Skip to content
Snippets Groups Projects
Commit e9395fe9 authored by VVD's avatar VVD Committed by Mikael Urankar
Browse files

www/tomcat9: Update to 9.0.62

Harden the class loader to provide a mitigation for CVE-2022-22965
a Spring Framework vulnerability: Effectively disable the
WebappClassLoaderBase.getResources() method as it is not used and
if something accidently exposes the class loader this method can be used to gain
access to Tomcat internals.

Changes: https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.62_(remm)

PR:		262975
parent 8126f2d8
No related branches found
No related tags found
No related merge requests found
# Created by: Alex Dupre <ale@FreeBSD.org>
PORTNAME= tomcat
PORTVERSION= 9.0.60
PORTVERSION= 9.0.62
CATEGORIES= www java
MASTER_SITES= APACHE/${PORTNAME}/${PORTNAME}-${PORTVERSION:C/([0-9])(.*)/\1/}/v${PORTVERSION}/bin
PKGNAMESUFFIX= 9
......
TIMESTAMP = 1647715316
SHA256 (apache-tomcat-9.0.60.tar.gz) = 89c5b55c8629cebb3c802aeec61e54a8d225f995ed7cdc88421aeb310cb12ce0
SIZE (apache-tomcat-9.0.60.tar.gz) = 11543791
TIMESTAMP = 1648808195
SHA256 (apache-tomcat-9.0.62.tar.gz) = 03157728a832cf9c83048cdc28d09600cbb3e4fa087f8b97d74c8b4f34cd89bb
SIZE (apache-tomcat-9.0.62.tar.gz) = 11560971
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment