tomcat6-admin-webapps-6.0.32-42.1e>UA4yO' fdsn8?R8$jq@B>uDbp4]h|]"Z-1+d>5-?-d $ d 06@(( 0( (  ( (( P(((  ( < T h ( 8 9 `: F'JG'`(H((I((X(Y(\((])x(^* b,sc,d-e-f-l-z-Ctomcat6-admin-webapps6.0.3242.1The host-manager and manager web applications for Apache TomcatThe host-manager and manager web applications for Apache Tomcat.R8build15 openSUSE 11.4openSUSEApache-2.0http://bugs.opensuse.orgProductivity/Networking/Web/Servershttp://tomcat.apache.orglinuxnoarch #! o`Ys+f ~s" )Y o`Ys+vA큤A큤A큤A큤A큤A큤AA큤A큤R R R R R R R R-RRRRRRR RRR R R R R-R R R R R R R-RRRRRRR RRR R 1be9253590a360cf4b91ef0fb7358aec6f7f1ea8f96ab07e25ab898b5ef43a5dfbd8c06f3c0438541cb3fcfad8ec7ddfdba38fbd3af670478536261da7808da5dea87dfff707ca3724b5d23e37ac717d0541d3df42520911f268abc730f3afe0e4ef0bb77622e815ebbb3cbc2ee037fbcd802c4f7c2ad1a5824ddca21687bd275137f5a90f2b128fd6031d4289ca3165b065215c007b83a52c75c174bda86611b8ebd781db53b856efa8e873fa4d2f6e3cad58ab869b04f6d0e8c4a24d2944aa6d22e4f2d2057c6e8d6fab098e76e80f0d36c005156737e40cfc9d1af28f7b344789c1e340a020269f296543502414d53c90ab4e0583def26f2f699bec84019dfbd8c06f3c0438541cb3fcfad8ec7ddfb188d35155de3309f5b10159ecb2a27935335fd7656daa8d17d91b733e0b71c0dee516c5d2a25ec2593386f6b9914b7adea87dfff707ca3724b5d23e37ac717d0541d3df42520911f268abc730f3afe0e4ef0bb77622e815ebbb3cbc2ee037fbcd802c4f7c2ad1a5824ddca21687bd275137f5a90f2b128fd6031d4289ca3165b065215c007b83a52c75c174bda86611b8ebd781db53b856efa8e873fa4d2f6e3cad58ab869b04f6d0e8c4a24d2944aa6d22e4f2d2057c6e8d6fab098e76e80fbcf8abb4052e7cdf25039bdcd56b8268f0a8a2109fef47aa032bf616738f33a7rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroottomcat6-6.0.32-42.1.src.rpmtomcat6-admin-webapps    tomcat6rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)rpmlib(PayloadIsLzma)6.0.32-42.14.0.4-14.0-13.0.4-14.4.6-14.8.0RP @PѬ@O/ONqNI @MU$MLOL@LcL>@Kie@KC)JH@J#J67J&eI?@lijewski.stefan@gmail.comlijewski.stefan@gmail.comlijewski.stefan@gmail.commvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.czmvyskocil@suse.cz- tomcat-CVE-2013-2067.patch (bnc#831117) - tomcat-CVE-2012-3544.patch (bnc#831119) - use chown --no-dereference to prevent symlink attacks on log (bnc#822177#c7/prevents CVE-2013-1976)- fix bnc#794548 - denial of service (CVE-2012-4534) * apache-tomcat-CVE-2012-4534.patch fixes apache#53138, apache#52858 http://svn.apache.org/viewvc?view=rev&rev=1372035 - fix a minor issue in apache-tomcat-CVE-2012-4431.patch use the already initialized session variable instead of an another call req.getSesssion()- fix bnc#793394 - bypass of security constraints (CVE-2012-3546) * apache-tomcat-CVE-2012-3546.patch http://svn.apache.org/viewvc?view=revision&revision=1381035 - fix bnc#793391 - bypass of CSRF prevention filter (CVE-2012-4431) * apache-tomcat-CVE-2012-4431.patch http://svn.apache.org/viewvc?view=revision&revision=1394456 - document how to protect against slowloris DoS (CVE-2012-5568/bnc#791679) in README.SUSE - fixes bnc#791423 - cnonce tracking weakness (CVE-2012-5885) bnc#791424 - authentication caching weakness (CVE-2012-5886) bnc#791426 - stale nonce weakness (CVE-2012-5887) * apache-tomcat-CVE-2009-2693-CVE-2009-2901-CVE-2009-2902.patch http://svn.apache.org/viewvc?view=revision&revision=1380829 - fix bnc#789406 - HTTP NIO connector OOM DoS via a request with large headers (CVE-2012-2733) * http://svn.apache.org/viewvc?view=revision&revision=1356208- fix