tomcat-docs-webapp-9.0.82-150200.46.1<>,de,9p9|mu-:~ʐ^,I!Qt$GW:3PmTz%TbZ62s4Q2ER7M],jٕwzLjiTـ:dU"H N`V] =˜UdRDҜ,5>tmjMXSMElPγ}u1E̋ai,nYuIC7۫z<5(ЇaLGW*xT +рZ?,?d ( U #=CJT D   4 .\ /14848X:; ;,;(;8<e9=e:De>0@8F@GTHIÔX<Y@\T]^Аbc֪d+e0f3l5uHvzݼCtomcat-docs-webapp9.0.82150200.46.1The "docs" web application for Apache TomcatThe documentation of web application for Apache Tomcat.e,9h04-ch1b49SUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Productivity/Networking/Web/Servershttps://tomcat.apache.orglinuxnoarch/usr/lib/tomcat/serverxml-tool.sh add-context.xslt docBase=/usr/share/tomcat/tomcat-webapps/docs path=/docsif [ $1 -eq 0 ]; then # uninstall only /usr/lib/tomcat/serverxml-tool.sh remove-context.xslt docBase=/usr/share/tomcat/tomcat-webapps/docs path=/docs fiN@yAZ@l5/o 7@lH L=i) 8  _!T2*- 0HY QF$Z9TM0#4118)!.;-7&_:'էJ(!a-0q%Mt"_E$FPWy2-7/mk PR`YURdXLSXRs+:[=9[}{]z\"O+{*Q:)_o~1JF<A'U1QcA큤A큤AA큤A큤A큤A큤A큤A큤AA큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤e,)e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e,)e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e,)e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, e, ba103f1cadacc0b3a4e0aad7f4677e4f620dcbf86e9e2d9768b54e41c43dbaf7539ad0b2450e83e306f9e54b4a40c00aee470cbda377451026345655e1a1033efed216006d7017ab719f68e5462abec001994b5a2860a4665c5b3b81c11085af4da999e0db4e50e944915188b1ed4bbd4b3f843768bb27340ea28e80b9db8f4418ae0f6852f87a9f6a9720b19ed633a67d38caf7dfaea2fcd0ff2f1c7efc75763fdc9027fcf3d363d3e563da8a3dc0d514a957021cf72f389040a97ffc5dad04b1d1b0794550a329cc9df8ae51cd0dc6064ec7048ed203b8b07607b823154ffbf40071254ce811e75e90b4416c834d0b6da2f7e6d9804322a9f55c1660563a0ab191581414009ac8efb486df8aed81ab9828ef4eaab4e826c49230241f73889bff7fdb1c70875875216ee3a18630a52140eab628d9cce7bcd7f69f56b5e4d0944d4412f6a56110b08036389285025ec39860e7ace8cc19369f87995cb9340ba490753aa83de1b8ec19da69cbccf16be070e0b28397d18dcc0c1f3a88ebb8f0b33b9b6c2eee71c01077b1bcc82bbefce4c51c24ca81e3583ef0ebac28da888fe37635ca9d36303c87b17c529f264ab93f01bdd30be425029529345478fe1bc4766168504b8edc5008a173c75dd889eb6759de143f4d10e182c40007ee0af5901aff7fdb1c70875875216ee3a18630a52140eab628d9cce7bcd7f69f56b5e4d09477f84b68ac01984d8566203b324eae905f1883f5dcffd6d8c7a6342a76547458d4825ba7885174a0632cf2a30c124a3900cea0f044a3e1b42550658cefee7ce491c5d006427e6b15a0abb444afd59c50e4a943b0422b01a566c636b62fc20067db1562deabb7b81f1f0f52882bbeaf1332f7c20bca3f771233cbf9db4226d9a57b8134b028f5b8c206e18075b05790d27cc29c431bb9575033b37319751036f8dc5d18af5aebf5ad183db10b5d17d0caabb65a1b5371af6d4c2e1160c16649d6d9fdacbd36cf39f746e789faee0d09e629b6051395bae804fc88d309fdc8d50d7143852a5b3a127b04ef228cc82838aca5f568c40a659dd770303269ec2fe3c964924c65f06bbed78297991638d5c7e20274427a75727623bfb2516cf0028bb60058ab4345d4761811303ce7bdd9b5b041037b8c2c300a714dd1ef2856c67978f0e932cbc9e86bc1466526a3d24bbfd9ef97c5a945033f251986877a4cb0b3c8722f45cb247955f2cf792c3ec686a4dcda65541773e6b23e6c5d6d464196b17e34fad956829b2c3cc94c8d99a359d2f2fcc7f7c77ac6ac402fbf3272201813acdb692e24785f79099a558d554c83ca452afbf731dbe3f1d8d8e3d9a6136cf571a1f77a86b92cc872ba86a4ac538720debe5a075f56cf6ede6a52c1b1ec91b7418db6a1f49c28ba39eb34682c6a664a3819eb7e17c8378f1702b3b82f97d8437bba2f4c6806ed4a3e2ca487b25b66d6cdb3f7869a9c724950c2c8a8b9ed1e2b03558e9400ae513fce8ea9ec4afaec9ead16c9ae918b5c8e8b5d4ead351f7c5fae38fc18c21076d3dbe96090453ec8eae4e407eea00877b01e450f8ce1413047b9fb4f506ed75fe277467b4cb068abfb5bf4f50b75f8059f7690aa5f907beaa81be311d85939afb6fbca2f9da376ac575ee220a0b25d4a3372723ee59b4c92f759d2158fbde21526fb93242aed129a9bb48173a22896923df94a5851a297692ed3ce7e7527be286006615675bbf18e0bac180594cc2a12082c2a75cbf9f4948819e492379a6b987ffb7894a66c717652a7655409d18e3def2c98d788da9fca4b35a20c79013d631b0b1817bf72693281f8c0c99804e5bfd594363d3de637c4e11d766b871f0032dc74c0fb6ac739f9f7d35200dd59ce58c17b5e2a0bb57468798b4c973b219e5e909e89eb3bceae785b149773b1ec4e4d4494a4c113bc042c6560e729c331c40805774a5d11ff1ba06ed628f3e2aaff81842df8febf0e316d5700f260d4c30bd1433f10003f6644340d2a32a4cf059753fc81411542ad805b79d7355f70d04c45db66334a88fd2d6368894ef3fa3b358cc26010ec2139cbb4ae0c7bd18a562d8cb25679def4b624caae382d7e8f32431f85db6cf4e8e507690d77309fc86860404af4b6eb3d0c727ca300c1e80e0d4a8a595e7acdc514aea04e43b38ea8619d171ca42c12cb4077f82748ab7471ff90a6671927bd79a75fa4e46e938246d98466dd0140a058f9e5b2df4d870c867f74ecca2604f11901904135e594203180c16268db93c1418d115ab40e34098c7072c0d550073c2037b44e92a65c44b165e3397e3d9f028ec259c19386a143f8acdbda78abd631f4233abe64602ce10f8be1cb9036b7227a075387d267a1cb05591ed5bf0f0828d572675ef5bba457da07fe85e4c65d773e8b215ac1ed9a35a5c074e1f27f5a3c4aa030ae517253c41242d920b0d28d0cf4bccc358e619b40617cade3733656a5825063fcb4273eed063d3178255a1bd82c882f31681a11709ba4a33475dba29ea13bf2c4b646de9a5348b805bc940334291276d2fe24064d266b158b2ebcabb240869092bcf451486e4653959ab18a25125de3f9fff7165d2266e284846e581d3a94d4ed25493ca39a6ae8af8273885937336e8e4e347aac1f3f28d960a37b10f4e193e384243a6a3d2ef6ca47c83fbbc1c947e4e9a3a625c68642c9e6f68b427699ac691dd3961e191eb879e7092494b254c6d1e2079ea93c9999d3889ea67f68043cdea08b5978ed2e0a90777335692c9966a508b20257e967806d71a44818caf470b8eeb1da582985687e0b97c67ce7a587ef5474feda965bc1bf3234c6dcda41b8c738cc2a3c160194bfc77d3ea81e3deb15945fb9050014b87b4c33de1ab0bb55d2b41b11611551799211b77f789235078e74ef23db78911b2ce4e1bb4ad4d1bfd20b4cd77ae029f48962aee2cf80e4681f10213e52cf6a868125f28d13385f5411f4159650b19dbb65b1d47d513c4df90dbc9e5f51f3a3b4d7ae2f3c54961987485e36d039dace584466e8f672eff6b9c2e7bfaf0d8950df59a163f4e90dc0951edee1b00ec38868a0d2632267818cce39720358aa61db488c1660059e543e2aa8e593dc9b34a2383a4351dbce0986b4c25a4d3912ba24a2afb9a67ff8c48ea1240be52c2c56543c6b50e283deab072334fb8b6b4fdeb7c5f1570065a919290adbfe2494e14bc05bda92f23fcd03a7a1e63fb8562f84dcc5bad4364d9e4b62a1ff6cbf0a2a3b3cfcfd66ee06ec77850db50e7a26c3d26818d5cf349aa071a6aafa71e05bb60413cb9cc8a02ab62456e1c52196432970f239697972321f100a3e6d38be4f5b9f0f2021f07dad92b061fda29a9c7917a60f71480cf2cf35926b8deac8a4aaabb4f9057e706b962a3ebc4facda0312a1c10cf62fa6701f1998c527f6415c6ca87ddddf90f9e9f19b115197ba79fe8