kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/www/jakarta-tomcat4
History
Ernst de Haan 2d0baff5f5 Upgrade to Tomcat 4.0.6, released on 9 October 2002. From the 
News & Status page:

	A security vulnerability has been confirmed to exist in
	Apache Tomcat 4.0.x releases (including Tomcat 4.0.5),
	which allows to use a specially crafted URL to return the
	unprocessed source of a JSP page, or, under special
	circumstances, a static resource which would otherwise have been
	protected by security constraint, without the need for being
	properly authenticated.  This is based on a variant of the
	exploit that was disclosed on
	09/24/2002.

See:
http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/v4.0.6/RELEASE-NOTES
2002-10-10 22:51:09 +00:00
..
files Fixed daemonctl control program to work with the FreeBSD JDK 1.3.1. 2002-10-09 23:10:32 +00:00
distinfo Upgrade to Tomcat 4.0.6, released on 9 October 2002. From the 2002-10-10 22:51:09 +00:00
Makefile Upgrade to Tomcat 4.0.6, released on 9 October 2002. From the 2002-10-10 22:51:09 +00:00
pkg-comment Improved package comment (IMO). 2002-04-04 22:52:30 +00:00
pkg-deinstall Upgrade to Jakarta Tomcat 4.0.3. The Jakarta Tomcat 3 2002-04-01 22:01:22 +00:00
pkg-descr
pkg-install Checks for the existence of a 'www' user and group. Forgot to add 2002-02-21 20:08:30 +00:00
pkg-plist Upgrade to Tomcat 4.0.6, released on 9 October 2002. From the 2002-10-10 22:51:09 +00:00