bnc#742477 - iManager throws exception in its basic functionalities * http://svn.apache.org/viewvc?view=revision&revision=1206324 * http://svn.apache.org/viewvc?view=revision&revision=1229027 - fix bnc#735343 - VUL-1: tomcat: Multiple weaknesses in HTTP DIGEST * http://svn.apache.org/viewvc?view=revision&revision=1158180 fixes CVE-2011-5062, CVE-2011-5063, CVE-2011-5064 and CVE-2011-1184 - fix bnc#743055 - VUL-1: CVE-2011-3375: tomcat: information disclosure due to improper response and request object recycling- fix bnc#727543 - VUL-0: Apache tomcat vulnerable to hash collision attack backport upstream changes: * add getCharset method for B2Converter http://svn.apache.org/viewvc?view=revision&revision=1140904 * add isConfigProblemFatal method http://svn.apache.org/viewvc?view=revision&revision=1199122 * GET POST parameter processing performance. Adds maximum number of parameters per request (defaults to 10000) and new FailedRequestFilter for rejecting requests with excessive number of parameters http://svn.apache.org/viewvc?view=revision&revision=1200601 - fix bnc#712784 - tomcat6: add missing Requires on java >= 1.6.0 * add recommends on java >= 1.6.0 and java-devel >= 1.6.0- fix bnc#715991 - VUL-0: tomcat authentication bypass and information disclosure (CVE-2011-3190) * http://svn.apache.org/viewvc?view=revision&revision=1162959- fix bnc#706404 - VUL-0: tomcat user password information leak (CVE-2011-2204) * http://svn.apache.org/viewvc?view=revision&revision=1140071 - fix bnc#706382 - VUL-0: tomcat information leak and DoS (CVE-2011-2526) * http://svn.apache.org/viewvc?view=revision&revision=1146703 - fix bnc#702289 - suse manager pam ldap authentication fails * source CATALINA_HOME/bin/setenv.sh if exists- update to latest upstream version 6.0.32 (bugfix release) - obsolete CVE-2010-4172 patch - fixes bnc#669897 (CVE-2010-3718), bnc#669926 (CVE-2010-4476), bnc#669928 (CVE-2011-0013) and bnc#669930 (CVE-2011-0534)- fix bnc#655440#c14 - clean workdir of tomcat's webapps to be sure our fixed jsps will be redeployed on each update- fix bnc#655440 - VUL-0: tomcat6: Apache Tomcat Manager application XSS vulnerability (CVE-2010-4172) http://svn.apache.org/viewvc?view=revision&revision=1037779 - fix bnc#653586 - spacewalk 1.2 requires jasper 5.5 * add offline jasper compiler /usr/bin/jspc - unpack tarball to apache-tomcat-$VERSION-src directory directly- Fix bnc#650130 - Update of tomcat6 not possible (cpio: Is a directory) * workaround the rpm bug - it cannot update directory to symlink * make /etc/tomcat6/Catalina/ as ghost file * create link in %posttrans- Update to 6.0.29 (bugfix release) - fix bnc#625415: Tomcat6 does not have permissions to its own directories * also fix the /etc/tomcat6/Catalina link target - revert a setclasspath.sh changes - disable user/group verification of tomcat owned files and directories to allow easy change of the tomcat user without rpm --verify complaints- Update to 6.0.28 (bugfix release) - fix bnc#565901 - missing catalina.sh again * move catalina.sh to CATALINA_HOME/bin * add jpackage.org compatible CATALINA_HOME/bin/setclasspath.sh - add missing logrotate requires - install scripts with mode 0755- Update to 6.0.24 (bugfix release). This obsoletes patch * tomcat6-bug47316.patch - Merged with