diff options
author | VVD <vvd@unislabs.com> | 2022-04-01 10:47:10 +0000 |
---|---|---|
committer | Mikael Urankar <mikael@FreeBSD.org> | 2022-04-01 10:57:06 +0000 |
commit | cbc9cfb51de10aa12cc9a2979331c21f2246d9c8 (patch) | |
tree | 02e00f18826ac993e53f97f716801af6ba6792a6 | |
parent | e9395fe9f8bf883705051291aabb7c7603ab41df (diff) | |
download | ports-cbc9cfb51de10aa12cc9a2979331c21f2246d9c8.tar.gz ports-cbc9cfb51de10aa12cc9a2979331c21f2246d9c8.zip |
www/tomcat10: Update to 10.0.20
Harden the class loader to provide a mitigation for CVE-2022-22965
a Spring Framework vulnerability: Effectively disable the
WebappClassLoaderBase.getResources() method as it is not used and
if something accidently exposes the class loader this method can be used to gain
access to Tomcat internals.
Changes: https://tomcat.apache.org/tomcat-10.1-doc/changelog.html#Tomcat_10.1.0-M14_(markt)
PR: 262975
-rw-r--r-- | www/tomcat10/Makefile | 2 | ||||
-rw-r--r-- | www/tomcat10/distinfo | 6 |
2 files changed, 4 insertions, 4 deletions
diff --git a/www/tomcat10/Makefile b/www/tomcat10/Makefile index 1a02af5ad506..baa07b6add08 100644 --- a/www/tomcat10/Makefile +++ b/www/tomcat10/Makefile @@ -1,7 +1,7 @@ # Created by: Alex Dupre <ale@FreeBSD.org> PORTNAME= tomcat -PORTVERSION= 10.0.18 +PORTVERSION= 10.0.20 CATEGORIES= www java MASTER_SITES= APACHE/${PORTNAME}/${PORTNAME}-${PORTVERSION:C/([0-9]+)(.*)/\1/}/v${PORTVERSION}/bin PKGNAMESUFFIX= 10 diff --git a/www/tomcat10/distinfo b/www/tomcat10/distinfo index 24b82a498d1a..69d28471b75a 100644 --- a/www/tomcat10/distinfo +++ b/www/tomcat10/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1647714738 -SHA256 (apache-tomcat-10.0.18.tar.gz) = 959f76452111bf415249f1fecbbe18515eb2edeb8f458c62407aad04e36f4f8e -SIZE (apache-tomcat-10.0.18.tar.gz) = 11898821 +TIMESTAMP = 1648808263 +SHA256 (apache-tomcat-10.0.20.tar.gz) = 93b16650513ec9cb1ca4db1c6d76f080003f8a33d0699f424d7c3bba10f148b9 +SIZE (apache-tomcat-10.0.20.tar.gz) = 11915655 |