Request 99252: Submit tomcat6.openSUSE_11.3 - openSUSE Build Service

Overview

Request 99252 accepted

- fix bnc#727543 - VUL-0: Apache tomcat vulnerable to hash collision attack
backport upstream changes:
* generic CSRF protection layer (to have FilterBase needed for
FailedRequestFilter)
http://svn.apache.org/viewvc?view=revision&revision=1030547
* add getCharset method for B2Converter
http://svn.apache.org/viewvc?view=revision&revision=1140904
* add isConfigProblemFatal method
http://svn.apache.org/viewvc?view=revision&revision=1199122
* GET POST parameter processing performance. Adds maximum number of
parameters per request (defaults to 10000) and new FailedRequestFilter for
rejecting requests with excessive number of parameters
http://svn.apache.org/viewvc?view=revision&revision=1200601
- fix bnc#712784 - tomcat6: add missing Requires on java >= 1.6.0
* add recommends on java >= 1.6.0 and java-devel >= 1.6.0
- with CSRF protection layer manager and host-manager now supports
new roles, see
* /srv/tomcat6/webapps/docs/manager-howto.html
* /srv/tomcat6/webapps/manager/WEB-INF/web.xml
* /srv/tomcat6/webapps/host-manager/WEB-INF/web.xml

Created by mvyskocil over 12 years ago
In state accepted

Submit tomcat6.openSUSE_11.3

Comments for request 99252 0

Login required, please login in order to comment

Request History

mvyskocil created request over 12 years ago

- fix bnc#727543 - VUL-0: Apache tomcat vulnerable to hash collision attack
backport upstream changes:
* generic CSRF protection layer (to have FilterBase needed for
FailedRequestFilter)
http://svn.apache.org/viewvc?view=revision&revision=1030547
* add getCharset method for B2Converter
http://svn.apache.org/viewvc?view=revision&revision=1140904
* add isConfigProblemFatal method
http://svn.apache.org/viewvc?view=revision&revision=1199122
* GET POST parameter processing performance. Adds maximum number of
parameters per request (defaults to 10000) and new FailedRequestFilter for
rejecting requests with excessive number of parameters
http://svn.apache.org/viewvc?view=revision&revision=1200601
- fix bnc#712784 - tomcat6: add missing Requires on java >= 1.6.0
* add recommends on java >= 1.6.0 and java-devel >= 1.6.0
- with CSRF protection layer manager and host-manager now supports
new roles, see
* /srv/tomcat6/webapps/docs/manager-howto.html
* /srv/tomcat6/webapps/manager/WEB-INF/web.xml
* /srv/tomcat6/webapps/host-manager/WEB-INF/web.xml

oertel accepted request over 12 years ago

Accepted submit request 99252 from user mvyskocil

openSUSE Build Service is sponsored by