HomeFreeBSD
Diffusion FreeBSD ports repository 8126f2d8db74

www/tomcat85: Update to 8.5.78
8126f2d8db74
Actions

Description

www/tomcat85: Update to 8.5.78

Harden the class loader to provide a mitigation for CVE-2022-22965
a Spring Framework vulnerability: Effectively disable the
WebappClassLoaderBase.getResources() method as it is not used and
if something accidently exposes the class loader this method can be used to gain
access to Tomcat internals.

Changes: https://tomcat.apache.org/tomcat-8.5-doc/changelog.html#Tomcat_8.5.78_(markt)

PR: 262975

Details

Provenance
vvdAuthored on Apr 1 2022, 10:51 AM
Mikael Urankar <mikael@FreeBSD.org>Committed on Apr 1 2022, 10:57 AM
Parents
R11:85cb635b5fd6: lang/snobol4: Update to 2.3.1
Branches
Unknown
Tags
Unknown

Event Timeline

Mikael Urankar <mikael@FreeBSD.org> committed R11:8126f2d8db74: www/tomcat85: Update to 8.5.78 (authored by vvd).Apr 1 2022, 10:57 AM

Changes (2)

PathSize
www/
tomcat85/

R11:8126f2d8db74

View Options

www/tomcat85/Makefile

Loading...
View Options

www/tomcat85/distinfo

Loading...