HomeFreeBSD
Diffusion FreeBSD ports repository aa0e9b08ea56

www/tomcat-devel: Update to 10.1.0-M14
aa0e9b08ea56
Actions

Description

www/tomcat-devel: Update to 10.1.0-M14

Harden the class loader to provide a mitigation for CVE-2022-22965
a Spring Framework vulnerability: Effectively disable the
WebappClassLoaderBase.getResources() method as it is not used and
if something accidently exposes the class loader this method can be used to gain
access to Tomcat internals.

Changes: https://tomcat.apache.org/tomcat-10.1-doc/changelog.html#Tomcat_10.1.0-M14_(markt)

PR: 262975
(cherry picked from commit 530a0b5108770215b871ffce6096efde37e65a65)

Details

Provenance
vvdAuthored on Apr 2 2022, 1:42 PM
Mikael Urankar <mikael@FreeBSD.org>Committed on Apr 2 2022, 2:04 PM
Parents
R11:5567d41c0608: net-mgmt/chronograf: Update distinfo of yarn cache after PORTREVISION bumped
Branches
Unknown
Tags
Unknown

Event Timeline

Mikael Urankar <mikael@FreeBSD.org> committed R11:aa0e9b08ea56: www/tomcat-devel: Update to 10.1.0-M14 (authored by vvd).Apr 2 2022, 2:04 PM

Changes (3)

PathSize
www/
tomcat-devel/

R11:aa0e9b08ea56

View Options

www/tomcat-devel/Makefile

Loading...
View Options

www/tomcat-devel/distinfo

Loading...
View Options

www/tomcat-devel/pkg-plist

Loading...