mavendepmapfragdir}/%{name}-tomcat-jsp-api
262920
262920
%files lib
262920
%defattr(-,root,root,-)
262920
%{libdir}
262920
%{bindir}/tomcat-juli.jar
262920
%{_mavendepmapfragdir}/%{name}
262920
%{_mavenpomdir}/JPP.%{name}-annotations-api.pom
262920
%{_mavenpomdir}/JPP.%{name}-catalina-ha.pom
262920
%{_mavenpomdir}/JPP.%{name}-catalina-tribes.pom
262920
%{_mavenpomdir}/JPP.%{name}-catalina.pom
262920
%{_mavenpomdir}/JPP.%{name}-jasper-el.pom
262920
%{_mavenpomdir}/JPP.%{name}-jasper.pom
262920
%{_mavenpomdir}/JPP.%{name}-tomcat-api.pom
262920
%{_mavenpomdir}/JPP.%{name}-tomcat-juli.pom
262920
%{_mavenpomdir}/JPP.%{name}-tomcat-coyote.pom
262920
%{_mavenpomdir}/JPP.%{name}-tomcat-util.pom
262920
262920
%exclude %{libdir}/%{name}-el-%{elspec}-api.jar
262920
262920
%files servlet-%{servletspec}-api
262920
%defattr(-,root,root,-)
262920
%doc LICENSE
262920
%{_javadir}/%{name}-servlet-%{servletspec}*.jar
262920
%{_javadir}/%{name}-servlet-api.jar
262920
%{_mavendepmapfragdir}/%{name}-tomcat-servlet-api
262920
%{_mavenpomdir}/JPP-%{name}-servlet-api.pom
262920
262920
%files el-%{elspec}-api
262920
%defattr(-,root,root,-)
262920
%doc LICENSE
262920
%{_javadir}/%{name}-el-%{elspec}-api.jar
262920
%{_javadir}/%{name}-el-api.jar
262920
%{libdir}/%{name}-el-%{elspec}-api.jar
262920
%{_mavenpomdir}/JPP-%{name}-el-api.pom
262920
%{_mavendepmapfragdir}/%{name}-tomcat-el-api
262920
262920
262920
%files webapps
262920
%defattr(0644,tomcat,tomcat,0755)
262920
%{appdir}/ROOT
262920
%{appdir}/examples
262920
%{appdir}/sample
262920
262920
%files jsvc
262920
%defattr(755,root,root,0755)
262920
%attr(0644,root,root) %{_unitdir}/%{name}-jsvc.service
262920
262920
%changelog
841849
* Wed Sep 23 2020 Hui Wang <huwang@redhat.com> 0:7.0.76-16
841849
- Resolves: rhbz#1814315 CVE-2020-1935 tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling
841849
90ce6a
* Fri Jul 17 2020 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-15
90ce6a
- Resolves: CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS
90ce6a
90ce6a
* Thu May 21 2020 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-14
90ce6a
- Revert rhbz#1814315 because it caused other issues with ipa-server, see rhbz#1831127
f26674
- Resolves: CVE-2020-9484 tomcat: Apache Tomcat Remote Code Execution via session persistence
f26674
90ce6a
* Wed May 06 2020 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-13
90ce6a
- Revert rhbz#1367492 because it caused issues with ipa-server, see rhbz#1831127
90ce6a
90ce6a
* Fri Apr 24 2020 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-12
90ce6a
- Resolves: rhbz#1367492 harden package permissions
90ce6a
- Resolves: rhbz#1523112 tomcat systemd does not cope with - in service names
90ce6a
- Resolves: rhbz#1629162 tomcat-dbcp.jar is missing from tomcat package
90ce6a
- Resolves: rhbz#1822453 Tomcat parses a request having an absolute URI path incorrectly and returns 404 Not Found
90ce6a
- Resolves: rhbz#1795645 connection leak with StatementCache, SlowQueryReport or StatementDecoratorInterceptor
90ce6a
- Resolves: CVE-2019-17563 tomcat: session fixation when using FORM authentication
90ce6a
637de5
* Tue Mar 03 2020 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-11
90ce6a
- CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability
637de5
3bf03d
* Tue Sep 03 2019 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-10
3bf03d
- Resolves: rhbz#1748541 Bump tomcat release number
3bf03d
a482a9
* Tue Feb 12 2019 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-9
a482a9
- Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet
6f268b
- Resolves: rhbz#1552375 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources
6f268b
- Resolves: rhbz#1552374 CVE-2018-1305 tomcat: Late application of security constraints can lead to resource exposure for unauthorised users
6f268b
- Resolves: rhbz#1590182 CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins
6f268b
- Resolves: rhbz#1608609 CVE-2018-8034 tomcat: host name verification missing in WebSocket client
6f268b
- Resolves: rhbz#1588703 Backport of Negative maxCookieCount value causes exception for Tomcat
6f268b
- Resolves: rhbz#1472950 shutdown_wait option is not working for Tomcat
6f268b
- Resolves: rhbz#1455483 Add support for characters "<" and ">" to the possible whitelist values
b4e201
a482a9
* Fri Oct 12 2018 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-8
a482a9
- Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS
a482a9
a482a9
* Tue Jul 24 2018 Jean-Frederic Clere <jclere@redhat.com> 0:7.0.76-7
a482a9
- Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session
880c94
5ecf70
* Wed Nov 08 2017 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-6
5ecf70
- Related: rhbz#1505762 Remove erroneous useradd
5ecf70
5ecf70
* Tue Nov 07 2017 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-5
5ecf70
- Resolves: rhbz#1485453 man page uid and gid mismatch for service accounts
5ecf70
- Resolves: rhbz#1505762 Problem to start tomcat with a user whose group has a name different to the user
5ecf70
5ecf70
* Mon Nov 06 2017 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-3
5ecf70
- Resolves: rhbz#1498343 CVE-2017-12615 CVE-2017-12617 tomcat: various flaws
5ecf70
- Resolves: rhbz#1495655 CVE-2017-7674 tomcat: Vary header not added by CORS filter leading to cache poisoning
5ecf70
- Resolves: rhbz#1470597 CVE-2017-5647 Add follow up revision
9e6f2c
867542
* Thu Jun 08 2017 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-2
867542
- Resolves: rhbz#1459747 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism
867542
- Resolves: rhbz#1441481 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used
867542
867542
* Wed Mar 29 2017 Coty Sutherland <csutherl@redhat.com> - 0:7.0.76-1
867542
- Resolves: rhbz#1414895 Rebase tomcat to the current release
037463
04fb17
* Thu Aug 25 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-10
04fb17
- Related: rhbz#1368122
04fb17
04fb17
* Tue Aug 23 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-9
04fb17
- Resolves: rhbz#1362213 Tomcat: CGI sets environmental variable based on user supplied Proxy request header
04fb17
- Resolves: rhbz#1368122
04fb17
04fb17
* Wed Aug 03 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-7
04fb17
- Resolves: rhbz#1362545
04fb17
04fb17
* Fri Jul 08 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-6
04fb17
- Related: rhbz#1201409 Added /etc/sysconfig/tomcat to the systemd unit for tomcat-jsvc.service
04fb17
04fb17
* Fri Jul 01 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-5
04fb17
- Resolves: rhbz#1347860 The systemd service unit does not allow tomcat to shut down gracefully
04fb17
04fb17
* Mon Jun 27 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-4
04fb17
- Resolves: rhbz#1350438 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service
04fb17
04fb17
* Fri Jun 17 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-3
04fb17
- Resolves: rhbz#1347774 The security manager doesn't work correctly (JSPs cannot be compiled)
04fb17
04fb17
* Tue Jun 07 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-2
