From owner-svn-ports-head@freebsd.org  Sun Feb 28 22:24:09 2016
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E030AAB7440;
 Sun, 28 Feb 2016 22:24:09 +0000 (UTC) (envelope-from osa@freebsd.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 by mx1.freebsd.org (Postfix) with ESMTP id D86A313B2;
 Sun, 28 Feb 2016 22:24:09 +0000 (UTC) (envelope-from osa@freebsd.org)
Received: by freefall.freebsd.org (Postfix, from userid 975)
 id D55AE1266; Sun, 28 Feb 2016 22:24:09 +0000 (UTC)
Date: Sun, 28 Feb 2016 22:24:09 +0000
From: "Sergey A. Osokin" <osa@FreeBSD.org>
To: Mark Felder <feld@FreeBSD.org>
Cc: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: Re: svn commit: r409771 - head/www/tomcat7
Message-ID: <20160228222409.GI86014@FreeBSD.org>
References: <201602282207.u1SM7iFg085296@repo.freebsd.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <201602282207.u1SM7iFg085296@repo.freebsd.org>
User-Agent: Mutt/1.5.24 (2015-08-30)
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Feb 2016 22:24:10 -0000

Hi Mark,

thanks for the security update.  According to this page
https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.68
some of the security issues listed above have been fixed in 7.0.68.

Is there any chance to upgrade www/tomcat7 to latest security bugfix
release?

Thanks.

-- 
Sergey A. Osokin

On Sun, Feb 28, 2016 at 10:07:44PM +0000, Mark Felder wrote:
> Author: feld
> Date: Sun Feb 28 22:07:44 2016
> New Revision: 409771
> URL: https://svnweb.freebsd.org/changeset/ports/409771
> 
> Log:
>   www/tomcat7: Update to 7.0.67
>   
>   Changelog:	http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
>   
>   Security:	CVE-2015-5345
>   Security:	CVE-2015-5346
>   Security:	CVE-2015-5351
>   Security:	CVE-2016-0706
>   Security:	CVE-2016-0714
>   Security:	CVE-2016-0763
> 
> Modified:
>   head/www/tomcat7/Makefile
>   head/www/tomcat7/distinfo
> 
> Modified: head/www/tomcat7/Makefile
> ==============================================================================
> --- head/www/tomcat7/Makefile	Sun Feb 28 22:00:53 2016	(r409770)
> +++ head/www/tomcat7/Makefile	Sun Feb 28 22:07:44 2016	(r409771)
> @@ -2,7 +2,7 @@
>  # $FreeBSD$
>  
>  PORTNAME=	tomcat
> -PORTVERSION=	7.0.65
> +PORTVERSION=	7.0.67
>  CATEGORIES=	www java
>  MASTER_SITES=	APACHE/tomcat/tomcat-7/v${PORTVERSION}/bin
>  PKGNAMESUFFIX=	7
> 
> Modified: head/www/tomcat7/distinfo
> ==============================================================================
> --- head/www/tomcat7/distinfo	Sun Feb 28 22:00:53 2016	(r409770)
> +++ head/www/tomcat7/distinfo	Sun Feb 28 22:07:44 2016	(r409771)
> @@ -1,2 +1,2 @@
> -SHA256 (apache-tomcat-7.0.65.tar.gz) = ef0edb1f560702adc4096097ddfba038086d62da77d0b247d927fd326bc637e9
> -SIZE (apache-tomcat-7.0.65.tar.gz) = 8866946
> +SHA256 (apache-tomcat-7.0.67.tar.gz) = cd6074f30e2cc98f55213fd396264a760f4a4c8a9b3d4842546578eab8f5220e
> +SIZE (apache-tomcat-7.0.67.tar.gz) = 8886737
>