security update in Fedora 22 for tomcat

Status: stable 3 years ago
  • Revert sysconfig migration changes, resolves: #1311771, #1311905
  • Add /etc/tomcat/conf.d/ with shell expansion support, resolves #1293636

  • Load sysconfig from tomcat.conf, resolves: #1311771, #1311905
  • Set default javax.sql.DataSource factory to apache commons one, resolves #1214381

  • Updated to 7.0.68
  • Fix symlinks from $CATALINA_HOME/lib perspective, resolves: #1308685
  • Fix tomcat user shell, resolves #1302718
  • Remove log4j support. It has never been working actually. See #1236297
  • Move shipped config to /etc/sysconfig/tomcat. /etc/tomcat/tomcat.conf can now be used to override it with shell expansion, resolves #1293636
  • Security fix for CVE-2016-0763

How to install

sudo dnf upgrade --advisory=FEDORA-2016-e6651efbaf

Comments 7

This update has been submitted for testing by van.

This update has obsoleted tomcat-7.0.68-2.fc22, and has inherited its bugs and notes.

This update has been pushed to testing.

Tested to see if there was an issue with Dogtag 10.2.6 on F22. There was, and this has been corrected by the following packages in Bodhi:

When used in conjunction with these two packages, this build of tomcat was tested by creating a new CA and successfully enrolling a certificate; no FreeIPA tests were attempted.

karma: +1 #1311771: +1

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for stable by van.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
Test Gating
Submitted by
Update Type
Update Severity
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Autopush (time)
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago

Related Bugs 9

00 #1214381 tomcat lib package doesn't include tomcat-dbcp.jar (which is required and different from apache-commons-dbcp)
00 #1236297 log4j not working on tomcat
00 #1293636 Systemd tomcat.service unit loads /etc/sysconfig/tomcat without shell expansion
00 #1302718 user 'tomcat': program '/bin/nologin' does not exist
00 #1308685 links are broken when viewed from /usr/share/tomcat/lib
00 #1311093 CVE-2016-0763 tomcat: security manager bypass via setGlobalContext()
00 #1311095 CVE-2015-5174 CVE-2015-5351 CVE-2016-0714 CVE-2016-0706 CVE-2015-5345 CVE-2015-5346 CVE-2016-0763 tomcat: multiple security vulnerabilities [epel-6]
0+1 #1311771 Tomcat 8.0.32 update breaks FreeIPA and Dogtag installations
00 #1311905 tomcat-8.0.32: tomcat version fails with load error org.apache.catalina.util.ServerInfo

Automated Test Results