PR#9: Update to 9.0.75 - rpms/tomcat

rpms / tomcat

#9 Update to 9.0.75

Closed a year ago by sonix. Opened a year ago by sonix.

rpms/ sonix/tomcat pr-update-9.0.75 into rawhide

Update to 9.0.75

Sonia Xu • a year ago

ebcd767

sources

file modified

+1 -1

		`@@ -1,1 +1,1 @@`
		`- SHA512 (apache-tomcat-9.0.71-src.tar.gz) = 0c62a5e526178e39c68717223ce2cb4a31096e5765b718639e4ba4bbf3d70ba28238cd1bb5cf74747f718b35baf98de32c7ee8a7ebd445c6191700070c1ca930`
		`+ SHA512 (apache-tomcat-9.0.75-src.tar.gz) = 19f78fbe3391bbad65494e0071a6df9a26ceb1a4bd387b3425c5f34a02391fcaaae40442cdca3a98c4b7b45963d3a9e51dd6a1b72f11c29904c755cff03def64`

tomcat.spec

file modified

+5 -1

		`@@ -31,7 +31,7 @@`
		`%global jspspec 2.3`
		`%global major_version 9`
		`%global minor_version 0`
		`- %global micro_version 71`
		`+ %global micro_version 75`
		`%global packdname apache-tomcat-%{version}-src`
		`%global servletspec 4.0`
		`%global elspec 3.0`
		`@@ -496,6 +496,10 @@`
		`%{appdir}/ROOT`

		`%changelog`
		`+ * Fri Jun 02 2023 Sonia Xu <sonix@amazon.com> - 1:9.0.75-1`
		`+ - Update to 9.0.75`
		`+ - Resolves: rhbz#2210321 - CVE-2023-28709 tomcat: Fix for CVE-2023-24998 was incomplete`
		`+`
		`* Sun Jan 29 2023 Hui Wang <huwang@redhat.com> - 1:9.0.71-1`
		`- Update to 9.0.71`
		`- Remove osgi-annotations patch`

sonix commented a year ago

Update to 9.0.75 fixes CVE-2023-28709

https://bugzilla.redhat.com/show_bug.cgi?id=2210321
https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.74
- Fixed in v9.0.74 saw v9.0.75 was available so thought to update it to latest version

Proposing to update branches to 9.0.75.

Testing

% fedpkg --release rawhide mockbuild
% fedpkg --release f37 mockbuild --mock-config fedora-37-x86_64
% fedpkg --release f38 mockbuild --mock-config fedora-38-x86_64
% fedpkg --release f39 mockbuild --mock-config fedora-39-x86_64