04fb17
- Rebase Resolves: rhbz#1311622 Getting NoSuchElementException while handling attributes with empty string value in tomcat
04fb17
- Rebase Resolves: rhbz#1320853 Add HSTS support
04fb17
- Rebase Resolves: rhbz#1293292 CVE-2014-7810 tomcat: Tomcat/JBossWeb: security manager bypass via EL expressions
04fb17
- Rebase Resolves: rhbz#1347144 CVE-2016-0706 tomcat: security manager bypass via StatusManagerServlet
04fb17
- Rebase Resolves: rhbz#1347139 CVE-2015-5346 tomcat: Session fixation
04fb17
- Rebase Resolves: rhbz#1347136 CVE-2015-5345 tomcat: directory disclosure
04fb17
- Rebase Resolves: rhbz#1347129 CVE-2015-5174 tomcat: URL Normalization issue
04fb17
- Rebase Resolves: rhbz#1347146 CVE-2016-0763 tomcat: security manager bypass via setGlobalContext()
04fb17
- Rebase Resolves: rhbz#1347142 CVE-2016-0714 tomcat: Security Manager bypass via persistence mechanisms
04fb17
- Rebase Resolves: rhbz#1347133 CVE-2015-5351 tomcat: CSRF token leak
04fb17
04fb17
* Mon Jun 06 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-1
04fb17
- Resolves: rhbz#1287928 Rebase to tomcat 7.0.69
04fb17
- Resolves: rhbz#1327326 rpm -V tomcat fails on /var/log/tomcat/catalina.out
04fb17
- Resolves: rhbz#1277197 tomcat user has non-existing default shell set
04fb17
- Resolves: rhbz#1240279 The command tomcat-digest doesn't work with RHEL 7
04fb17
- Resolves: rhbz#1229476 Tomcat startup ONLY options
04fb17
- Resolves: rhbz#1133070 Need to include full implementation of tomcat-juli.jar and tomcat-juli-adapters.jar
04fb17
- Resolves: rhbz#1201409 Fix the broken tomcat-jsvc service unit
04fb17
- Resolves: rhbz#1221896 tomcat.service loads /etc/sysconfig/tomcat without shell expansion
04fb17
- Resolves: rhbz#1208402 Mark web.xml in tomcat-admin-webapps as config file
130a60
e41f6f
* Tue Mar 24 2015 David Knox <dknox@redhat.com> - 0:7.0.54-2
130a60
- Resolves: CVE-2014-0227
e41f6f
295e28
* Wed Sep 17 2014 David Knox <dknox@redhat.com> - 0:7.0.54-1
295e28
- Resolves: rhbz#1141372 - Remove systemv artifacts. Add new systemd 
295e28
- artifacts. Rebase on 7.0.54.
295e28
295e28
* Wed Jun 18 2014 David Knox <dknox@redhat.com> - 0:7.0.43-6
295e28
- Resolves: CVE-2014-0099
295e28
- Resolves: CVE-2014-0096
295e28
- Resolves: CVE-2014-0075
79b4cc
73015d
* Wed Apr 16 2014 David Knox <dknox@redhat.com> - 0:7.0.42-5
73015d
- Related: CVE-2013-4286
73015d
- Related: CVE-2013-4322
73015d
- Related: CVE-2014-0050
73015d
- revisit patches for above. 
73015d
1af9a1
* Thu Mar 20 2014 David Knox <dknox@redhat.com> - 0:7.0.42-4
1af9a1
- Related: rhbz#1056696 correct packaging for sbin tomcat
1af9a1
1af9a1
* Thu Mar 20 2014 David Knox <dknox@redhat.com> - 0:7.0.42-3
1af9a1
- Related: CVE-2013-4286. increment build number. missed doing
1af9a1
- it. 
1af9a1
- Resolves: rhbz#1038183 remove BR for ant-nodeps. it's
1af9a1
- no long used.
1af9a1
1af9a1
* Wed Jan 22 2014 David Knox <dknox@redhat.com> - 0:7.0.42-2
1af9a1
- Resolves: rhbz#1056673 Invocation of useradd with shell
1af9a1
- other than sbin nologin
1af9a1
- Resolves: rhbz#1056677 preun systemv scriptlet unconditionally
1af9a1
- stops service
1af9a1
- Resolves: rhbz#1056696 init.d tomcat does not conform to RHEL7
1af9a1
- systemd rules. systemv subpackage is removed.
1af9a1
- Resolves: CVE-2013-4286
1af9a1
- Resolves: CVE-2013-4322
1af9a1
- Resolves: CVE-2014-0050
1af9a1
- Built for rhel-7 RC
1af9a1
1af9a1
* Tue Jan 21 2014 David Knox <dknox@redhat.com> - 0:7.0.42-1
1af9a1
- Resolves: rhbz#1051657 update to 7.0.42. Ant-nodeps is
1af9a1
- deprecated.