b1c98c742dbcaba108ed620efc6df3f445227a33492d57bf581c4457e10a201880deb0b5171b4447e26332b3a415eead37b92d063dffcac4549257dfb0a6304c5d95ceb46f8d81bf366a3e83ef3e3565bc713aecbace833482fcdee08083a019c95d54c15dbec87308e1c6047a5ad04d416e6fa65f84a15278a9bfddd18d724c0c730c1f856f3485c36d221cffcdc27131c7c774a24a1a0545c2797cc11ef2df6a5603b3583795b4f98d95d4cd978c98b0cd100a3b6079a735cfa125beabac45635f96f9c5426a6b6f11be03d9aa3bc187cfedcf67de6e3cceb908d222fe5a81f4b4ea82f6854907ef79fa5a6fdc5fd0c11f9d0d223966cad356151c688e2b756ae6fa8d1e07e64782017be6f5fe1b684800fdd2913e0aebe186d6e80a8a6abc04f519558db5cab0614c4d1ca8e303349e2ff43749757e4bbb3eef1d207cf03fb7876384fcfed5f44628c383b085ab2d52112c36fa422d381aec5ffb57c31912b60ca0e47b56634beaae1a4eb8c826f1329a1d49820814f018ba95a5b2ae5c8e349d57c6663aa87559d4b6c86b1b6a0cac0dba2ac0d6abdb2d037f07499a84df7f9a949e5e76a4d89dd3913b96e3ec691568f1581537f57b4e62863524bd1511017e7f252f23ac6c125160c39b14a2a0410d16b47d3901eee99d0090e19fdb28ab78e3fff49f571c5ece6cca5eaa4ca9bff421ce09b2021f4e4bc64a8264732de30b162cb05943d9b2e92bf27138de083e056ba73609403a3ef0ac82395a4fccae251ecef1878c569a3a5ee2f4e94f2b56e19054224482be0aa7b444ab8324ed0b0c25e3abacbd87be29732356c9bb890556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3ba392abf7aa1d006749331fa8e97ac2202596a819dd382b46d051a28dca74875a851d97fcc71c78ca279754fabc2289a600aabecec4d9e4387cab9c7400aa2d0868a21c493df0e5da1622b319e915303b1aa2b72f3cb836057eed5699f522693cd0e6f9fbe497b6a0346fde3934cbcbd7c557a334c27bb34e69c7ed430ed4a4588c27f2a933b428f5a13403157e395a9d869d176c8dd256a5f28a042e4f863b42117f27a13e776a0e6ee6d54739b08b35741f43f5776bf51a193810b51d60285dc5d18af5aebf5ad183db10b5d17d0caabb65a1b5371af6d4c2e1160c16649d65d4dbfc82ee715a653291fb987dd565b6fc567ffee828d9e4c5f181c75eca0be63b93e248018e9520b508c50c9f61fb190bb7ed7c057598111baf79d07c3ad14afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277393bfa48e4572524b7fff363f475fe458c28b23bcddefbeb1182543c7112f32eb3ac09b32fd8bdebfef88ced8b8b81b22cd6b03bbf639a0dce5bccc1744f00de9d719b1a61d6540098b17627d350ad9f05e401d45631ea97d6ddc4a5fde9e956946c15c016ada6c6a3a5f766a91bf8a27f7aedf01b70070dd8da60b53ae4fba4b5b9d128710aa6a50631114a42466452b1f89d1f6eba928e4f552ddd0b8ca5d4851b4da44ddacdbeb778d8036532a53c89f40edc44d7bf36d8032ca21fe3ae4f23c6fa2ffc3a127fb2c97e3703c2dc7352e00fa6228470e4553511e944eb0fc476950a94d43ffee2e85c43dc121d152f50b39156c12aae4feaa9211e29f0756911ae54ddda8d6e2cf90b2b950f0d28d28d5df00316685777724c15b7305da715327e67e1907d589cb9f9ffd91c0afd5a97fef04a76e3b67b547de3ff161e6264a53fb325d93c9f4e72507b99feb7ff52489c4ecf238435556cd9431a0b5544196a26f6965c88bcbca0b59fd337eda34a45b3f215fb96e21d64a62c472d69772d5ddbd3c1ac87bcf2df87bc93c0dd903a2467ced795dcd5c0d746f5c133a8123e91a2345e15a988370ea530b04f95b66a3668ab18363db1cf2532b2b96266ea3ba309bda07e20e7b0df3b9446ea033c1391f5ea83884c37832378bc10c6ff8547290d0d1e892314bd12adc372c5d65f8c0ca655ae1a67a0c83d3c1ede2a7f9358ad8fd8e2fb605bb317d2cd105b547fc7d85516ad7b5a0b707fff78f2d39605255a92861cebe27f668d322d6f58de4ea4d6a787a66a28bd59d496d8d0539f62920c54f094a7720d3e4f97f56faddd5e636501df5011dd3bba68742664130ad2556458316305365d75524ee414588f9bd52eedc4895db85dd87a80335712e3b3f12405b1feba4ed6001b8c5eee94f6f8c25ea66a9d7fd01fc4988dc3e02be00d9b7b085e1fd9d8865b2e194b66ccb7723b2dc1a2e9830e63607c562fb4318001bab3218e4ed96edf932b7d6fea495bebda075f199885fd8c9800bcded5711c26b64917d91cbead5a915e50b38a115d5d418e42dd48a57af40449e5cd263b1a4cd286c24e4c89dd47b19278ec4b9d9abc70961714cc1cc203d0fe342a1bfca731f09391384cf29db5ff13fc3ee863a5c57a5aad7786b8017e87eebce576838951df2d815397ca917df6ddeb36ad2d3660efe75ee00e96b45171320e4a768db650f716d36731a3d28577edc872aa2205220381ecb357d0fc5fe018c3f4205c50dff477d54ff6e76684a6324db2f579408792f15808d67f78f852590d08b07e1129bd35154982a2f5a7e0b49a00c537ca486b03282b195e960d62bbce41722df5080208c67c7cffc6a4270197f43f152c0a479c45477da0b8be31dd92fcd8d0532d57e73a0d6b02f242eeab5852b8f38502c50d6fdd579ae3a782950954ceb480ee93b5403d126934a073b83a94ef67f8203281861f97f99c623f8c9c64b6ef0ea2007404ffc3dea4290fe66178e407fe8176a045aca8e5b666a8c42b66f5e61fd0fdfcb2b86fe5e1d661a1787f6511d8f9816bfddbe00bd36bbbcb823fd61c0fb08ae3ff7d78d7bcd65623ee26f7271d0f2e6b611ace165b266113ee9a91cd209679rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroottomcat-9.0.82-150200.46.1.src.rpmtomcat-docs-webapp     /bin/sh/bin/shrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)tomcat3.0.4-14.6.0-14.0.4-14.0-15.2-19.0.82-150200.46.14.14.1e)1@e 0@e 0@e;eRdld0d?@cc@c@c{h@cQ8@bγbbN@b!b@aaaA@a@a{@azamaamaama`X`Q@`OL@`OL@`3__F@_@___FN_!d^@^^_^@^Y^U @^1s^%@^!^@]҇]Γ@]4@]?]V]@\\\r@\k\j@\Yz\X)@\LK\?\8@\'a\[v[u[@[@[ug@ZZ_:Z!D@Z@YYYY:Y@Y@XZnW@WiW|W'A@WWKV@V2V`VA@UlI@UlI@UlI@UQU hU hTTи@fstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comolaf@aepfle.demichele.bussolotto@suse.comfstrba@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.comwittemar@googlemail.comwittemar@googlemail.comwittemar@googlemail.comamehmood@suse.comamehmood@suse.comwittemar@googlemail.comwittemar@googlemail.comwittemar@googlemail.comamehmood@suse.commalbu@suse.commalbu@suse.commalbu@suse.comjengelh@inai.defstrba@suse.commalbu@suse.comfstrba@suse.commalbu@suse.comjavier@opensuse.orgmalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comdimstar@opensuse.orgmalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.commalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.comecsos@opensuse.orgfstrba@suse.comsean@suspend.netmalbu@suse.comecsos@opensuse.orgmalbu@suse.commalbu@suse.commalbu@suse.defstrba@suse.commalbu@suse.comrbrown@suse.commalbu@suse.comecsos@opensuse.orgfstrba@suse.comecsos@opensuse.orgdziolkowski@suse.commalbu@suse.comastieger@suse.comtchvatal@suse.commalbu@suse.commalbu@suse.comdmacvicar@suse.dejcnengel@gmail.comtchvatal@suse.comdmacvicar@suse.dedmacvicar@suse.detchvatal@suse.comdmacvicar@suse.detchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comwittemar@googlemail.combmaryniuk@suse.com- Update to Tomcat 9.0.82 * Catalina + Add: 65770: Provide a lifecycle listener that will automatically reload TLS configurations a set time before the