Wed Jul 25 21:29:25 2018 UTC ()
Update to 8.5.32

Changelog:
Tomcat 8.5.32 (markt)
Catalina
	Fix:  Treat the <mapped-name> element of a <env-entry> in web.xml in the same way as the mappedName element of the equivalent @Resource annotation. Both now attempt to set the mappedName property of the resource. (markt)
	Fix:  Correct the processing of resources with <injection-target>s defined in web.xml. First look for a match using JavaBean property names and then, only if a match is not found, look for a match using fields. (markt)
	Fix:  When restoring a saved request with a request body after FORM authentication, ensure that calls to the HttpServletRequest methods getRequestURI(), getQueryString() and getProtocol() are not corrupted by the processing of the saved request body. (markt)
	Fix:  JNDI resources that are defined with injection targets but no value are now treated as if the resource is not defined. (markt)
	Fix:  Ensure that JNDI names used for <lookup-name> entries in web.xml and for lookup elements of @Resource annotations specify a name with an explicit java: namespace. (markt)
	Code:  Refactor the org.apache.naming package to reduce duplicate code. Duplicate code identified by the Simian tool. (markt)
	Fix:  50019: Add support for <lookup-name>. Based on a patch by Gurkan Erdogdu. (markt)
	Add:  51953: Add the RemoteCIDRFilter and RemoteCIDRValve that can be used to allow/deny requests based on IPv4 and/or IPv6 client address where the IP ranges are defined using CIDR notation. Based on a patch by Francis Galiegue. (markt)
	Fix:  62343: Make CORS filter defaults more secure. This is the fix for CVE-2018-8014. (markt)
	Fix:  Ensure that the web application resources implementation does not incorrectly cache results for resources that are only visible as class loader resources. (markt)
	Fix:  Make all loggers associated with Tomcat provided Filters non-static to ensure that log messages are not lost when a web application is reloaded. (markt)
	Fix:  Correct the manifest for the annotations-api.jar. The JAR implements the Common Annotations API 1.2 and the manifest should reflect that. (markt)
	Fix:  Switch to non-static loggers where there is a possibility of a logger becoming associated with a web application class loader causing log messages to be lost if the web application is stopped. (markt)
	Add:  62389: Add the IPv6 loopback address to the default internalProxies regular expression. Patch by Craig Andrews. (markt)
	Fix:  In the RemoteIpValve and RemoteIpFilter, correctly handle the case when the request passes through one or more trustedProxies but no internalProxies. Based on a patch by zhanhb. (markt)
