Subject: CVS commit: pkgsrc/www/apache-tomcat55
From: OBATA Akio
Date: 2012-04-04 13:34:27
Message id:

Log Message:
Update apache-tomcat to 5.5.35.
(fix CVE-2011-4858)

Tomcat 5.5.35 (jim)
        * Make configuration issues for security related Valves and Filters
          result in the failure of the valve or filter rather than just a
          warning message. (markt)
        * Ensure changes to the configuration of the RemoteHostValve and the
	  RemoteAddrValve via JMX are thread-safe. (markt)
        * In RequestFilterValve (RemoteAddrValve, RemoteHostValve): refactor
	  value matching logic into separate method and expose this new method
          isAllowed through JMX. (kkolinko)
        * Improve performance of parameter processing for GET and POST requests.
          Also add an option to limit the maximum number of parameters processed
          per request. This defaults to 10000. Excessive parameters are ignored.
          Note that FailedRequestFilter can be used to reject the request if
          some parameters were ignored. (markt/kkolinko)
        * New filter FailedRequestFilter that will reject a request if there
          were errors during HTTP parameter parsing. (kkolinko)
        * 52384: Do not fail with parameter parsing when debug logging is
          enabled. (kkolinko, jim)
        * Do not flag extra '&' characters in parameters as parse errors.
          (kkolinko, jim)
        * Slightly improve performance of UDecoder.convert(). Align %2f handling
          between implementations. (kkolinko)
        * 52225: Fix ClassCastException when adding an alias for an existing
          host via JMX. (kkolinko)
        * Do not throw an IllegalArgumentException from a parseParameters() call
          when a chunked POST request is too large, but treat it like an IO
          error. (kkolinko)
        * Add SetCharacterEncodingFilter (similar to the one contained in the
          examples web application) to the org.apache.catalina.filters package
          so it is available for all web applications. (kkolinko)

        * Update Eclipse compiler to 3.7 and switch to using ecj.jar. (markt)

        * Improve multi-byte character handling in all connectors. (rjung)

        * 52335: Only handle <\% and not \% as escaped in template text. (markt)

        * 52049: Improve setup instructions for running as a Windows service:
          correct information on how a JRE is identified and selected.
        * 52172: Update Tomcat build instructions. Includes changes proposed by
          bmargulies. (kkolinko)
        * 52243: Improve windows service documentation to clarify how to include
          # and/or ; in the value of an environment variable that is passed to
          the service. (markt)

        * 52059: Ensure Windows registry keys are removed when using the
          un-install option of the Windows installer. (markt)