[tomcat6] resolves cve-2011-2204. Resolves missing commons-pool from tomcat6/lib
Dave Knox
dknox at fedoraproject.org
Thu Jun 30 19:08:19 UTC 2011
commit c7a789ba480f7b92232ed4248faf4f0570de05c5
Author: David Knox <dknox at dknox.(none)>
Date: Thu Jun 30 13:08:20 2011 -0600
resolves cve-2011-2204. Resolves missing commons-pool from tomcat6/lib
tomcat6-6.0.32-CVE-2011-2204-rhbz-717016.patch | 157 ++++++++++++++++++++++++
tomcat6.spec | 15 ++-
2 files changed, 170 insertions(+), 2 deletions(-)
---
diff --git a/tomcat6-6.0.32-CVE-2011-2204-rhbz-717016.patch b/tomcat6-6.0.32-CVE-2011-2204-rhbz-717016.patch
new file mode 100644
index 0000000..f6ba43b
--- /dev/null
+++ b/tomcat6-6.0.32-CVE-2011-2204-rhbz-717016.patch
@@ -0,0 +1,157 @@
+--- java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java.orig 2011-06-28 09:28:45.429760363 -0600
++++ java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java 2011-06-28 10:12:42.771759755 -0600
+@@ -180,7 +180,7 @@
+ MBeanUtils.createMBean(group);
+ } catch (Exception e) {
+ IllegalArgumentException iae = new IllegalArgumentException
+- ("Exception creating group " + group + " MBean");
++ ("Exception creating group " + groupname + " MBean");
+ iae.initCause(e);
+ throw iae;
+ }
+@@ -203,7 +203,7 @@
+ MBeanUtils.createMBean(role);
+ } catch (Exception e) {
+ IllegalArgumentException iae = new IllegalArgumentException
+- ("Exception creating role " + role + " MBean");
++ ("Exception creating role " + rolename + " MBean");
+ iae.initCause(e);
+ throw iae;
+ }
+@@ -228,7 +228,7 @@
+ MBeanUtils.createMBean(user);
+ } catch (Exception e) {
+ IllegalArgumentException iae = new IllegalArgumentException
+- ("Exception creating user " + user + " MBean");
++ ("Exception creating user " + username + " MBean");
+ iae.initCause(e);
+ throw iae;
+ }
+@@ -256,7 +256,7 @@
+ return (oname.toString());
+ } catch (MalformedObjectNameException e) {
+ IllegalArgumentException iae = new IllegalArgumentException
+- ("Cannot create object name for group " + group);
++ ("Cannot create object name for group [" + groupname + "]");
+ iae.initCause(e);
+ throw iae;
+ }
+@@ -283,7 +283,7 @@
+ return (oname.toString());
+ } catch (MalformedObjectNameException e) {
+ IllegalArgumentException iae = new IllegalArgumentException
+- ("Cannot create object name for role " + role);
++ ("Cannot create object name for role [" + rolename + "]");
+ iae.initCause(e);
+ throw iae;
+ }
+@@ -310,7 +310,7 @@
+ return (oname.toString());
+ } catch (MalformedObjectNameException e) {
+ IllegalArgumentException iae = new IllegalArgumentException
+- ("Cannot create object name for user " + user);
++ ("Cannot create object name for user [" + username + "]");
+ iae.initCause(e);
+ throw iae;
+ }
+@@ -335,7 +335,7 @@
+ database.removeGroup(group);
+ } catch (Exception e) {
+ IllegalArgumentException iae = new IllegalArgumentException
+- ("Exception destroying group " + group + " MBean");
++ ("Exception destroying group [" + groupname + "] MBean");
+ iae.initCause(e);
+ throw iae;
+ }
+@@ -360,7 +360,7 @@
+ database.removeRole(role);
+ } catch (Exception e) {
+ IllegalArgumentException iae = new IllegalArgumentException
+- ("Exception destroying role " + role + " MBean");
++ ("Exception destroying role [" + role + "] MBean");
+ iae.initCause(e);
+ throw iae;
+ }
+@@ -385,7 +385,7 @@
+ database.removeUser(user);
+ } catch (Exception e) {
+ IllegalArgumentException iae = new IllegalArgumentException
+- ("Exception destroying user " + user + " MBean");
++ ("Exception destroying user [" + username + "] MBean");
+ iae.initCause(e);
+ throw iae;
+ }
+--- java/org/apache/catalina/users/MemoryUser.java.orig 2011-06-28 09:28:55.576760342 -0600
++++ java/org/apache/catalina/users/MemoryUser.java 2011-06-28 10:00:15.373759897 -0600
+@@ -246,7 +246,7 @@
+ * <code>username</code> or </code>name</code> for the username
+ * property.</p>
