tomcat-jsvc-0:7.0.76-16.el7_9>t  DH`p_.$ƨ!hZK$\2= lN!#~,77edtIΐ!@βDQ14LӤk@QUGi|zP1 i CAw/2P*&{aSnQPI~g$9R \n5Ddv[,,әVC=s)AW_ɭo `;VKbژ8r#=VXgkUwW2猪%gMHpA5ERo@ӕʄEF?'&6 o1yے˥n#IMߔrW 0-]G0$s@l’pY}WT}`EF"m2w)jÈmoB5 ?%IhG*,D1V&OHIr謓 PWC.)RSEVP %;`J]\k8D\)UDOsaW*h> fg%My s ܿe )[nnQ<@ $bgm KNaOnLLԒig_>8:?:d  $ ^(,DHOW      !&HLXp($8,M9`M:MG9TH9XI9\X9`Y9d\9x]9|^9b9d:xe:}f:l:t:u:v:w:x::Ctomcat-jsvc7.0.7616.el7_9Apache jsvc wrapper for Apache Tomcat as separate serviceSystemd service and wrapper scripts to start tomcat with jsvc, which allows tomcat to perform some privileged operations (e.g. bind to a port < 1024) and then switch identity to a non-privileged user._Wx86-01.bsys.centos.orgCentOSASL 2.0CentOS BuildSystem System Environment/Daemonshttp://tomcat.apache.org/linuxnoarch_5d0ac947eb01462b0058ee723b2f3772eee765af7f1b06f08873f2c4c69832977rootroottomcat-7.0.76-16.el7_9.src.rpmtomcat-jsvc    apache-commons-daemon-jsvcrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)tomcatrpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-10:7.0.76-16.el7_95.2-14.11.3_k8_^m@^^^^F]nU\b@[[WZZ@ZNY9<@XۡWW:WWWv[@Wq@Wc@WV@WUeUQTwS@SNpS*@S*@R߲Ra@RkQ2Q4Q$Q$QPCP@PBP~P7lP O@O@O,@OiO`@ODO 0:7.0.76-16Coty Sutherland 0:7.0.76-15Coty Sutherland 0:7.0.76-14Coty Sutherland 0:7.0.76-13Coty Sutherland 0:7.0.76-12Coty Sutherland 0:7.0.76-11Coty Sutherland 0:7.0.76-10Coty Sutherland 0:7.0.76-9Coty Sutherland 0:7.0.76-8Jean-Frederic Clere 0:7.0.76-7Coty Sutherland 0:7.0.76-6Coty Sutherland 0:7.0.76-5Coty Sutherland 0:7.0.76-3Coty Sutherland 0:7.0.76-2Coty Sutherland - 0:7.0.76-1Coty Sutherland - 0:7.0.69-10Coty Sutherland - 0:7.0.69-9Coty Sutherland - 0:7.0.69-7Coty Sutherland - 0:7.0.69-6Coty Sutherland - 0:7.0.69-5Coty Sutherland - 0:7.0.69-4Coty Sutherland - 0:7.0.69-3Coty Sutherland - 0:7.0.69-2Coty Sutherland - 0:7.0.69-1David Knox - 0:7.0.54-2David Knox - 0:7.0.54-1David Knox - 0:7.0.43-6David Knox - 0:7.0.42-5David Knox - 0:7.0.42-4David Knox - 0:7.0.42-3David Knox - 0:7.0.42-2David Knox - 0:7.0.42-1Daniel Mach - 07.0.40-3Ivan Afonichev 0:7.0.40-1Mikolaj Izdebski - 0:7.0.37-2Ivan Afonichev 0:7.0.39-1Ivan Afonichev 0:7.0.37-1Ivan Afonichev 0:7.0.35-1Ivan Afonichev 0:7.0.34-1Ivan Afonichev 0:7.0.33-2Ivan Afonichev 0:7.0.33-1Ivan Afonichev 0:7.0.32-1Ivan Afonichev 0:7.0.29-1Fedora Release Engineering - 0:7.0.28-2Ivan Afonichev 0:7.0.28-1Ivan Afonichev 0:7.0.27-2Ivan Afonichev 0:7.0.27-1Stanislav Ochotnicky - 0:7.0.26-2Juan Hernandez 0:7.0.26-2Ivan Afonichev 0:7.0.26-1Krzysztof Daniel 0:7.0.25-4Krzysztof Daniel 0:7.0.25-3Ivan Afonichev 0:7.0.25-2Ivan Afonichev 0:7.0.25-1Krzysztof Daniel 0:7.0.23-5Ivan Afonichev 0:7.0.23-4Alexander Kurtakov 0:7.0.23-2Joseph D. Wagner 0:7.0.23-3Ivan Afonichev 0:7.0.23-1Ivan Afonichev 0:7.0.22-2Ivan Afonichev 0:7.0.22-1Rex Dieter - 0:7.0.21-3.1Ivan Afonichev 0:7.0.21-3Roland Grunberg 0:7.0.21-2Ivan Afonichev 0:7.0.21-1Ivan Afonichev 0:7.0.20-3Ivan Afonichev 0:7.0.20-2Ivan Afonichev 0:7.0.20-1Ivan Afonichev 0:7.0.19-1Ivan Afonichev 0:7.0.16-1Ivan Afonichev 0:7.0.14-3Ivan Afonichev 0:7.0.14-2Ivan Afonichev 0:7.0.14-1Ivan