1af9a1
1af9a1
* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 07.0.40-3
1af9a1
- Mass rebuild 2013-12-27
1af9a1
262920
* Sat May 11 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.40-1
262920
- Updated to 7.0.40
262920
- Resolves: rhbz 956569 added missing commons-pool link
262920
262920
* Mon Mar  4 2013 Mikolaj Izdebski <mizdebsk@redhat.com> - 0:7.0.37-2
262920
- Add depmaps for org.eclipse.jetty.orbit
262920
- Resolves: rhbz#917626
262920
262920
* Wed Feb 20 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.39-1
262920
- Updated to 7.0.39
262920
262920
* Wed Feb 20 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.37-1
262920
- Updated to 7.0.37
262920
262920
* Mon Feb 4 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.35-1
262920
- Updated to 7.0.35
262920
- systemd SuccessExitStatus=143 for proper stop exit code processing
262920
262920
* Mon Dec 24 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.34-1
262920
- Updated to 7.0.34
262920
- ecj >= 4.2.1 now required
262920
- Resolves: rhbz 889395 concat classpath correctly; chdir to $CATALINA_HOME
262920
262920
* Fri Dec 7 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.33-2
262920
- Resolves: rhbz 883806 refix logdir ownership 
262920
262920
* Sun Dec 2 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.33-1
262920
- Updated to 7.0.33
262920
- Resolves: rhbz 873620 need chkconfig for update-alternatives
262920
262920
* Wed Oct 17 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.32-1
262920
- Updated to 7.0.32
262920
- Resolves: rhbz 842620 symlinks to taglibs
262920
262920
* Fri Aug 24 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.29-1
262920
- Updated to 7.0.29
262920
- Add pidfile as tmpfile
262920
- Use systemd for running as unprivileged user
262920
- Resolves: rhbz 847751 upgrade path was broken
262920
- Resolves: rhbz 850343 use new systemd-rpm macros
262920
262920
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0:7.0.28-2
262920
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
262920
262920
* Mon Jul 2 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.28-1
262920
- Updated to 7.0.28
262920
- Resolves: rhbz 820119 Remove bundled apache-commons-dbcp
262920
- Resolves: rhbz 814900 Added tomcat-coyote POM
262920
- Resolves: rhbz 810775 Remove systemv stuff from %post scriptlet
262920
- Remove redhat-lsb R 
262920
262920
* Mon Apr 9 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.27-2
262920
- Fixed native download hack
262920
262920
* Sat Apr 7 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.27-1
262920
- Updated to 7.0.27
262920
- Fixed jakarta-taglibs-standard BR and R
262920
262920
* Wed Mar 21 2012 Stanislav Ochotnicky <sochotnicky@redhat.com> - 0:7.0.26-2
262920
- Add more depmaps to J2EE apis to help jetty/glassfish updates
262920
262920
* Wed Mar 14 2012 Juan Hernandez <juan.hernandez@redhat.com> 0:7.0.26-2
262920
- Added the POM files for tomcat-api and tomcat-util (#803495)
262920
262920
* Wed Feb 22 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.26-1
262920
- Updated to 7.0.26
262920
- Bug 790334: Change ownership of logdir for logrotate
262920
262920
* Thu Feb 16 2012 Krzysztof Daniel <kdaniel@redhat.com> 0:7.0.25-4
262920
- Bug 790694: Priorities of jsp, servlet and el packages updated.
262920
262920
* Wed Feb 8 2012 Krzysztof Daniel <kdaniel@redhat.com> 0:7.0.25-3
262920
- Dropped indirect dependecy to tomcat 5
262920
262920
* Sun Jan 22 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.25-2
262920
- Added hack for maven depmap of tomcat-juli absolute link [ -f ] pass correctly
262920
262920
* Sat Jan 21 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.25-1
262920
- Updated to 7.0.25
262920
- Removed EntityResolver patch (changes already in upstream sources)
262920
- Place poms and depmaps in the same package as jars
262920
- Added javax.servlet.descriptor to export-package of servlet-api
262920
- Move several chkconfig actions and reqs to systemv subpackage
262920
- New maven depmaps generation method
262920
- Add patch to support java7. (patch sent upstream).