	Fix:  Correct the logic in MBeanFactory.removeConnector() to ensure that the correct Connector is removed when there are multiple Connectors using different addresses but the same port. (markt)
	Fix:  Make JAASRealm mis-configuration more obvious by requiring the authenticated Subject to include at least one Principal of a type specified by userClassNames. (markt)
	Fix:  62476: Use GMT timezone for the value of Expires header as required by HTTP specification (RFC 7231, 7234). (kkolinko)


(zafer)
diff -r1.6 -r1.7 pkgsrc/www/apache-tomcat85/Makefile
diff -r1.6 -r1.7 pkgsrc/www/apache-tomcat85/distinfo
cvs diff -r1.6 -r1.7 pkgsrc/www/apache-tomcat85/Makefile (switch to unified diff)

--- pkgsrc/www/apache-tomcat85/Makefile 2018/03/23 13:19:13 1.6
+++ pkgsrc/www/apache-tomcat85/Makefile 2018/07/25 21:29:25 1.7
@@ -1,98 +1,98 @@ @@ -1,98 +1,98 @@
1# $NetBSD: Makefile,v 1.6 2018/03/23 13:19:13 ryoon Exp $ 1# $NetBSD: Makefile,v 1.7 2018/07/25 21:29:25 zafer Exp $
2# 2#
3 3
4DISTNAME= apache-tomcat-${TOMCAT_VER} 4DISTNAME= apache-tomcat-${TOMCAT_VER}
5CATEGORIES= www 5CATEGORIES= www
6MASTER_SITES= ${MASTER_SITE_APACHE:=tomcat/tomcat-8/v${TOMCAT_VER}/bin/} 6MASTER_SITES= ${MASTER_SITE_APACHE:=tomcat/tomcat-8/v${TOMCAT_VER}/bin/}
7 7
8MAINTAINER= ryoon@NetBSD.org 8MAINTAINER= ryoon@NetBSD.org
9HOMEPAGE= http://tomcat.apache.org/ 9HOMEPAGE= http://tomcat.apache.org/
10COMMENT= Implementation of Java Servlet and JavaServer Pages technologies 10COMMENT= Implementation of Java Servlet and JavaServer Pages technologies
11LICENSE= apache-2.0 11LICENSE= apache-2.0
12 12
13CONFLICTS+= jakarta-tomcat55-[0-9]* 13CONFLICTS+= jakarta-tomcat55-[0-9]*
14CONFLICTS+= jakarta-tomcat-[0-9]* 14CONFLICTS+= jakarta-tomcat-[0-9]*
15 15
16NO_BUILD= yes 16NO_BUILD= yes
17USE_LANGUAGES= # none 17USE_LANGUAGES= # none
18USE_JAVA= run 18USE_JAVA= run
19USE_JAVA2= 7 19USE_JAVA2= 7
20USE_TOOLS+= pax 20USE_TOOLS+= pax
21 21
22.include "../../mk/bsd.prefs.mk" 22.include "../../mk/bsd.prefs.mk"
23 23
24TOMCAT_VER= 8.5.29 24TOMCAT_VER= 8.5.32
25TOMCAT_HOME= ${PREFIX}/share/tomcat 25TOMCAT_HOME= ${PREFIX}/share/tomcat
26EGDIR= ${PREFIX}/share/examples/tomcat 26EGDIR= ${PREFIX}/share/examples/tomcat
27DOCDIR= ${PREFIX}/share/doc/tomcat 27DOCDIR= ${PREFIX}/share/doc/tomcat
28RCD_SCRIPTS= tomcat 28RCD_SCRIPTS= tomcat
29SMF_NAME= tomcat 29SMF_NAME= tomcat
30TOMCAT_USER?= tomcat 30TOMCAT_USER?= tomcat
31TOMCAT_GROUP?= tomcat 31TOMCAT_GROUP?= tomcat
32PKG_GROUPS= ${TOMCAT_GROUP} 32PKG_GROUPS= ${TOMCAT_GROUP}
33PKG_USERS= ${TOMCAT_USER}:${TOMCAT_GROUP} 33PKG_USERS= ${TOMCAT_USER}:${TOMCAT_GROUP}
34PKG_GROUPS_VARS+= TOMCAT_GROUP 34PKG_GROUPS_VARS+= TOMCAT_GROUP