Afonichev 0:7.0.12-4Ivan Afonichev 0:7.0.12-3Ivan Afonichev 0:7.0.12-2Ivan Afonichev 0:7.0.12-1- Resolves: rhbz#1814315 CVE-2020-1935 tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling- Resolves: CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS- Revert rhbz#1814315 because it caused other issues with ipa-server, see rhbz#1831127 - Resolves: CVE-2020-9484 tomcat: Apache Tomcat Remote Code Execution via session persistence- Revert rhbz#1367492 because it caused issues with ipa-server, see rhbz#1831127- Resolves: rhbz#1367492 harden package permissions - Resolves: rhbz#1523112 tomcat systemd does not cope with - in service names - Resolves: rhbz#1629162 tomcat-dbcp.jar is missing from tomcat package - Resolves: rhbz#1822453 Tomcat parses a request having an absolute URI path incorrectly and returns 404 Not Found - Resolves: rhbz#1795645 connection leak with StatementCache, SlowQueryReport or StatementDecoratorInterceptor - Resolves: CVE-2019-17563 tomcat: session fixation when using FORM authentication- CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability- Resolves: rhbz#1748541 Bump tomcat release number- Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet - Resolves: rhbz#1552375 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources - Resolves: rhbz#1552374 CVE-2018-1305 tomcat: Late application of security constraints can lead to resource exposure for unauthorised users - Resolves: rhbz#1590182 CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins - Resolves: rhbz#1608609 CVE-2018-8034 tomcat: host name verification missing in WebSocket client - Resolves: rhbz#1588703 Backport of Negative maxCookieCount value causes exception for Tomcat - Resolves: rhbz#1472950 shutdown_wait option is not working for Tomcat - Resolves: rhbz#1455483 Add support for characters "<" and ">" to the possible whitelist values- Resolves: rhbz#1608607 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS- Resolves: rhbz#1602060 Deadlock occurs while sending to a closing session- Related: rhbz#1505762 Remove erroneous useradd- Resolves: rhbz#1485453 man page uid and gid mismatch for service accounts - Resolves: rhbz#1505762 Problem to start tomcat with a user whose group has a name different to the user- Resolves: rhbz#1498343 CVE-2017-12615 CVE-2017-12617 tomcat: various flaws - Resolves: rhbz#1495655 CVE-2017-7674 tomcat: Vary header not added by CORS filter leading to cache poisoning - Resolves: rhbz#1470597 CVE-2017-5647 Add follow up revision- Resolves: rhbz#1459747 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism - Resolves: rhbz#1441481 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used- Resolves: rhbz#1414895 Rebase tomcat to the current release- Related: rhbz#1368122- Resolves: rhbz#1362213 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz#1368122- Resolves: rhbz#1362545- Related: rhbz#1201409 Added /etc/sysconfig/tomcat to the systemd unit for tomcat-jsvc.service- Resolves: rhbz#1347860 The systemd service unit does not allow tomcat to shut down gracefully- Resolves: rhbz#1350438 