diff options
author | Ernst de Haan <znerd@FreeBSD.org> | 2002-10-10 22:51:09 +0000 |
---|---|---|
committer | Ernst de Haan <znerd@FreeBSD.org> | 2002-10-10 22:51:09 +0000 |
commit | 2d0baff5f5c1f774deae58c891714c3749a0c7e7 (patch) | |
tree | 75399dda26bb3b3480733c494ebe13d85f759ff0 /www/jakarta-tomcat4/Makefile | |
parent | Update to 0.7.0. (diff) |
Upgrade to Tomcat 4.0.6, released on 9 October 2002. From the
News & Status page:
A security vulnerability has been confirmed to exist in
Apache Tomcat 4.0.x releases (including Tomcat 4.0.5),
which allows to use a specially crafted URL to return the
unprocessed source of a JSP page, or, under special
circumstances, a static resource which would otherwise have been
protected by security constraint, without the need for being
properly authenticated. This is based on a variant of the
exploit that was disclosed on
09/24/2002.
See:
http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/v4.0.6/RELEASE-NOTES
Notes
Notes:
svn path=/head/; revision=67783
Diffstat (limited to 'www/jakarta-tomcat4/Makefile')
-rw-r--r-- | www/jakarta-tomcat4/Makefile | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/www/jakarta-tomcat4/Makefile b/www/jakarta-tomcat4/Makefile index a243dad33889..f3f2b6595309 100644 --- a/www/jakarta-tomcat4/Makefile +++ b/www/jakarta-tomcat4/Makefile @@ -6,8 +6,7 @@ # PORTNAME= jakarta-tomcat -PORTVERSION= 4.0.5 -PORTREVISION= 2 +PORTVERSION= 4.0.6 CATEGORIES= www java MASTER_SITES= http://jakarta.apache.org/builds/jakarta-tomcat-${PORTVERSION:R}/release/v${PORTVERSION}/bin/ \ http://www.metaverse.nl/~ernst/ \ |