+ */
+- public String toString() {
++ public String toXml() {
+
+ StringBuffer sb = new StringBuffer("<user username=\"");
+ sb.append(RequestUtil.filter(username));
+@@ -293,5 +293,51 @@
+
+ }
+
++ /**
++ * <p>Return a String representation of this user.</p>
++ */
++ @Override
++ public String toString() {
++
++ StringBuilder sb = new StringBuilder("User username=\"");
++ sb.append(RequestUtil.filter(username));
++ sb.append("\"");
++ if ( fullName != null) {
++ sb.append(", fullName=\"");
++ sb.append(RequestUtil.filter(fullName));
++ sb.append("\"");
++ }
++ synchronized (groups) {
++ if (groups.size() > 0) {
++ sb.append(", groups=\"");
++ int n = 0;
++ Iterator<Group> values = groups.iterator();
++ while (values.hasNext()) {
++ if (n > 0) {
++ sb.append(',');
++ }
++ n++;
++ sb.append(RequestUtil.filter(values.next().getGroupname()));
++ }
++ sb.append("\"");
++ }
++ }
++ synchronized (roles) {
++ if (roles.size() > 0) {
++ sb.append(", roles=\"");
++ int n = 0;
++ Iterator<Role> values = roles.iterator();
++ while (values.hasNext()) {
++ if (n > 0) {
++ sb.append(',');
++ }
++ n++;
++ sb.append(RequestUtil.filter(values.next().getRolename()));
++ }
++ sb.append("\"");
++ }
++ }
++ return (sb.toString());
++ }
+
+ }
+--- java/org/apache/catalina/users/MemoryUserDatabase.java.orig 2011-06-28 09:29:08.873760339 -0600
++++ java/org/apache/catalina/users/MemoryUserDatabase.java 2011-06-28 09:30:30.370760318 -0600
+@@ -549,7 +549,7 @@
+ values = getUsers();
+ while (values.hasNext()) {
+ writer.print(" ");
+- writer.println(values.next());
++ writer.println(((MemoryUser) values.next()).toXml());
+ }
+
+ // Print the file epilog
diff --git a/tomcat6.spec b/tomcat6.spec
index fdd4b01..f84cd3e 100644
--- a/tomcat6.spec
+++ b/tomcat6.spec
@@ -53,7 +53,7 @@
Name: tomcat6
Epoch: 0
Version: %{major_version}.%{minor_version}.%{micro_version}
-Release: 8%{?dist}
+Release: 9%{?dist}
Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
Group: Networking/Daemons
@@ -74,6 +74,8 @@ Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.p
Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch
# In 6.0.32 source
#Patch2: %{name}-%{major_version}.%{minor_version}-rhbz-674601.patch
+Patch3: %{name}-6.0.32-CVE-2011-2204-rhbz-717016.patch
+
BuildArch: noarch
BuildRequires: ant
@@ -211,6 +213,8 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name "
%patch0 -p0
%patch1 -p0
# %patch2 -p0
+%patch3 -p0
+
%{__ln_s} $(build-classpath jakarta-taglibs-core) webapps/examples/WEB-INF/lib/jstl.jar
%{__ln_s} $(build-classpath jakarta-taglibs-standard) webapps/examples/WEB-INF/lib/standard.jar
@@ -322,9 +326,11 @@ pushd ${RPM_BUILD_ROOT}%{_javadir}
%{__ln_s} %{name}-el-%{elspec}-api.jar %{name}-el-api.jar
popd
+# apache-commons-dbcp
pushd output/build
%{_bindir}/build-jar-repository lib apache-commons-collections \
- apache-commons-dbcp apache-commons-pool ecj 2>&1
+ apache-commons-dbcp apache-commons-pool ecj 2>&1
+
# need to use -p here with b-j-r otherwise the examples webapp fails to
# load with a java.io.IOException
%{_bindir}/build-jar-repository -p webapps/examples/WEB-INF/lib \
@@ -338,6 +344,7 @@ pushd ${RPM_BUILD_ROOT}%{libdir}
%{__ln_s} ../%{name}-el-%{elspec}-api.jar .
%{__ln_s} $(build-classpath apache-commons-collections) commons-collections.jar
%{__ln_s} $(build-classpath apache-commons-dbcp) commons-dbcp.jar
+ %{__ln_s} $(build-classpath apache-commons-pool) commons-pool.jar
%{__ln_s} $(build-classpath log4j) log4j.jar
%{__ln_s} $(build-classpath ecj) jasper-jdt.jar
@@ -566,6 +573,10 @@ fi
%{appdir}/sample
%changelog
+* Wed Jun 29 2011 Dave Knox <dknox at redhat.com> 0:6.0.32-9
+- Resolves: CVE-2011-2204
+- Added missing commons-pool to tomcat6/lib
+
* Mon May 16 2011 Alexander Kurtakov <akurtako at redhat.com> 0:6.0.32-8
- Update servlet and jsp osgi manifests.
More information about the scm-commits
mailing list