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service- Resolves: rhbz#1347774 The security manager doesn't work correctly (JSPs cannot be compiled)- Rebase Resolves: rhbz#1311622 Getting NoSuchElementException while handling attributes with empty string value in tomcat - Rebase Resolves: rhbz#1320853 Add HSTS support - Rebase Resolves: rhbz#1293292 CVE-2014-7810 tomcat: Tomcat/JBossWeb: security manager bypass via EL expressions - Rebase Resolves: rhbz#1347144 CVE-2016-0706 tomcat: security manager bypass via StatusManagerServlet - Rebase Resolves: rhbz#1347139 CVE-2015-5346 tomcat: Session fixation - Rebase Resolves: rhbz#1347136 CVE-2015-5345 tomcat: directory disclosure - Rebase Resolves: rhbz#1347129 CVE-2015-5174 tomcat: URL Normalization issue - Rebase Resolves: rhbz#1347146 CVE-2016-0763 tomcat: security manager bypass via setGlobalContext() - Rebase Resolves: rhbz#1347142 CVE-2016-0714 tomcat: Security Manager bypass via persistence mechanisms - Rebase Resolves: rhbz#1347133 CVE-2015-5351 tomcat: CSRF token leak- Resolves: rhbz#1287928 Rebase to tomcat 7.0.69 - Resolves: rhbz#1327326 rpm -V tomcat fails on /var/log/tomcat/catalina.out - Resolves: rhbz#1277197 tomcat user has non-existing default shell set - Resolves: rhbz#1240279 The command tomcat-digest doesn't work with RHEL 7 - Resolves: rhbz#1229476 Tomcat startup ONLY options - Resolves: rhbz#1133070 Need to include full implementation of tomcat-juli.jar and tomcat-juli-adapters.jar - Resolves: rhbz#1201409 Fix the broken tomcat-jsvc service unit - Resolves: rhbz#1221896 tomcat.service loads /etc/sysconfig/tomcat without shell expansion - Resolves: rhbz#1208402 Mark web.xml in tomcat-admin-webapps as config file- Resolves: CVE-2014-0227- Resolves: rhbz#1141372 - Remove systemv artifacts. Add new systemd - artifacts. Rebase on 7.0.54.- Resolves: CVE-2014-0099 - Resolves: CVE-2014-0096 - Resolves: CVE-2014-0075- Related: CVE-2013-4286 - Related: CVE-2013-4322 - Related: CVE-2014-0050 - revisit patches for above.- Related: rhbz#1056696 correct packaging for sbin tomcat- Related: CVE-2013-4286. increment build number. missed doing - it. - Resolves: rhbz#1038183 remove BR for ant-nodeps. it's - no long used.- Resolves: rhbz#1056673 Invocation of useradd with shell - other than sbin nologin - Resolves: rhbz#1056677 preun systemv scriptlet unconditionally - stops service - Resolves: rhbz#1056696 init.d tomcat does not conform to RHEL7 - systemd rules. systemv subpackage is removed. - Resolves: CVE-2013-4286 - Resolves: CVE-2013-4322 - Resolves: CVE-2014-0050 - Built for rhel-7 RC- Resolves: rhbz#1051657 update to 7.0.42. Ant-nodeps is - deprecated.