HomeFreeBSD
Diffusion FreeBSD ports repository e9395fe9f8bf

www/tomcat9: Update to 9.0.62
e9395fe9f8bf
Actions

Description

www/tomcat9: Update to 9.0.62

Harden the class loader to provide a mitigation for CVE-2022-22965
a Spring Framework vulnerability: Effectively disable the
WebappClassLoaderBase.getResources() method as it is not used and
if something accidently exposes the class loader this method can be used to gain
access to Tomcat internals.

Changes: https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.62_(remm)

PR: 262975

Details

Provenance
vvdAuthored on Apr 1 2022, 10:44 AM
Mikael Urankar <mikael@FreeBSD.org>Committed on Apr 1 2022, 10:57 AM
Parents
R11:8126f2d8db74: www/tomcat85: Update to 8.5.78
Branches
Unknown
Tags
Unknown

Event Timeline

Mikael Urankar <mikael@FreeBSD.org> committed R11:e9395fe9f8bf: www/tomcat9: Update to 9.0.62 (authored by vvd).Apr 1 2022, 10:57 AM

Changes (2)

PathSize
www/
tomcat9/

R11:e9395fe9f8bf

View Options

www/tomcat9/Makefile

Loading...
View Options

www/tomcat9/distinfo

Loading...