summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBjörn Höfling <bjoern.hoefling@bjoernhoefling.de>2020-03-22 13:34:01 +0100
committerBjörn Höfling <bjoern.hoefling@bjoernhoefling.de>2020-03-26 21:39:49 +0100
commiteebaed2b7662d514fa93cae753bc14451ba6814f (patch)
tree7cc72ead92a1f642d0eaa43736a99a806d7f8f8e
parent3089b70d766bd9ec70e1464867130b7b864fbe17 (diff)
gnu: java-tomcat: Update to 8.5.53.
This fixes CVE-2020-1938 ("Ghostcat"). * gnu/packages/web.scm (java-tomcat): Update to 8.5.53. [properties]: Add cpe-name.
-rw-r--r--gnu/packages/web.scm6
1 files changed, 4 insertions, 2 deletions
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 10cbf6165b..6ce8b78c85 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -39,6 +39,7 @@
;;; Copyright © 2020 Timotej Lazar <timotej.lazar@araneo.si>
;;; Copyright © 2020 Alexandros Theodotou <alex@zrythm.org>
;;; Copyright © 2020 Pierre Neidhardt <mail@ambrevar.xyz>
+;;; Copyright © 2018, 2019, 2020 Björn Höfling <bjoern.hoefling@bjoernhoefling.de>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -6109,14 +6110,14 @@ encoder/decoder based on the draft-12 specification for UBJSON.")
(define-public java-tomcat
(package
(name "java-tomcat")
- (version "8.5.46")
+ (version "8.5.53")
(source (origin
(method url-fetch)
(uri (string-append "mirror://apache/tomcat/tomcat-8/v"
version "/src/apache-tomcat-" version "-src.tar.gz"))
(sha256
(base32
- "0fb49gsqa3r6jrwc54yynvsakq9qbzr2pbxr7a29c2zvja2v65iq"))
+ "15lwq3clf21hzk7mma70sffpxjqn8ww5mjq6zhmwcp4m17m22z26"))
(modules '((guix build utils)))
;; Delete bundled jars.
(snippet
@@ -6194,6 +6195,7 @@ encoder/decoder based on the draft-12 specification for UBJSON.")
(let ((out (assoc-ref outputs "out")))
(copy-recursively "output/build" out))
#t)))))
+ (properties '((cpe-name . "tomcat")))
(home-page "https://tomcat.apache.org")
(synopsis "Java Servlet, JavaServer Pages, Java Expression Language and Java
WebSocket")