FEDORA-2016-e6651efbaf

security update in Fedora 22 for tomcat

Status: stable 3 years ago
  • Revert sysconfig migration changes, resolves: #1311771, #1311905
  • Add /etc/tomcat/conf.d/ with shell expansion support, resolves #1293636

  • Load sysconfig from tomcat.conf, resolves: #1311771, #1311905
  • Set default javax.sql.DataSource factory to apache commons one, resolves #1214381

  • Updated to 7.0.68
  • Fix symlinks from $CATALINA_HOME/lib perspective, resolves: #1308685
  • Fix tomcat user shell, resolves #1302718
  • Remove log4j support. It has never been working actually. See #1236297
  • Move shipped config to /etc/sysconfig/tomcat. /etc/tomcat/tomcat.conf can now be used to override it with shell expansion, resolves #1293636
  • Security fix for CVE-2016-0763

How to install

sudo dnf upgrade --advisory=FEDORA-2016-e6651efbaf

Comments 7

This update has been submitted for testing by van.

This update has obsoleted tomcat-7.0.68-2.fc22, and has inherited its bugs and notes.

This update has been pushed to testing.

Tested to see if there was an issue with Dogtag 10.2.6 on F22. There was, and this has been corrected by the following packages in Bodhi:

When used in conjunction with these two packages, this build of tomcat was tested by creating a new CA and successfully enrolling a certificate; no FreeIPA tests were attempted.

karma: +1 #1311771: +1

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for stable by van.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1214381 tomcat lib package doesn't include tomcat-dbcp.jar (which is required and different from apache-commons-dbcp)
#1236297 log4j not working on tomcat
#1293636 Systemd tomcat.service unit loads /etc/sysconfig/tomcat without shell expansion
#1302718 user 'tomcat': program '/bin/nologin' does not exist
#1308685 links are broken when viewed from /usr/share/tomcat/lib
#1311093 CVE-2016-0763 tomcat: security manager bypass via setGlobalContext()
#1311095 CVE-2015-5174 CVE-2015-5351 CVE-2016-0714 CVE-2016-0706 CVE-2015-5345 CVE-2015-5346 CVE-2016-0763 tomcat: multiple security vulnerabilities [epel-6]
#1311771 Tomcat 8.0.32 update breaks FreeIPA and Dogtag installations
#1311905 tomcat-8.0.32: tomcat version fails with load error org.apache.catalina.util.ServerInfo
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+1
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago

Related Bugs 9

00 #1214381 tomcat lib package doesn't include tomcat-dbcp.jar (which is required and different from apache-commons-dbcp)
00 #1236297 log4j not working on tomcat
00 #1293636 Systemd tomcat.service unit loads /etc/sysconfig/tomcat without shell expansion
00 #1302718 user 'tomcat': program '/bin/nologin' does not exist
00 #1308685 links are broken when viewed from /usr/share/tomcat/lib
00 #1311093 CVE-2016-0763 tomcat: security manager bypass via setGlobalContext()
00 #1311095 CVE-2015-5174 CVE-2015-5351 CVE-2016-0714 CVE-2016-0706 CVE-2015-5345 CVE-2015-5346 CVE-2016-0763 tomcat: multiple security vulnerabilities [epel-6]
0+1 #1311771 Tomcat 8.0.32 update breaks FreeIPA and Dogtag installations
00 #1311905 tomcat-8.0.32: tomcat version fails with load error org.apache.catalina.util.ServerInfo

Automated Test Results