certificate is due to expire. This is intended to be used with third-party tools that regularly renew TLS certificates. + Fix: Fix handling of an error reading a context descriptor on deployment. + Fix: Fix rewrite rule qsd (query string discard) being ignored if qsa was also use, while it should instead take precedence. + Fix: 67472: Send fewer CORS-related headers when CORS is not actually being engaged. + Add: Improve handling of failures within recycle() methods. * Coyote + Fix: 67670: Fix regression with HTTP compression after code refactoring. + Fix: 67198: Ensure that the AJP connector attribute tomcatAuthorization takes precedence over the tomcatAuthentication attribute when processing an auth_type attribute received from a proxy server. + Fix: 67235: Fix a NullPointerException when an AsyncListener handles an error with a dispatch rather than a complete. + Fix: When an error occurs during asynchronous processing, ensure that the error handling process is only triggered once per asynchronous cycle. + Fix: Fix logic issue trying to match no argument method in IntropectionUtil. + Fix: Improve thread safety around readNotify and writeNotify in the NIO2 endpoint. + Fix: Avoid rare thread safety issue accessing message digest map. + Fix: Improve statistics collection for upgraded connections under load. + Fix: Align validation of HTTP trailer fields with standard fields. + Fix: Improvements to HTTP/2 overhead protection (bsc#1216182, CVE-2023-44487) * jdbc-pool + Fix: 67664: Correct a regression in the clean-up of unnecessary use of fully qualified class names in 9.0.81 that broke the jdbc-pool. * Jasper + Fix: 67080: Improve performance of EL expressions in JSPs that use implicit objects- Update to Tomcat 9.0.80 * Catalina + Add RateLimitFilter which can be used to mitigate DoS and Brute Force attacks + Move the management of the utility executor from the init()/destroy() methods of components to the start()/stop() methods. + Add org.apache.catalina.core.StandardVirtualThreadExecutor, a virtual thread based executor that may be used with one or more Connectors to process requests received by those Connectors using virtual threads. This Executor requires a minimum Java version of Java 21. + 66513: Add a per session Semaphore to the PersistentValve that ensures that, within a single Tomcat instance, there is no more than one concurrent request per session. Also expand the debug logging to include whether a request bypasses the Valve and the reason if a request fails to obtain the per session Semaphore. + 66609: Ensure that the default servlet correctly escapes file names in directory listings when using XML output. + 66618: Add a numeric last modified field to the XML directory listings produced by the default servlet to enable sorting in the XSLT. + 66621: Attempts to lock a collection with WebDAV may incorrectly fail if a child collection has an expired lock. + 66622: Deprecate the xssProtectionEnabled setting from the HttpHeaderSecurityFilter and change the default value to false as support for the associated HTTP header has been removed from all major browsers. + 59232: Add org.apache.catalina.core.ContextNamingInfoListener, a listener which creates context naming information environment entries. + 66665: Add org.apache.catalina.core.PropertiesRoleMappingListener, a listener which populates the context's role mapping from a properties file. + Fix an edge case where intra-web application symlinks would be followed if the web applications were deliberately crafted to allow it even when allowLinking was set to false. + Add utility config file resource lookup on Context to allow looking up resources from the webapp (prefixed with webapp:) and make the resource lookup API more visible. + Fix potential database connection leaks in DataSourceUserDatabase identified by Coverity Scan. + Make parsing of ExtendedAccessLogValve patterns more robust. + Fix failure trying to persist configuration for an internal credential handler. + 66680: When serializing a session during the session presistence process, do not log a warning that null Principals are not serializable. + Catch NamingException in JNDIRealm#getPrincipal. It is used in Java up to 17 to signal closed connections. + 66822: Use the same naming format in log messages for Connector instances as the associated ProtocolHandler instance. + The parts count should also lower the actual maxParameterCount used for parsing parameters if parts are parsed first. + If an application or library sets both a non-500 error code and the javax.servlet.error.exception request attribute, use the provided error code during error page processing rather than assuming an error code of 500. + Update code comments and Tomcat output to use MiB for 1024 * 1024 bytes and KiB for 1024 bytes rather than MB and kB. + Avoid protocol relative redirects in FORM authentication (CVE-2023-41080, bsc#1214666). * Coyote + Update the HTTP/2 implementation to use the prioritization scheme defined in RFC 9218 rather than the one defined in RFC 7540. + 66602: not sending WINDOW_UPDATE when dataLength is ZERO on call SwallowedDataFramePayload. + 66627: Restore the documented behaviour of MessageBytes.getType() that it returns the type of the original content rather than reflecting the most recent conversion. + 66635: Correct certificate logging on start-up so it differentiates between keystore based keys/certificates and PEM file based keys/certificates and logs the relevant information for each. + Refactor blocking reads and writes for the NIO connector to remove code paths that could allow a notification from the Poller to be missed resuting in a timeout rather than the expected read or write. + Refactor waiting for an HTTP/2 stream or connection window update to handle spurious wake-ups during the wait. + Correct a regression introduced in 9.0.78 and use the correct constant when constructing the default value for the certificateKeystoreFile attribute of an SSLHostConfigCertificate instance. + Refactor HTTP/2 implementation