35PKG_USERS_VARS+= TOMCAT_USER 35PKG_USERS_VARS+= TOMCAT_USER
36PKG_HOME.tomcat= ${TOMCAT_HOME} 36PKG_HOME.tomcat= ${TOMCAT_HOME}
37PKG_SHELL.tomcat= ${SH} 37PKG_SHELL.tomcat= ${SH}
38PKG_SYSCONFDIR.tomcat= ${TOMCAT_HOME}/conf 38PKG_SYSCONFDIR.tomcat= ${TOMCAT_HOME}/conf
39OWN_DIRS_PERMS+= ${PKG_SYSCONFDIR.tomcat} ${TOMCAT_USER} ${TOMCAT_GROUP} 0755 39OWN_DIRS_PERMS+= ${PKG_SYSCONFDIR.tomcat} ${TOMCAT_USER} ${TOMCAT_GROUP} 0755
40FILES_SUBST+= JAVA_HOME=${PKG_JAVA_HOME} TOMCAT_HOME=${TOMCAT_HOME} \ 40FILES_SUBST+= JAVA_HOME=${PKG_JAVA_HOME} TOMCAT_HOME=${TOMCAT_HOME} \
41 TOMCAT_USER=${TOMCAT_USER} TOMCAT_GROUP=${TOMCAT_GROUP} 41 TOMCAT_USER=${TOMCAT_USER} TOMCAT_GROUP=${TOMCAT_GROUP}
42 42
43PRIVATE_EGFILES= server.xml tomcat-users.xml 43PRIVATE_EGFILES= server.xml tomcat-users.xml
44PUBLIC_EGFILES= catalina.policy catalina.properties \ 44PUBLIC_EGFILES= catalina.policy catalina.properties \
45 context.xml logging.properties web.xml 45 context.xml logging.properties web.xml
46DOCFILES= LICENSE NOTICE RELEASE-NOTES RUNNING.txt 46DOCFILES= LICENSE NOTICE RELEASE-NOTES RUNNING.txt
47WORK_DIRS= work temp logs 47WORK_DIRS= work temp logs
48 48
49.for f in ${PRIVATE_EGFILES} 49.for f in ${PRIVATE_EGFILES}
50CONF_FILES_PERMS+= ${EGDIR}/${f} ${PKG_SYSCONFDIR.tomcat}/${f} \ 50CONF_FILES_PERMS+= ${EGDIR}/${f} ${PKG_SYSCONFDIR.tomcat}/${f} \
51 ${TOMCAT_USER} ${TOMCAT_GROUP} 0640 51 ${TOMCAT_USER} ${TOMCAT_GROUP} 0640
52.endfor 52.endfor
53 53
54.for f in ${PUBLIC_EGFILES} 54.for f in ${PUBLIC_EGFILES}
55CONF_FILES_PERMS+= ${EGDIR}/${f} ${PKG_SYSCONFDIR.tomcat}/${f} \ 55CONF_FILES_PERMS+= ${EGDIR}/${f} ${PKG_SYSCONFDIR.tomcat}/${f} \
56 ${TOMCAT_USER} ${TOMCAT_GROUP} 0644 56 ${TOMCAT_USER} ${TOMCAT_GROUP} 0644
57.endfor 57.endfor
58 58
59.for d in ${WORK_DIRS} 59.for d in ${WORK_DIRS}
60OWN_DIRS_PERMS+= ${TOMCAT_HOME}/${d} ${TOMCAT_USER} ${TOMCAT_GROUP} 0755 60OWN_DIRS_PERMS+= ${TOMCAT_HOME}/${d} ${TOMCAT_USER} ${TOMCAT_GROUP} 0755
61.endfor 61.endfor
62 62
63INSTALLATION_DIRS+= ${TOMCAT_HOME} ${EGDIR} ${DOCDIR} 63INSTALLATION_DIRS+= ${TOMCAT_HOME} ${EGDIR} ${DOCDIR}
64 64
65do-install: 65do-install:
66.for d in ${WORK_DIRS} 66.for d in ${WORK_DIRS}
67 ${RM} -rf ${WRKSRC}/${d} 67 ${RM} -rf ${WRKSRC}/${d}
68.endfor 68.endfor
69 69
70.for f in ${DOCFILES} 70.for f in ${DOCFILES}
71 ${INSTALL_DATA} ${WRKSRC}/${f} ${DESTDIR}${DOCDIR}/${f} 71 ${INSTALL_DATA} ${WRKSRC}/${f} ${DESTDIR}${DOCDIR}/${f}
72 ${RM} -f ${WRKSRC}/${f} 72 ${RM} -f ${WRKSRC}/${f}
73.endfor 73.endfor
74 74
75.for f in ${PRIVATE_EGFILES} 75.for f in ${PRIVATE_EGFILES}
76 ${INSTALL_DATA} ${WRKSRC}/conf/${f} ${DESTDIR}${EGDIR}/${f} 76 ${INSTALL_DATA} ${WRKSRC}/conf/${f} ${DESTDIR}${EGDIR}/${f}
