tomcat5-webapps-5.0.30-10 RPM for noarch

From SuSE Linux 10.0 updates for i386 / deltas

Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages pecifications are developed by
Sun under the Java Community Process.

This package contains the sample webapps for Tomcat.



Authors:
--------
    Hans Bergsten <hans@gefionsoftware.com>
    James Duncan <Davidson duncan@x180.com>
    Pierpaolo Fumagalli <pier@apache.org>
    Craig McClanahan <cmcclanahan@mytownnet.com>
    Sam Ruby <rubys@us.ibm.com>
    Jon Stevens <jon@clearink.com>
    Anil Vijendran <akv@eng.sun.com>
    Brian Behlendorf <brian@behlendorf.com>
    Kevin Burton <burton@relativity.yi.org>
    Danno Ferrin <shemnon@earthlink.net>
    Jason Hunter <jh@servlets.com>
    Ramesh Mandava <rmandava@talentportal.com>
    Stefano Mazzocchi <stefano@apache.org>
    Rajiv Mordani <mode@chinet.com>
    Harish Prabhandham <harishp@onebox.com>
    Jean-Luc Rochat <shachor@il.ibm.com>
    James Todd <jwtodd@pacbell.net>

Provides

• tomcat5-webapps
• jakarta-tomcat-examples
• jakarta-tomcat-docs

Requires

• tomcat5
• jakarta-taglibs-standard
• /bin/sh
• /bin/sh

Copyright

BSD 3-Clause, The Apache Software License

Signatures

internal MD5: cbcbf9a4892c923a015598aa7e0387a7

GPG

Changelog

* Tue May 15 2007 - dbornkessel@suse.de
  - bug fix for Bug #274237
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195
    Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in
    Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows
    remote attackers to inject arbitrary web script or HTML via certain
    header values.
* Tue Mar 20 2007 - dbornkessel@suse.de
  - backported security fix (Bug #254482)
    CVE-2007-0450
    Tomcat permits both '\' and '%5C' as path delimiters. A HTTP request containing strings like "/\../"
    allow attackers to break out of the given context. Additionally, when using Tomcat behind a proxy
    configured to only proxy some contexts this permits access to non-proxied contexts. When used
    behind a proxy it is recommended that Tomcat is secured as if the proxy were not present.
    The following Java startup options have been added to Tomcat to provide additional control of the handling of '\' and '%5c' in URLs:
    * -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true|false
    * -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true|false
    These options default to false.
* Thu Sep 01 2005 - skh@suse.de
  - fix struts-config.xml in admin webapp (#113319)
* Fri Mar 04 2005 - skh@suse.de
  - remove superfluous %defines
* Tue Feb 22 2005 - skh@suse.de
  - update to version 5.0.30
  - fix build with current struts
* Mon Feb 21 2005 - skh@suse.de
  - update to version 5.0.28
* Fri Oct 01 2004 - skh@suse.de
  - Fix %files section breakage from last change (#46620)
  - Fix documentation (#46599)
* Wed Sep 29 2004 - skh@suse.de
  - Fix %files section to remove file conflicts between main package and
    subpackages.
* Mon Sep 27 2004 - skh@suse.de
  - Set CATALINA_HOME in /etc/sysconfig/j2ee correctly when updating from
    jakarta-tomcat (#46080)
* Fri Sep 17 2004 - skh@suse.de
  - Create correct and backwards-compatible directory and symlink
    structure (#45503)
  - really fix prerequires
* Thu Sep 16 2004 - skh@suse.de
  - Use SUSE config files and rc scripts following the old
    jakarta-tomcat package
  - fix prerequires
* Mon Sep 13 2004 - skh@suse.de
  - Be FHS compliant again (install below /srv/www/tomcat5 instead
    of /var/lib/tomcat5)
  - Fix Provides and Obsoletes
* Tue Sep 07 2004 - skh@suse.de
  - Fix PreRequires.
* Mon Sep 06 2004 - skh@suse.de
  - ... and use correct file permissions.
* Mon Sep 06 2004 - skh@suse.de
  - Don't use fixed uid/gid
* Mon Sep 06 2004 - skh@suse.de
  - Switched to JPackage version with 5.0.27 (JPackage 1.5)

Files

Generated by rpm2html 1.8.1

Daniel Veillard, Mon Oct 6 04:35:08 2008