to reduce pinning when using virtual threads. + Pass through ciphers referring to an OpenSSL profile, such as PROFILE=SYSTEM instead of producing an error trying to parse it. + 66841: Ensure that AsyncListener.onError() is called after an error during asynchronous processing with HTTP/2. + 66842: When using asynchronous I/O (the default for NIO and NIO2), include DATA frames when calculating the HTTP/2 overhead count to ensure that connections are not prematurely terminated. + Correct a race condition that could cause spurious RST messages to be sent after the response had been written to an HTTP/2 stream. * WebSocket + 66548: Expand the validation of the value of the Sec-Websocket-Key header in the HTTP upgrade request that initiates a WebSocket connection. The value is not decoded but it is checked for the correct length and that only valid characters from the base64 alphabet are used. + Improve handling of error conditions for the WebSocket server, particularly during Tomcat shutdown. + Correct a regression in the fix for 66574 that meant the WebSocket session could return false for onOpen() before the onClose() event had been completed. + 66681: Fix a NullPointerException when flushing batched messages with compression enabled using permessage-deflate. * Web applications + Documentation. Expand the security guidance to cover the embedded use case and add notes on the uses made of the java.io.tmpdir system property. + 66662: Documentation. Fix a typo in the name of the algorithms attribute in the configuration section for the Digest authentication value. + Documentation. Update documentation to use MiB for 1024 * 1024 bytes and KiB for 1024 bytes rather than MB and kB. * jdbc-pool + Fix the releaseIdleCounter does not increment when testAllIdle releases them. + Fix the ConnectionState state will be inconsistent with actual state on the connection when an exception occurs while writing. * Other + Update to Commons Daemon 1.3.4. + Improvements to French translations. + Update Checkstyle to 10.12.0. + Update the packaged version of the Apache Tomcat Native Library to 1.2.37 to pick up the Windows binaries built with with OpenSSL 1.1.1u. + Include the Windows specific binary distributions in the files uploaded to Maven Central. + Improvements to French translations. + Improvements to Japanese translations. + Update UnboundID to 6.0.9. + Update Checkstyle to 10.12.1. + Update BND to 6.4.1. + Update JSign to 5.0. + Correct properties for JSign dependency. + Align documentation for maxParameterCount to match hard-coded defaults. + Update NSIS to 3.0.9. + Update Checkstyle to 10.12.2. + Improvements to French translations. + Improvements to Japanese translations. + 66829: Fix quoting so users can use the _RUNJAVA environment variable as intended on Windows when the path to the Java executable contains spaces. + Update Tomcat Native to 1.2.38 to pick up Windows binaries built with OpenSSL 1.1.1v. + Improvements to Chinese translations. + Improvements to French translations. + Improvements to Japanese translations - Removed patch: * tomcat-9.0.75-CVE-2023-41080.patch + integrated in this version- Fixed CVEs: * CVE-2023-41080: Avoid protocol relative redirects in FORM authentication. (bsc#1214666) - Added patches: * tomcat-9.0.75-CVE-2023-41080.patch- Modified patch: * tomcat-9.0-osgi-build.patch + make it more robust to change in number of artifacts in bnd + do not enumerate jars, just take all jars from the aqute-bnd directory into the classpath- Require(pre) shadow because groupadd is needed early- Update to Tomcat 9.0.75. * See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.75_(markt) * Fixes: + bsc#1211608, CVE-2023-28709 + bsc#1208513, CVE-2023-24998 (previous incomplete fix) - Remove patches: * tomcat-9.0-CVE-2021-30640.patch * tomcat-9.0-CVE-2021-33037.patch * tomcat-9.0-CVE-2021-41079.patch * tomcat-9.0-CVE-2022-23181.patch * tomcat-9.0-NPE-JNDIRealm.patch * tomcat-9.0-hardening_getResources.patch * tomcat-9.0.43-CVE-2021-43980.patch * tomcat-9.0.43-CVE-2022-42252.patch * tomcat-9.0.43-CVE-2022-45143.patch * tomcat-9.0.43-CVE-2023-24998.patch * tomcat-9.0.43-CVE-2023-28708.patch + integrated in this version * tomcat-9.0.43-java8compat.patch + problem with Java 8 compatibility solved in this version - Modified patch: * tomcat-9.0.31-secretRequired-default.patch - > tomcat-9.0.75-secretRequired-default.patch + rediffed to changed context * tomcat-9.0-javadoc.patch + drop integrated hunks * tomcat-9.0-osgi-build.patch + fix to work with current version - Added patch: * tomcat-9.0-jdt.patch + fix build against our ecj- Fixed CVEs: * CVE-2022-45143: JsonErrorReportValve: add escape for type, message or description (bsc#1206840) - Added patches: * tomcat-9.0.43-CVE-2022-45143.patch- Fixed CVEs: * CVE-2023-28708: tomcat: not including the secure attribute causes information disclosure (bsc#1209622) - Added patches: * tomcat-9.0.43-CVE-2023-28708.patch- Fixed CVEs: * CVE-2023-24998: tomcat,tomcat6: FileUpload DoS with excessive parts (bsc#1208513) - Added patches: * tomcat-9.0.43-CVE-2023-24998.patch- set logrotate for localhost.log, manager.log, host-manager.log and localhost_access_log.txt - use logrotate for catalina.out * update tomcat-serverxml-tool and spec to configure server.xml - Added patch: * tomcat-9.0-logrotate_everything.patch * tomcat-serverxml-tool.tar.gz - Removed: * tomcat-serverxml-tool-1.0.tar.gz- Use catalina.out for logging (bsc#1205647) - Added patches: * tomcat-9.0-fix_catalina.patch- Fixed CVEs: * CVE-2022-42252: reject invalid content-length requests. (bsc#1204918) - Added patches: * tomcat-9.0.43-CVE-2022-42252.patch- Fixed CVEs: * CVE-2021-43980: Improve the recycling of Processor objects to make it more robust. (bsc#1203868) - Added patches: * tomcat-9.0.43-CVE-2021-43980.patch- Do not hardcode /usr/libexec but use %%_libexecdir during the build * Fixes for platforms, where /usr/libexec and %%_libexecdir are different- Fix bsc#1201081 by building with release=8 all files that can be built this way. The one