262920
- Require java >= 1:1.6.0
262920
262920
* Fri Jan 13 2012 Krzysztof Daniel <kdaniel@redhat.com> 0:7.0.23-5
262920
- Exported javax.servlet.* packages in version 3.0 as 2.6 to make
262920
  servlet-api compatible with Eclipse.
262920
262920
* Thu Jan 12 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.23-4
262920
- Move jsvc support to subpackage
262920
262920
* Wed Jan 11 2012 Alexander Kurtakov <akurtako@redhat.com> 0:7.0.23-2
262920
- Add EntityResolver setter patch to jasper for jetty's need. (patch sent upstream).
262920
262920
* Mon Dec 12 2011 Joseph D. Wagner <joe@josephdwagner.info> 0:7.0.23-3
262920
- Added support to /usr/sbin/tomcat-sysd and /usr/sbin/tomcat for
262920
  starting tomcat with jsvc, which allows tomcat to perform some
262920
  privileged operations (e.g. bind to a port < 1024) and then switch
262920
  identity to a non-privileged user. Must add USE_JSVC="true" to
262920
  /etc/tomcat/tomcat.conf or /etc/sysconfig/tomcat.
262920
262920
* Mon Nov 28 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.23-1
262920
- Updated to 7.0.23
262920
262920
* Fri Nov 11 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.22-2
262920
- Move tomcat-juli.jar to lib package
262920
- Drop %%update_maven_depmap as in tomcat6
262920
- Provide native systemd unit file ported from tomcat6
262920
262920
* Thu Oct 6 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.22-1
262920
- Updated to 7.0.22
262920
262920
* Mon Oct 03 2011 Rex Dieter <rdieter@fedoraproject.org> - 0:7.0.21-3.1
262920
- rebuild (java), rel-eng#4932
262920
262920
* Mon Sep 26 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.21-3
262920
- Fix basedir mode
262920
262920
* Tue Sep 20 2011 Roland Grunberg <rgrunber@redhat.com> 0:7.0.21-2
262920
- Add manifests for el-api, jasper-el, jasper, tomcat, and tomcat-juli.
262920
262920
* Thu Sep 8 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.21-1
262920
- Updated to 7.0.21
262920
262920
* Mon Aug 15 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.20-3
262920
- Require java = 1:1.6.0
262920
262920
* Mon Aug 15 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.20-2
262920
- Require java < 1.7.0
262920
262920
* Mon Aug 15 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.20-1
262920
- Updated to 7.0.20
262920
262920
* Tue Jul 26 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.19-1
262920
- Updated to 7.0.19
262920
262920
* Tue Jun 21 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.16-1
262920
- Updated to 7.0.16
262920
262920
* Mon Jun 6 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.14-3
262920
- Added initial systemd service
262920
- Fix some paths
262920
262920
* Sat May 21 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.14-2
262920
- Fixed http source link
262920
- Securify some permissions
262920
- Added licenses for el-api and servlet-api
262920
- Added dependency on jpackage-utils for the javadoc subpackage
262920
262920
* Sat May 14 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.14-1
262920
- Updated to 7.0.14
262920
262920
* Thu May 5 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.12-4
262920
- Provided local paths for libs
262920
- Fixed dependencies
262920
- Fixed update temp/work cleanup
262920
262920
* Mon May 2 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.12-3
262920
- Fixed package groups
262920
- Fixed some permissions
262920
- Fixed some links
262920
- Removed old tomcat6 crap
262920
262920
* Thu Apr 28 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.12-2
262920
- Package now named just tomcat instead of tomcat7
262920
- Removed Provides:  %{name}-log4j
262920
- Switched to apache-commons-* names instead of jakarta-commons-* .
262920
- Remove the old changelog
262920
- BR/R java >= 1:1.6.0 , same for java-devel
262920
- Removed old tomcat6 crap
262920
262920
* Wed Apr 27 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.12-1
262920
- Tomcat7