-
Thu Oct 12 2017 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-3
- Resolves: rhbz#1498344 CVE-2017-12615 CVE-2017-12617 tomcat: various flaws
- Resolves: rhbz#1495654 CVE-2017-7674 tomcat: Vary header not added by CORS filter leading to cache poisoning
- Resolves: rhbz#1470596 CVE-2017-5647 Add follow up revision
-
Thu Jun 08 2017 Coty Sutherland <csutherl@redhat.com> 0:7.0.76-2
- Resolves: rhbz#1459747 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism
- Resolves: rhbz#1441481 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used
-
Wed Mar 29 2017 Coty Sutherland <csutherl@redhat.com> - 0:7.0.76-1
- Resolves: rhbz#1414895 Rebase tomcat to the current release
-
Thu Aug 25 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-10
- Related: rhbz#1368122
-
Tue Aug 23 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-9
- Resolves: rhbz#1362213 Tomcat: CGI sets environmental variable based on user supplied Proxy request header
- Resolves: rhbz#1368122
-
Wed Aug 03 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-7
- Resolves: rhbz#1362545
-
Fri Jul 08 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-6
- Related: rhbz#1201409 Added /etc/sysconfig/tomcat to the systemd unit for tomcat-jsvc.service
-
Fri Jul 01 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-5
- Resolves: rhbz#1347860 The systemd service unit does not allow tomcat to shut down gracefully
-
Mon Jun 27 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-4
- Resolves: rhbz#1350438 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service
-
Fri Jun 17 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.69-3
- Resolves: rhbz#1347774 The security manager doesn't work correctly (JSPs cannot be compiled)