file remaining, build it with source=8 and target=8 - Modified patch: * tomcat-9.0.43-java8compat.patch + Do not cast ByteBuffer to Buffer to call the Java 8 compatible methods. Build with release=8 instead- Security hardening. Deprecate getResources() and always return null. (bsc#1198136) - Added patch: tomcat-9.0-hardening_getResources.patch- Remove dependency on log4j/reload4j completely (bsc#1196137)- Do not build against the log4j12 packages, use the new reload4j- Fixed CVEs: * CVE-2022-23181: Make calculation of session storage location more robust (bsc#1195255) - Added patches: * tomcat-9.0-CVE-2022-23181.patch- remove instance units from post scripts, they can not be reloaded- Fix NPE in JNDIRealm, when userRoleAttribute is not set (bsc#1193569) - Added patch: * tomcat-9.0-NPE-JNDIRealm.patch- Modified patch: * tomcat-9.0-osgi-build.patch + account for biz.aQute.bnd.ant artifact in aqute-bnd >= 5.2.0- Fixed CVEs: * CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279) * CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278) - Added patches: * tomcat-9.0-CVE-2021-30640.patch * tomcat-9.0-CVE-2021-33037.patch- Fixed CVEs: * CVE-2021-41079: Validate incoming TLS packet (bsc#1190558) - Added patches: * tomcat-9.0-CVE-2021-41079.patch- Update to Tomcat 9.0.43. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.43_(markt) - Removed Patches because fixed upstream now: * tomcat-9.0-CVE-2021-25122.patch * tomcat-9.0-CVE-2021-25329.patch - Rebased patch: tomcat-9.0.39-java8compat.patch -> tomcat-9.0.43-java8compat.patch- Update to Tomcat 9.0.41. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.41_(markt)- Update to Tomcat 9.0.40. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.40_(markt) - Removed Patches because fixed upstream now: * tomcat-9.0-CVE-2020-17527.patch * tomcat-9.0-CVE-2021-24122.patch- Fixed CVEs: * CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912) * CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909) - Added patches: * tomcat-9.0-CVE-2021-25122.patch * tomcat-9.0-CVE-2021-25329.patch- Log if file access is blocked due to symlinks: CVE-2021-24122 (bsc#1180947) - Added patch: * tomcat-9.0-CVE-2021-24122.patch- Update to Tomcat 9.0.39. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.39_(markt) - Rebased patches: * tomcat-9.0.38-java8compat.patch -> tomcat-9.0.39-java8compat.patch- Update to Tomcat 9.0.38. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.38_(markt) - Rebased patches: * tomcat-9.0.37-java8compat.patch -> tomcat-9.0.38-java8compat.patch - Removed tomcat-9.0-CVE-2020-13943.patch because that fix is upstream now- Update to Tomcat 9.0.37. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.37_(markt) - Fixed CVEs: * CVE-2020-13934 (bsc#1174121) * CVE-2020-13935 (bsc#1174117) - Rebased patches: * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch -> tomcat-9.0.37-java8compat.patch- Fix HTTP/2 request header mix-up: CVE-2020-17527 (bsc#1179602) - Added patch: * tomcat-9.0-CVE-2020-17527.patch- Add source url for tomcat-serverxml-tool - Fix typo in tomcat-webapps %postun that caused /examples context to remain in server.xml when package was removed - Remove tomcat-9.0.init and /usr/lib/tmpfiles.d/tomcat.conf from package. They're not used anymore becuse of systemd (bsc#1178396)- Fix tomcat-servlet-4_0-api package alternatives to use /usr/share/java/servlet.jar instead of /usr/share/java/tomcat-servlet.jar. Keep /usr/share/java/tomcat-servlet.jar symlink for compatibility. (bsc#1092163) - Change default file ownership in tomcat-webapps from tomcat:tomcat to root:tomcat- Fix CVE-2020-13943 (bsc#1177582) - Added patch: * tomcat-9.0-CVE-2020-13943.patch - Change /usr/lib/tomcat to /usr/libexec/tomcat in startup scripts (bsc#1177601)- Replace old specfile constructs. Remove support for SUSE 11.x. - Drop %systemd_requires, which is considered a no-op. - Trim redundant license mention from description. - Make documentation noarch. - Do not suppress errors from useradd.- Avoid hardcoding /usr/lib as libexecdir- Don't give write permissions for the tomcat group on files and directories where it's not needed (bsc#1172562) - Change tomcat.pid location from /var/run to /run (bsc#1173103) - Use the /sbin/nologin shell when creating the tomcat user - Use %tmpfiles_create macro in %post instead of calling systemd-tmpfiles directly- Update to Tomcat 9.0.36. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.36_(markt) - Fixed CVEs: CVE-2020-11996 (bsc#1173389)- Update to Tomcat 9.0.35. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.35_(markt) - Fixed CVEs: - CVE-2020-9484 (bsc#1171928) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch- Update to Tomcat 9.0.34. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.34_(markt) - Notable changes: * Add support for default values when using ${...} property replacement in configuration files. Based on a pull request provided by Bernd Bohmann. * When configuring an HTTP Connector, warn if the encoding specified for URIEncoding is not a superset of US-ASCII as required by RFC 7230. * Replace the system property org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH with the Connector attribute encodedSolidusHandling that adds an additional option to pass the %2f sequence through to the application without decoding it in addition to rejecting such sequences and decoding such sequences.- Update to Tomcat 9.0.33. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.33_(markt) - Notable fix: corrected a regression in the improvements to HTTP header parsing (bsc#1167438) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch- Change default value of AJP connector secretRequired to false - Added patch: * tomcat-9.0.31-secretRequired-default.patch- Update to Tomcat 9.0.31. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs: * CVE-2019-17569 (bsc#1164825) * CVE-2020-1935 (bsc#1164860) * CVE-2020-1938 (bsc#1164692) - Modified patch * tomcat-9.0.30-java8compat.patch - > tomcat-9.0.31-java8compat.patch + Adapt to changed context- Modified patch: * tomcat-9.0.30-java8compat.patch + add missing casts (bsc#1162081)- Change back the build to build with any Java >= 1.8 - Added patch: * tomcat-9.0.30-java8compat.patch + Cast java.nio.ByteBuffer and java.nio.CharBuffer to java.nio.Buffer in order to avoid calling Java 9+ APIs (functions with co-variant return types) - Renamed patch: * tomcat-9.0-disable-osgi-build.patch - > tomcat-9.0-osgi-build.patch + Do not disable, but fix OSGi build since we have now aqute-bnd- Change build to always use Java 1.8 (bsc#1161025).- Update to Tomcat 9.0.30. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs: - CVE-2019-0221 (bsc#1136085) - CVE-2019-10072 (bsc#1139924) - CVE-2019-12418 (bsc#1159723) - CVE-2019-17563 (bsc#1159729) - Removed patch: * tomcat-9.0-JDTCompiler-java.patch + It was not applied- Update to Tomcat 9.0.27. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.27_(markt) - Uset aqute-bnd to generate OSGi manifest, since we have that package now in openSUSE:Factory - Removed patch: * tomcat-9.0-disable-osgi-build.patch + not needed- Add maven pom files for tomcat-jni and tomcat-jaspic-api- Distribute the pom file also for tomcat-util-scan artifact- Build against compatibility log4j12 package- Adapt to the new ecj directory layout- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini- Update to Tomcat 9.0.20. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.20_(markt) - increase maximum number of threads and open files for tomcat (bsc#1111966)- Update to Tomcat 9.0.19. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.19_(markt) Notable packaging changes: - File /usr/share/java/tomcat/catalina-jmx-remote.jar was removed. The classes contained in this jar were merged into /usr/share/java/tomcat/catalina.jar. - Fixed CVEs: - CVE-2019-0199 (bsc#1131055) - Rebased patch: - tomcat-9.0-JDTCompiler-java.patch - tomcat-9.0-javadoc.patch- Build classpath directly with the geronimo jars instead of with symlinks to them- Don't overwrite changes made to server.xml contexts when updating bundled webapps.- Set javac target to 1.8 when building docs samples and serverxmltool- Move webapps bundled with Tomcat to /usr/share/tomcat/tomcat-webapps (bsc#1092341). Affected packages: - tomcat-webapps - tomcat-admin-webapps - tomcat-docs-webapp - Remove %doc directive from tomcat-docs-webapps files section so that zypper installs files even if rpm.install.excludedocs is set to yes.- Require Java 1.8 or later (bsc#1123407)- Clean up OSGi manifest injection - Put embed maven metadata into embed subpackage - Use the .mfiles* lists generated by %%add_maven_depmap macro- Fix tomcat-tool-wrapper classpath error (bsc#1120745)- Fix tomcat-digest classpath error (bsc#1120745)- Update to Tomcat 9.0.14. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.14_(markt)- Add pom files for tomcat-jdbc and tomcat-dbcp - Add org.eclipse.jetty.orbit* aliases to correspondant artifacts- Update to Tomcat 9.0.13. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.13_(markt)- Update to Tomcat 9.0.12. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt) - Fixed CVEs: - CVE-2018-11784 (bsc#1110850) - Rebased patches: - tomcat-9.0-disable-osgi-build.patch - tomcat-9.0-javadoc.patch - tomcat-9.0-sle.catalina.policy.patch - tomcat-9.0-tomcat-users-webapp.patch- Declare following files to config(noreplace) to prevent override access rights: - host-manager/META-INF/context.xml - manager/META-INF/context.xml- Empty tomcat-9.0.sysconfig to avoid overwriting of customer's configuration during update (bsc#1067720)- Update to Tomcat 9.0.10. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.10_(markt) - Fixed CVEs: - CVE-2018-1336 (bsc#1102400) - CVE-2018-8014 (bsc#1093697) - CVE-2018-8034 (bsc#1102379) - CVE-2018-8037 (bsc#1102410) - Rebased patch tomcat-9.0-JDTCompiler-java.patch - Added patch tomcat-9.0-disable-osgi-build.patch to disable adding OSGi metadata to JAR files- Update to Tomcat 9.0.5. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.5_(markt)- Modified patch: * tomcat-9.0-javadoc.patch + Don't append to javadoc --add-modules since we are building with source=8 + Avoid accessing Internet URLs from build environment- Update to Tomcat 9.0.2: * Major update for tomcat8 from tomcat9 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-9.0-doc/changelog.html * Rename all tomcat-8.0-* files to tomcat-9.0-* - Changed patches: * Deleted: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-8.0-sle.catalina.policy.patch * Deleted: tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-8.0.33-JDTCompiler-java.patch * Deleted: tomcat-8.0.44-javadoc.patch * Deleted: tomcat-8.0.9-property-build.windows.patch * Added: tomcat-9.0-JDTCompiler-java.patch * Added: tomcat-9.0-bootstrap-MANIFEST.MF.patch * Added: tomcat-9.0-javadoc.patch * Added: tomcat-9.0-sle.catalina.policy.patch * Added: tomcat-9.0-tomcat-users-webapp.patch - Renamed subpackage tomcat-3_1-api to tomcat-4_0-api to reflect the new Servlet API version. - Commented out JAVA_HOME in /etc/tomcat/tomcat.conf - Added "tomcat-" prefix to lib symlinks under /usr/share/java to avoid file conflicts with servletapi5 and geronimo-specs - Fixed wrong %ghost file paths for alternatives symlinks- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Build with JDK 8 to fix runtime errors when running with JDK 7 and 8 - Fix tomcat-digest classpath error (bsc#977410) - Fix packaged /etc/alternatives symlinks for api libs that caused rpm -V to report link mismatch (bsc#1019016)- update to 8.0.47 http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-12617 - rebase tomcat-8.0-sle.catalina.policy.patch- Added patch: * tomcat-8.0.44-javadoc.patch - generate documentation with the same source level as class files - fixes build with jdk9- Version update to 8.0.44: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-5664 (bsc#1042910)- New build dependency: javapackages-local- Version update to 8.0.43: * Another bugfix release, for full details see: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVEs: - CVE-2017-5647 (bnc#1033448) - CVE-2017-5648 (bnc#1033447) - CVE-2016-8745 - Renamed and rebased patches: * tomcat-7.0-sle.catalina.policy.patch -> tomcat-8.0-sle.catalina.policy.patch - Enable optional setenv.sh script. See section "(3.4) Using the "setenv" script (optional, recommended)" in http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt (bnc#1002662) - Fix file conflicts when upgrading from SLES 12 to SLES 12 SP1 (bnc#1023412). Added explicit obsoletes for tomcat-el-2_2-api, tomcat-jsp-2_2-api, tomcat-servlet-3_0-api- update to 8.0.39: (boo#1003911) * Improve handling of I/O errors with async processing * Fail earlier on invalid HTTP request - includes changes from 8.0.38: * Refactoring the non-container thread Async complete()/dispatch() handling to remove the possibility of deadlock * Improved UTF-8 handling for the RewriteValve - includes changes from 8.0.37: * Treat paths used to obtain a request dispatcher as encoded (configurable) * Various jdbc-pool fixes - drop tomcat-8.0.36-jar-scanner-loop.patch, upstream- Switch to commons-dbcp2 fate#321029- Backport fix for inifinite loop in the jar scanner for 8.0.36. (bnc#993862) Added: tomcat-8.0.36-jar-scanner-loop.patch- Version update to 8.0.36: * Another bugfix release for the 8.0 series. Full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.36_(markt) - CVE fixed by the version update: - CVE-2016-3092 (bnc#986359) - Fixed a deployment error in the examples webapp by changing the context.xml format to the new one introduced by Tomcat 8. See http://tomcat.apache.org/migration-8.html#Web_application_resources- fix maven fragments paths to build in multiple distribution versions- Version update to 8.0.33: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.33_(markt) - Rebase tomcat-8.0-tomcat-users-webapp.patch - Rebase tomcat-7.0.53-JDTCompiler-java.patch to tomcat-8.0.33-JDTCompiler-java.patch- Fix fixme for the prereq preamble value - It seems systemd prints error on adding the @ services to macros so do not do that- package was partly merged with the scripts used in the Fedora distribution - support running multiple tomcat instances on the same server (fate#317783) - add catalina-jmx-remote.jar (fate#318403) - remove sysvinit support: systemd is required- update changes file for CVE information - Fixed CVEs: - CVE-2015-5346 (bnc#967814) in 8.0.32 - CVE-2015-5351 (bnc#967812) in 8.0.32 - CVE-2016-0706 (bnc#967815) in 8.0.32 - CVE-2016-0714 (bnc#967964) in 8.0.32 - CVE-2016-0763 (bnc#967966) in 8.0.32 - CVE-2015-5345 (bnc#967965) in 8.0.30 - CVE-2015-5174 (bnc#967967) in 8.0.27- Version update to 8.0.32: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.32_(markt) - Rebase patch: * tomcat-8.0.9-property-build.windows.patch- update to Tomcat 8.0.28 * Multiple fixes, read upstream changelog at: https://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.28_(markt)- Some whitespace cleanups- Remove pointless conflicts on provide/obsolete symbols- Version bump to 8.0.23 fate#318913: * Multiple testfixes all around, read upstream changelog at: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.23_(markt)- Fix previous commit. Fix one rpmlint warning- Drop gpg verification from spec, it is done by obs- Fix build with new jpackage-tools- update to Tomcat 8.0.18: * Major update for tomcat8 from tomcat7 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Rename all tomcat-7.0-* files to tomcat-8.0-* * Update keyring file - Update windows patch to apply again: * Deleted: tomcat-7.0.52-property-build.windows.patch * Added: tomcat-8.0.9-property-build.windows.patch * Added:tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-7.0-tomcat-users-webapp.patch * Added: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-7.0-bootstrap-MANIFEST.MF.patch- Version 1.1.30 or higher is required for APR listener (bnc#914725)/bin/sh/bin/shh04-ch1b 1697445433  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{$}~9.0.82-150200.46.1    docsBUILDING.txtMETA-INFcontext.xmlRELEASE-NOTES.txtRUNNING.txtWEB-INFjsp403.jspweb.xmlaio.htmlannotationapiindex.htmlapiindex.htmlappdevbuild.xml.txtdeployment.htmlindex.htmlinstallation.htmlintroduction.htmlprocesses.htmlsamplebuild.xmldocsREADME.txtindex.htmlsrcmypackageHello.javawebWEB-INFweb.xmlhello.jspimagestomcat.gifindex.htmlsource.htmlweb.xml.txtapr.htmlarchitectureindex.htmloverview.htmlrequestProcessrequestProcess.htmlauthentication-process.pngrequest-process.pngstartupstartup.htmlserverStartup.pdfserverStartup.txtbalancer-howto.htmlbuilding.htmlcdi.htmlcgi-howto.htmlchangelog.htmlclass-loader-howto.htmlcluster-howto.htmlcomments.htmlconfigajp.htmlautomatic-deployment.htmlcluster-channel.htmlcluster-deployer.htmlcluster-interceptor.htmlcluster-listener.htmlcluster-manager.htmlcluster-membership.htmlcluster-receiver.htmlcluster-sender.htmlcluster-valve.htmlcluster.htmlcontext.htmlcookie-processor.htmlcredentialhandler.htmlengine.htmlexecutor.htmlfilter.htmlglobalresources.htmlhost.htmlhttp.htmlhttp2.htmlindex.htmljar-scan-filter.htmljar-scanner.htmljaspic.htmllisteners.htmlloader.htmlmanager.htmlrealm.htmlresources.htmlserver.htmlservice.htmlsessionidgenerator.htmlsystemprops.htmlvalve.htmlconnectors.htmldefault-servlet.htmldeployer-howto.htmldevelopers.htmlelapiindex.htmlgraal.htmlhost-manager-howto.htmlhtml-host-manager-howto.htmlhtml-manager-howto.htmlimagesadd.gifasf-logo.svgcode.gifcors-flowchart.pngdesign.gifdocs-stylesheet.cssdocs.giffix.giffontsOpenSans400.woffOpenSans400italic.woffOpenSans600.woffOpenSans600italic.woffOpenSans700.woffOpenSans700italic.wofffonts.csstomcat.giftomcat.pngupdate.gifvoid.gifindex.htmlintroduction.htmljasper-howto.htmljaspicapiindex.htmljdbc-pool.htmljndi-datasource-examples-howto.htmljndi-resources-howto.htmljspapiindex.htmllogging.htmlmanager-howto.htmlmaven-jars.htmlmbeans-descriptors-howto.htmlmbeans-descriptors.dtdmonitoring.htmlproxy-howto.htmlrealm-howto.htmlrewrite.htmlsecurity-howto.htmlsecurity-manager-howto.htmlservletapiindex.htmlsetup.htmlssi-howto.htmlssl-howto.htmltribesdevelopers.htmlfaq.htmlinterceptors.htmlintroduction.htmlmembership.htmlsetup.htmlstatus.htmltransport.htmlvirtual-hosting-howto.htmlweb-socket-howto.htmlwebsocketapiindex.htmlwindows-auth-howto.htmlwindows-service-howto.html/usr/share/tomcat/tomcat-webapps//usr/share/tomcat/tomcat-webapps/docs//usr/share/tomcat/tomcat-webapps/docs/META-INF//usr/share/tomcat/tomcat-webapps/docs/WEB-INF//usr/share/tomcat/tomcat-webapps/docs/WEB-INF/jsp//usr/share/tomcat/tomcat-webapps/docs/annotationapi//usr/share/tomcat/tomcat-webapps/docs/api//usr/share/tomcat/tomcat-webapps/docs/appdev//usr/share/tomcat/tomcat-webapps/docs/appdev/sample//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/docs//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/src//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/src/mypackage//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/web//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/web/WEB-INF//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/web/images//usr/share/tomcat/tomcat-webapps/docs/architecture//usr/share/tomcat/tomcat-webapps/docs/architecture/requestProcess//usr/share/tomcat/tomcat-webapps/docs/architecture/startup//usr/share/tomcat/tomcat-webapps/docs/config//usr/share/tomcat/tomcat-webapps/docs/elapi//usr/share/tomcat/tomcat-webapps/docs/images//usr/share/tomcat/tomcat-webapps/docs/images/fonts//usr/share/tomcat/tomcat-webapps/docs/jaspicapi//usr/share/tomcat/tomcat-webapps/docs/jspapi//usr/share/tomcat/tomcat-webapps/docs/servletapi//usr/share/tomcat/tomcat-webapps/docs/tribes//usr/share/tomcat/tomcat-webapps/docs/websocketapi/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:30729/SUSE_SLE-15-SP2_Update/1f5b6e9de4003dbcae3fc0bc675fba51-tomcat.SUSE_SLE-15-SP2_Updatedrpmxz5noarch-suse-linux       directoryASCII textXML 1.0 document, ASCII textHTML document, ASCII textHTML document, ASCII text, with very long linesexported SGML document, ASCII textPerl5 module source, ASCII textGIF image data, version 89a, 146 x 92PNG image data, 1873 x 846, 8-bit/color RGB, non-interlacedPNG image data, 2901 x 1431, 8-bit/color RGB, non-interlacedHTML document, UTF-8 Unicode text, with very long linesGIF image data, version 89a, 20 x 20SVG Scalable Vector Graphics imagePNG image data, 976 x 756, 8-bit/color RGB, non-interlacedWeb Open Font Format, TrueType, length 21956, version 1.1Web Open Font Format, TrueType, length 21092, version 1.1Web Open Font Format, TrueType, length 22604, version 1.1Web Open Font Format, TrueType, length 21252, version 1.1Web Open Font Format, TrueType, length 22748, version 1.1Web Open Font Format, TrueType, length 21184, version 1.1PNG image data, 146 x 92, 8-bit/color RGBA, non-interlacedGIF image data, version 89a, 1 x 1o~NNH,tl1~G%11m-a"T6'(\r'@BB}9J;hqh'V"f}k&R=7w}5Rg_¿uPk*סUQUncQljiolZM9Ȉk\T#K|IE`0 m>X1.@}[#%n"~BRsԞƱ&mHEe+7%n(z詼>n& ״)5tDIQ4TäOғ^ϧDf^IZsY&8T3Mm'ӽEZ Aj8El`K%%VC$Xi EZq_K{BsXPb+R~b֦wCYVzhYWE HM3s"4lFԄL\UҜyʶ{JI6,۸{oI>PcZq+r}E\` |ԕ|e[ oCn D"L 5mn5ǵTOؗy6>) M]' Ȕ]`|ݙ K4t7۪4H ڔST|/H +G`dWT%fhjRҭ9c /k4=h#p-}k-HDY GL׍AS $@Р/zOdSxy( \[~IG̢UN9B23Hh2L͕LMc僋E6E((&҈>]H}X3KC${G.q@Al2xyM?,Tqގ=Cd&ܼ#ɕ@Zơ;TwY2/+@[{ZͯCYfQ6ZZ,u+Eq-jbfq$@3Z/ȼxS/NctّY4Aj3"_'iCv JsV#T+%O ש{Rݝ/LgStUjK3K6s}+Bݧ K%"*)ËNEa{op{c/ WXp\0wc%}[XڤJ>?eI.gOOtg^ ǽ, rNYūE/-ȧ {"0ó?h¯J,+9"+ JD:准> ]PӮ /?DǧCyhVeTep(xJW.\NDzs AԠZW qf )tkfi >Zdg ɠWV egY+W(՗|5d>4o\r[;"<%#عZ9<_ЂpIX_,Ar.65cyuZ m.HJrS}䃢ܗiGsa2mz}V郅p_V@dw4ѩF*e|w=2tWE5^1a>ؒzmxFKpSJ`33|,8KHLu -"I ]FaoOKZ#;׽j@r%$eQ2KJێ cl\tfAz`h.wiv*VwL@Kv\TatE䳚FaD`s:linE L|6Q\nqG\`"vx.wD Jo<*%'c/8V*Y{@Qg.auzPF~JpS/݂$vPx[jnsw.\ϛdbRSXE?Bk$[I^a#򫒑 0;g]wUi.H=cctkolkh%vT-x k#G,\8I!ܵrѕK@3WLoD(VCBiت9?MR.sR=7UJ&#)"4y6JO0fIaZPPDɈsdX &gثO\diyo6 &m:aj0ӣf <+pMb F,H3FpՔ fyr188ʛ> %駢"g>`'ZƞOp#5bQq}խGMdצMFᛁxJ|0SbVBʪ3wL(9y4fF]өal9%$O0rbEP$VH$f\쒫_=T#b .yd#7Ғv30;qI |AJux|aK|Q7wBYխawcKi14RUAXa`<;T:>@ņhpֶQ?P= +$= =|'ZAƅ!1Hu{ d^_]x$Z~"u6`7)g>WRb!""ܹ9.Iljk ^vC2RQI/>|!S(pzsz=|+ٱP=yD=fWo\X=L(zSp]U9"$1 BiH(] v6Y;oC5)%b>1D&ٿ\a(kjNL1v&>JzّQ/|uʜ(Ss">C,KQM7UU;FZS' >q't-#p>d뛖[` O8/I!8f0L=aV4kD2xC!I2 ZPL2Vjfh[ʂµO;" S֗[^ fIvDB;] p?%+tZ>3q?(fP,[jmi7S7|>&;s8gkwgqC9 r'ɈHS`I yYv^/}J|N,;rz8NH{+n,kF|-p3V7# |IZ!F>ѝln[.y$1sUEu4CX7U$voVrgyJPV8]%['cYc/&OulA펓H7x6+ xABA|XW`{&I1̥o5'wj@3LәTteZb4Cmz57M9J, ZHkSbn/S+q`1+J?YZt&RˌUi*jN9*ĻTV ,4/'BK+`C_BKBrUR"9fz%Wڻk)Ȱ=(Ä9ۼօUiqZ:SvVXe3kf|hI7L4 ߽ġkބd-Í sOFNP(.koe[e…DD GLNxõf4 #V3K:m̓9HKjiPf=knZP}rN9JM˭u3256/}F"L$P|+6Ot2Z#<^'X\8|q-iZ]2 ЇQV[)2p.SaH)j FQLfzB'YK5ήsK2i.7Y}Jg}"1EX˱S onI0KqsZ>l۲y\F ` Z C$!y{[7!nAetO"Mg#k>ꔏWdvG{w5V8;7yJ7ĩInngowl=t')P48$OhMcUbG9c9TV I뒗h\p a߽grR镍聪%0g)Ӂel:5 /Eomch ÎяrR_iZ 15BLYN7gOg"5it{V|8YٸH9SO4^vpG֪J[S*Q_>kS d'WuG .hc <5MؙLc-C8$Fn^D;@m @K-ٽ.L2˜DuItg}\wbuc$5:mJ!R-.jE[7AX.( OnKPAS3ěK.:tF]Vуp/Wf/vyE39&ˎ*^|%L,-\$ϣqrڄk#sj J7rK80txQW Ŗ*8e}TF;2K$~V-C6TLQ- 7qPQ\2f7E%u +JnBژ94dWN̸d41ػ eul5s5&Y"=/I݅y )$[\0.̷hgo~}0Sx@vբ(T-5TN3;́40>3av0xc y8J/.IKl (=m;kÒB zIbE9gM{}!a[Շοtϴ395R#p·O JsY+ _k%xƊlts] /Uʔ=?|pYɝI;)ygw'~ɴ3ssFTó}DσD!|%5m {t(J05&놲^P=X N)9 &ܟYa?puo L #F X" 41! )WCFt-y5i! @9bȊl:[2#ڜnkK "OyӈE}(d~G̥LS N }Ozsn<q%S쵴fn[YH+0dINo 7}‹ڌ]޺(vEt]ʋDfXka5)I}WR?1}]=?ÛF(.SvjR?#JkjS%}2BXS1 pR6|UDh}LQ\Y)U^7Ffqgv @9KMljέ1lX0?:rFT]"{n.- Σ-vz|8Jrk( CwK.ab5\oiT|֢:UY˅1ʎjrݖ |߉klͬWjG-S(&%>{6^md†8/́fqaImaB҂7{0#及,v;=@X8hd"뮐bnm =G0,4PTa`nÀ}. A 8Dd?o_<`ENOQUI'E{D ~-tsZIXEDng'^d4umpG76V^ohO|EBVq;8xx *N٨􌨂k\[>}^',삜9? y ՞eqpd'iL O /gqʴA-Že 6CBG{,6=+g8\v+}GE[+E;2w zh[Nt|f.=geV2x6hDp$F s@ I,l(~x?c FPB]̎ \p73V?NaPItW_)en|1Pr~$=ܳjgqEVI׸ s]snaDRwSBX'},̀>E~T\ r_T8eT [P.&˭U}T7ˑb*?͈"ms ۿ@e><6B4#fMEצP9i~̅m´E;=( J"QBsC[LyzJ)ΞXd  &$GZCߡǵ@jF Vew'?Ik𻹼K (y}5K~|j7fKɃ.~9XSYMt,7C/Ҥi(}-0^L8 $8|w {[&bQ45D1$a) SzG@/X^S,$J & 4? 5xcs歀*͒K5 %y[-~eO϶[h?@ѡp}X0[8i2B?-D ,og8bg}ƮϨ#8}*5ŞF:0.cm7,PL_y[W_D<@%k02)Vײ̳.G/a!㭯>9<Xqn{} @r/SF x odl-DIFTzm58i 5JvI}RHn5Ax0+EzerQ]~?vcR|\&"辧-_w~^KIވH_Ys펚${6eźӾrh d3;En;UCa1Re{ p rvHK$$Y~4> 1SUu !/su.}G7##BI:f˥/IOZܧ&vFG)44 :rSK@GCF}&,E eT#H@껷Ł;ZW Ch8/PԘB@oс}*㶖"qZz1J{gYXU)>Ҏa4rC>a b֙QQ+xvC_V6{ Qtp,RCwi9LnlT.̀u.wK_ew3 ƺo/+$ "u3)m`.2K̕um_MG],!YO"I+2wxWOk1kmïx) ]F%;a m(g!K*s<(̉@8u|Uѱle~zRqNwpoe}*l*8o$0Tڕ:g q 'ASH~y<'ǫ7T^}eϘk_a=6o˂fmk/y;0@(2 KlYI,>"$mpJaOdZJIwa))[:Q!A2,CIF`kĨ>x!g{,v16{T10H[0+JF)#@ Cl춙W08Ƴ$O`+