77 ${RM} -f ${WRKSRC}/conf/${f} 77 ${RM} -f ${WRKSRC}/conf/${f}
78.endfor 78.endfor
79 79
80.for f in ${PUBLIC_EGFILES} 80.for f in ${PUBLIC_EGFILES}
81 ${INSTALL_DATA} ${WRKSRC}/conf/${f} ${DESTDIR}${EGDIR}/${f} 81 ${INSTALL_DATA} ${WRKSRC}/conf/${f} ${DESTDIR}${EGDIR}/${f}
82 ${RM} -f ${WRKSRC}/conf/${f} 82 ${RM} -f ${WRKSRC}/conf/${f}
83.endfor 83.endfor
84 84
85 ${FIND} ${WRKSRC} -name \*.exe -type f -print | ${XARGS} ${RM} -f 85 ${FIND} ${WRKSRC} -name \*.exe -type f -print | ${XARGS} ${RM} -f
86 ${FIND} ${WRKSRC} -name \*.bat -type f -print | ${XARGS} ${RM} -f 86 ${FIND} ${WRKSRC} -name \*.bat -type f -print | ${XARGS} ${RM} -f
87 87
88 cd ${WRKSRC} && ${PAX} -rw -pm . ${DESTDIR}${TOMCAT_HOME} 88 cd ${WRKSRC} && ${PAX} -rw -pm . ${DESTDIR}${TOMCAT_HOME}
89 89
90 ${FIND} ${DESTDIR}${TOMCAT_HOME} -type d -print | \ 90 ${FIND} ${DESTDIR}${TOMCAT_HOME} -type d -print | \
91 ${XARGS} ${CHMOD} ${PKGDIRMODE} 91 ${XARGS} ${CHMOD} ${PKGDIRMODE}
92 ${FIND} ${DESTDIR}${TOMCAT_HOME} -type f -print | \ 92 ${FIND} ${DESTDIR}${TOMCAT_HOME} -type f -print | \
93 ${XARGS} ${CHMOD} ${SHAREMODE} 93 ${XARGS} ${CHMOD} ${SHAREMODE}
94 ${FIND} ${DESTDIR}${TOMCAT_HOME} -type f -name \*.sh -print | \ 94 ${FIND} ${DESTDIR}${TOMCAT_HOME} -type f -name \*.sh -print | \
95 ${XARGS} ${CHMOD} ${BINMODE} 95 ${XARGS} ${CHMOD} ${BINMODE}
96 96
97.include "../../mk/java-vm.mk" 97.include "../../mk/java-vm.mk"
98.include "../../mk/bsd.pkg.mk" 98.include "../../mk/bsd.pkg.mk"
cvs diff -r1.6 -r1.7 pkgsrc/www/apache-tomcat85/distinfo (switch to unified diff)

--- pkgsrc/www/apache-tomcat85/distinfo 2018/03/23 13:19:13 1.6
+++ pkgsrc/www/apache-tomcat85/distinfo 2018/07/25 21:29:25 1.7
@@ -1,6 +1,6 @@ @@ -1,6 +1,6 @@
1$NetBSD: distinfo,v 1.6 2018/03/23 13:19:13 ryoon Exp $ 1$NetBSD: distinfo,v 1.7 2018/07/25 21:29:25 zafer Exp $
2 2
3SHA1 (apache-tomcat-8.5.29.tar.gz) = fdc2ac85282af82a494e352c35e33dcfe1dbab6b 3SHA1 (apache-tomcat-8.5.32.tar.gz) = 04bdc935981580ec0b3b08302f5b22f8df508944
4RMD160 (apache-tomcat-8.5.29.tar.gz) = bee9cabd08028014b684a62262d20831b2caa6de 4RMD160 (apache-tomcat-8.5.32.tar.gz) = ec1c9d1545f76a2e0c07a5c200408a483de850a8
5SHA512 (apache-tomcat-8.5.29.tar.gz) = a7c771524052325a801b96d9553b18406019d1cea5b874e6c0fcbad46856922d97d634af29c53ec540675d43925e6e5b89685fbba4a7051514e7198f25a99297 5SHA512 (apache-tomcat-8.5.32.tar.gz) = fc010f4643cb9996cad3812594190564d0a30be717f659110211414faf8063c61fad1f18134154084ad3ddfbbbdb352fa6686a28fbb6402d3207d4e0a88fa9ce
6Size (apache-tomcat-8.5.29.tar.gz) = 9532698 bytes 6Size (apache-tomcat-8.5.32.tar.gz) = 9584807 bytes