tomcat6-6.0.18-10.jpp6.src.rpm * return the jpackage.org license header in spec * polish in spec (use more macros) * add logrotate support * add patch to document webapps in %%{_sysconfdir}/%%{name}/tomcat-users.xml * move %%{_bindir}/d%%{name} to %%{_sbindir}/%%{name} and provide symlink to %%{_sbindir}/d%%{name} * add digest and tool-wrapper scripts * explicitly unset CLASSPATH * explicitly set OPT_JAR_LIST to include ant/ant-trax * build and install sample webapp * use copy instead of move to fix short-circuit install build * version jsp and servlet Provides with their spec versions * make initscript LSB-complaint * add el subpackage- fixed bnc#565901 - missing catalina.sh * added catalina.sh (link from dtomcat6) to improve upstream compatibility- fixed bnc#542634: Tomcat NPE on start applied patch from upstream bugzilla https://issues.apache.org/bugzilla/show_bug.cgi?id=47316#c3- fixed bnc#520532: marked all webapp/ROOT/* files as config(noreplace) - marked /etc/ant.d/catalina-ant as config(noreplace)- added a missing -p1 for %patch0- fixed bnc#488061: work directory clean on tomcat stop - update to 6.0.20 - the bugfix release: * MemoryUserDatabase is read-only by default * Allow huge request body packets for AJP13 * Never return an empty HTTP status reason phrase * Prevent double initialisation of JSPs * A node should ignore its own heartbeat messages * Prettry error messages (instead of stacktrace) if shutdown port is disabled- fixed bnc#418664 - Tomcat6 installation has missing bits - added /etc/ant.d/catalina-ant - another fix for bnc#471639 - tomcat does not start/work * merged a sysconfig and tomcat6.conf to allow a dtomcat6 start works * also fixs (bnc#471639) - fixed bnc#424675 - Access rights to /etc/tomcat6 directory not set right * create a link from /etc/tomcat6/Catalina to /var/cache/tomcat6/Catalina - removed a CATALINA_OPTS from stop in dtcomcat6 (bao#42951)build15 1377622072               5    ! % " {  } ~    q       5   # $6.0.32-42.1 host-manager401.jsp403.jspMETA-INFcontext.xmlWEB-INFweb.xmlimagesadd.gifasf-logo.gifcode.gifdesign.gifdocs.giffix.giftomcat.gifupdate.gifvoid.gifmanager.xmlmanager401.jsp403.jspMETA-INFcontext.xmlWEB-INFjspsessionDetail.jspsessionsList.jspweb.xmlimagesadd.gifasf-logo.gifcode.gifdesign.gifdocs.giffix.giftomcat.gifupdate.gifvoid.gifstatus.xsdxform.xsl/srv/tomcat6/webapps//srv/tomcat6/webapps/host-manager//srv/tomcat6/webapps/host-manager/META-INF//srv/tomcat6/webapps/host-manager/WEB-INF//srv/tomcat6/webapps/host-manager/images//srv/tomcat6/webapps/manager//srv/tomcat6/webapps/manager/META-INF//srv/tomcat6/webapps/manager/WEB-INF//srv/tomcat6/webapps/manager/WEB-INF/jsp//srv/tomcat6/webapps/manager/images/-fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -gobs://build.opensuse.org/openSUSE:Evergreen:Maintenance:178/openSUSE_Evergreen_11.4/c339ff0982b4999fa7d0d3e3111385b8-tomcat6.openSUSE_Evergreen_11.4drpmlzma5noarch-suse-linux1Q"qwEa?]"k%x3phcDgэֵ=Vg\1, ݤ1FFv/P&' Rz>ƍdxc=~#snd9hAUOYQ!ơ>؊3\S/p&g= 2i8|1rOUs_r"l>k̮-9S' 6w;T*E_ҿS(8-O2#!úZt5j"3_R7_#7}",.z,(A(Jqq/2_J6!1,7 VJ3YB<ٖDTM!ƛ'?jMǩa_,EaU-[^m ֺ._|XVjyQ uvnju`R(\v+]yM[Ec .}bl^~ ~pUȱyQwm.(?_n! }D*, Vm2UY[wR~{R'¡;Cb>@Q5j6GVh\agÌP1|w0Q[ŵ $SzV+j-M'G-7e",Yۏpꢮy5^śqJʽ^R h "93r U;.%fPw_>}I>1sD3Aba3$;d#a^VTGG&,dArv+Ir"C]4w{\?F./I'<zwT+;h1iP7ZBn<#;dV:_/Ѿ"'y&j"?͊Zo4ak6_1QJT$) *v޲