tomcat6-servlet-2_5-api-6.0.32-42.1e>UA)B6,7ܟqC6ЊҐ?R8$jb"/% Md4PXI2^?*X7/2z>9"?"d! & W (4 : @ L  Tt/(Q8X9:(> @ F G H I X Y \ ]!^!Sb!dc!d"e"f"l"z"Ctomcat6-servlet-2_5-api6.0.3242.1Apache Tomcat Servlet API implementation classesApache Tomcat Servlet API implementation classesR8build15XopenSUSE 11.4openSUSEApache-2.0http://bugs.opensuse.orgProductivity/Networking/Web/Servershttp://tomcat.apache.orglinuxnoarch/usr/sbin/update-alternatives --install /usr/share/java/servlet.jar servlet \ /usr/share/java/tomcat6-servlet-2.5-api.jar 20500if [ "$1" = "0" ]; then /usr/sbin/update-alternatives --remove servlet \ /usr/share/java/tomcat6-servlet-2.5-api.jar fiX"R,RR,d41d8cd98f00b204e9800998ecf8427e6ec8d2c9cf217ba2f5898e0a0c951e34tomcat6-servlet-2.5-api-6.0.32.jar@rootrootrootrootrootroottomcat6-6.0.32-42.1.src.rpmtomcat6-servlet-2.5-apiservletservlet25servlet6tomcat6-servlet-2_5-api    rpmlib(VersionedDependencies)/usr/sbin/update-alternatives/usr/sbin/update-alternatives/bin/sh/bin/shrpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)rpmlib(PayloadIsLzma)3.0.3-14.0-13.0.4-14.4.6-14.8.0RP @PѬ@O/ONqNI @MU$MLOL@LcL>@Kie@KC)JH@J#J67J&eI?@lijewski.stefan@gmail.comlijewski.stefan@gmail.comlijewski.stefan@gmail.commvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.cz- tomcat-CVE-2013-2067.patch (bnc#831117) - tomcat-CVE-2012-3544.patch (bnc#831119) - use chown --no-dereference to prevent symlink attacks on log (bnc#822177#c7/prevents CVE-2013-1976)- fix bnc#794548 - denial of service (CVE-2012-4534) * apache-tomcat-CVE-2012-4534.patch fixes apache#53138, apache#52858 http://svn.apache.org/viewvc?view=rev&rev=1372035 - fix a minor issue in apache-tomcat-CVE-2012-4431.patch use the already initialized session variable instead of an another call req.getSesssion()- fix bnc#793394 - bypass of security constraints (CVE-2012-3546) * apache-tomcat-CVE-2012-3546.patch http://svn.apache.org/viewvc?view=revision&revision=1381035 - fix bnc#793391 - bypass of CSRF prevention filter (CVE-2012-4431) * apache-tomcat-CVE-2012-4431.patch http://svn.apache.org/viewvc?view=revision&revision=1394456 - document how to protect against slowloris DoS (CVE-2012-5568/bnc#791679) in README.SUSE - fixes bnc#791423 - cnonce tracking weakness (CVE-2012-5885) bnc#791424 - authentication caching weakness (CVE-2012-5886) bnc#791426 - stale nonce weakness (CVE-2012-5887) * apache-tomcat-CVE-2009-2693-CVE-2009-2901-CVE-2009-2902.patch http://svn.apache.org/viewvc?view=revision&revision=1380829 - fix bnc#789406 - HTTP NIO connector OOM DoS via a request with large headers (CVE-2012-2733) * http://svn.apache.org/viewvc?view=revision&revision=1356208- fix bnc#742477 - iManager throws exception in its basic functionalities * http://svn.apache.org/viewvc?view=revision&revision=1206324 * http://svn.apache.org/viewvc?view=revision&revision=1229027 - fix bnc#735343 - VUL-1: tomcat: Multiple weaknesses in HTTP DIGEST * http://svn.apache.org/viewvc?view=revision&revision=1158180 fixes CVE-2011-5062, CVE-2011-5063, CVE-2011-5064 and CVE-2011-1184 - fix bnc#743055 - VUL-1: CVE-2011-3375: tomcat: information disclosure due to improper response and request object recycling- fix bnc#727543 - VUL-0: Apache tomcat vulnerable to hash collision attack backport upstream changes: * add getCharset method for B2Converter http://svn.apache.org/viewvc?view=revision&revision=1140904 * add isConfigProblemFatal method http://svn.apache.org/viewvc?view=revision&revision=1199122 * GET POST parameter processing performance. Adds maximum number of parameters per request (defaults to 10000) and new FailedRequestFilter for rejecting requests with excessive number of parameters http://svn.apache.org/viewvc?view=revision&revision=1200601 - fix bnc#712784 - tomcat6: add missing Requires on java >= 1.6.0 * add recommends on java >= 1.6.0 and java-devel >= 1.6.0- fix bnc#715991 - VUL-0: tomcat authentication bypass and information disclosure (CVE-2011-3190) * http://svn.apache.org/viewvc?view=revision&revision=1162959- fix bnc#706404 - VUL-0: tomcat user password information leak (CVE-2011-2204) * http://svn.apache.org/viewvc?view=revision&revision=1140071 - fix bnc#706382 - VUL-0: tomcat information leak and DoS (CVE-2011-2526) * http://svn.apache.org/viewvc?view=revision&revision=1146703 - fix bnc#702289 - suse manager pam ldap authentication fails * source CATALINA_HOME/bin/setenv.sh if exists- update to latest upstream version 6.0.32 (bugfix release) - obsolete CVE-2010-4172 patch - fixes bnc#669897 (CVE-2010-3718), bnc#669926 (CVE-2010-4476), bnc#669928 (CVE-2011-0013) and bnc#669930 (CVE-2011-0534)- fix bnc#655440#c14 - clean workdir of tomcat's webapps to be sure our fixed jsps will be redeployed on each update- fix bnc#655440 - VUL-0: tomcat6: Apache Tomcat Manager application XSS vulnerability (CVE-2010-4172) http://svn.apache.org/viewvc?view=revision&revision=1037779 - fix bnc#653586 - spacewalk 1.2 requires jasper 5.5 * add offline jasper compiler /usr/bin/jspc - unpack tarball to apache-tomcat-$VERSION-src directory directly- Fix bnc#650130 - Update of tomcat6 not possible (cpio: Is a directory) * workaround the rpm bug - it cannot update directory to symlink * make /etc/tomcat6/Catalina/ as ghost file * create link in %posttrans- Update to 6.0.29 (bugfix release) - fix bnc#625415: Tomcat6 does not have permissions to its own directories * also fix the /etc/tomcat6/Catalina link target - revert a setclasspath.sh changes - disable user/group verification of tomcat owned files and directories to allow easy change of the tomcat user without rpm --verify complaints- Update to 6.0.28 (bugfix release) - fix bnc#565901 - missing catalina.sh again * move catalina.sh to CATALINA_HOME/bin * add jpackage.org compatible CATALINA_HOME/bin/setclasspath.sh - add missing logrotate requires - install scripts with mode 0755- Update to 6.0.24 (bugfix release). This obsoletes patch * tomcat6-bug47316.patch - Merged with tomcat6-6.0.18-10.jpp6.src.rpm * return the jpackage.org license header in spec * polish in spec (use more macros) * add logrotate support * add patch to document webapps in %%{_sysconfdir}/%%{name}/tomcat-users.xml * move %%{_bindir}/d%%{name} to %%{_sbindir}/%%{name} and provide symlink to %%{_sbindir}/d%%{name} * add digest and tool-wrapper scripts * explicitly unset CLASSPATH * explicitly set OPT_JAR_LIST to include ant/ant-trax * build and install sample webapp * use copy instead of move to fix short-circuit install build * version jsp and servlet Provides with their spec versions * make initscript LSB-complaint * add el subpackage- fixed bnc#565901 - missing catalina.sh * added catalina.sh (link from dtomcat6) to improve upstream compatibility- fixed bnc#542634: Tomcat NPE on start applied patch from upstream bugzilla https://issues.apache.org/bugzilla/show_bug.cgi?id=47316#c3- fixed bnc#520532: marked all webapp/ROOT/* files as config(noreplace) - marked /etc/ant.d/catalina-ant as config(noreplace)- added a missing -p1 for %patch0- fixed bnc#488061: work directory clean on tomcat stop - update to 6.0.20 - the bugfix release: * MemoryUserDatabase is read-only by default * Allow huge request body packets for AJP13 * Never return an empty HTTP status reason phrase * Prevent double initialisation of JSPs * A node should ignore its own heartbeat messages * Prettry error messages (instead of stacktrace) if shutdown port is disabled- fixed bnc#418664 - Tomcat6 installation has missing bits - added /etc/ant.d/catalina-ant - another fix for bnc#471639 - tomcat does not start/work * merged a sysconfig and tomcat6.conf to allow a dtomcat6 start works * also fixs (bnc#471639) - fixed bnc#424675 - Access rights to /etc/tomcat6 directory not set right * create a link from /etc/tomcat6/Catalina to /var/cache/tomcat6/Catalina - removed a CATALINA_OPTS from stop in dtcomcat6 (bao#42951)/bin/sh/bin/shbuild15 1377622072 ? ' A2.56.0.32-42.1servlet.jartomcat6-servlet-2.5-api-6.0.32.jartomcat6-servlet-2.5-api.jar/usr/share/java/-fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -gobs://build.opensuse.org/openSUSE:Evergreen:Maintenance:178/openSUSE_Evergreen_11.4/c339ff0982b4999fa7d0d3e3111385b8-tomcat6.openSUSE_Evergreen_11.4drpmlzma5noarch-suse-linux1Q"qwEa?p]"k%<3WƵˡK)oOBPOګ8l7H ,7,ډI 6r^N^f4p_UY,>ZN:/MqGyIXF\}J Ż&j9?n6iێ}ZCh! >({z% Fѵq6vGfy^8:>{`sDJlYI3Gͨd]45-4RTUDhXYڒhl)ipA+_3$k~iط0GeT-$c_f/MNx1[41m[, Ԯx#^&h\LZՏWh.muz"ymO9bҠەG/c @XxeذEi]:özN n)CPLˑ;}O2?O*y˦)XsH@@G]6-OJ(>87kɂTQ]MUSHc