diff options
author | VVD <vvd@unislabs.com> | 2022-04-02 13:42:33 +0000 |
---|---|---|
committer | Mikael Urankar <mikael@FreeBSD.org> | 2022-04-02 14:04:24 +0000 |
commit | aa0e9b08ea569c14dbabe482b675fadfab5f0a52 (patch) | |
tree | 3304ecc057e1723b0307eae57698ba495a78ca13 /www/erlang-cowlib | |
parent | 5567d41c06088cbbaef4bf5f0c3a70b3266acb0f (diff) | |
download | ports-aa0e9b08ea569c14dbabe482b675fadfab5f0a52.tar.gz ports-aa0e9b08ea569c14dbabe482b675fadfab5f0a52.zip |
www/tomcat-devel: Update to 10.1.0-M14
Harden the class loader to provide a mitigation for CVE-2022-22965
a Spring Framework vulnerability: Effectively disable the
WebappClassLoaderBase.getResources() method as it is not used and
if something accidently exposes the class loader this method can be used to gain
access to Tomcat internals.
Changes: https://tomcat.apache.org/tomcat-10.1-doc/changelog.html#Tomcat_10.1.0-M14_(markt)
PR: 262975
(cherry picked from commit 530a0b5108770215b871ffce6096efde37e65a65)
Diffstat (limited to 'www/erlang-cowlib')
0 files changed, 0 insertions, 0 deletions