summaryrefslogtreecommitdiff
path: root/www/jakarta-tomcat4/Makefile
diff options
context:
space:
mode:
authorErnst de Haan <znerd@FreeBSD.org>2002-10-10 22:51:09 +0000
committerErnst de Haan <znerd@FreeBSD.org>2002-10-10 22:51:09 +0000
commit2d0baff5f5c1f774deae58c891714c3749a0c7e7 (patch)
tree75399dda26bb3b3480733c494ebe13d85f759ff0 /www/jakarta-tomcat4/Makefile
parentUpdate to 0.7.0. (diff)
Upgrade to Tomcat 4.0.6, released on 9 October 2002. From the
News & Status page: A security vulnerability has been confirmed to exist in Apache Tomcat 4.0.x releases (including Tomcat 4.0.5), which allows to use a specially crafted URL to return the unprocessed source of a JSP page, or, under special circumstances, a static resource which would otherwise have been protected by security constraint, without the need for being properly authenticated. This is based on a variant of the exploit that was disclosed on 09/24/2002. See: http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/v4.0.6/RELEASE-NOTES
Notes
Notes: svn path=/head/; revision=67783
Diffstat (limited to 'www/jakarta-tomcat4/Makefile')
-rw-r--r--www/jakarta-tomcat4/Makefile3
1 files changed, 1 insertions, 2 deletions
diff --git a/www/jakarta-tomcat4/Makefile b/www/jakarta-tomcat4/Makefile
index a243dad33889..f3f2b6595309 100644
--- a/www/jakarta-tomcat4/Makefile
+++ b/www/jakarta-tomcat4/Makefile
@@ -6,8 +6,7 @@
#
PORTNAME= jakarta-tomcat
-PORTVERSION= 4.0.5
-PORTREVISION= 2
+PORTVERSION= 4.0.6
CATEGORIES= www java
MASTER_SITES= http://jakarta.apache.org/builds/jakarta-tomcat-${PORTVERSION:R}/release/v${PORTVERSION}/bin/ \
http://www.metaverse.nl/~ernst/ \