- Mass rebuild 2013-12-27- Updated to 7.0.40 - Resolves: rhbz 956569 added missing commons-pool link- Add depmaps for org.eclipse.jetty.orbit - Resolves: rhbz#917626- Updated to 7.0.39- Updated to 7.0.37- Updated to 7.0.35 - systemd SuccessExitStatus=143 for proper stop exit code processing- Updated to 7.0.34 - ecj >= 4.2.1 now required - Resolves: rhbz 889395 concat classpath correctly; chdir to $CATALINA_HOME- Resolves: rhbz 883806 refix logdir ownership- Updated to 7.0.33 - Resolves: rhbz 873620 need chkconfig for update-alternatives- Updated to 7.0.32 - Resolves: rhbz 842620 symlinks to taglibs- Updated to 7.0.29 - Add pidfile as tmpfile - Use systemd for running as unprivileged user - Resolves: rhbz 847751 upgrade path was broken - Resolves: rhbz 850343 use new systemd-rpm macros- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Updated to 7.0.28 - Resolves: rhbz 820119 Remove bundled apache-commons-dbcp - Resolves: rhbz 814900 Added tomcat-coyote POM - Resolves: rhbz 810775 Remove systemv stuff from %post scriptlet - Remove redhat-lsb R- Fixed native download hack- Updated to 7.0.27 - Fixed jakarta-taglibs-standard BR and R- Add more depmaps to J2EE apis to help jetty/glassfish updates- Added the POM files for tomcat-api and tomcat-util (#803495)- Updated to 7.0.26 - Bug 790334: Change ownership of logdir for logrotate- Bug 790694: Priorities of jsp, servlet and el packages updated.- Dropped indirect dependecy to tomcat 5- Added hack for maven depmap of tomcat-juli absolute link [ -f ] pass correctly- Updated to 7.0.25 - Removed EntityResolver patch (changes already in upstream sources) - Place poms and depmaps in the same package as jars - Added javax.servlet.descriptor to export-package of servlet-api - Move several chkconfig actions and reqs to systemv subpackage - New maven depmaps generation method - Add patch to support java7. (patch sent upstream). - Require java >= 1:1.6.0- Exported javax.servlet.* packages in version 3.0 as 2.6 to make servlet-api compatible with Eclipse.- Move jsvc support to subpackage- Add EntityResolver setter patch to jasper for jetty's need. (patch sent upstream).- Added support to /usr/sbin/tomcat-sysd and /usr/sbin/tomcat for starting tomcat with jsvc, which allows tomcat to perform some privileged operations (e.g. bind to a port < 1024) and then switch identity to a non-privileged user. Must add USE_JSVC="true" to /etc/tomcat/tomcat.conf or /etc/sysconfig/tomcat.- Updated to 7.0.23- Move tomcat-juli.jar to lib package - Drop %update_maven_depmap as in tomcat6 - Provide native systemd unit file ported from tomcat6- Updated to 7.0.22- rebuild (java), rel-eng#4932- Fix basedir mode- Add manifests for el-api, jasper-el, jasper, tomcat, and tomcat-juli.- Updated to 7.0.21- Require java = 1:1.6.0- Require java < 1.7.0- Updated to 7.0.20- Updated to 7.0.19- Updated to 7.0.16- Added initial systemd service - Fix some paths- Fixed http source link - Securify some permissions - Added licenses for el-api and servlet-api - Added dependency on jpackage-utils for the javadoc subpackage- Updated to 7.0.14- Provided local paths for libs - Fixed dependencies - Fixed update temp/work cleanup- Fixed package groups - Fixed some permissions - Fixed some links - Removed old tomcat6 crap- Package now named just tomcat instead of tomcat7 - Removed Provides: tomcat-log4j - Switched to apache-commons-* names instead of jakarta-commons-* . - Remove the old changelog - BR/R java >= 1:1.6.0 , same for java-devel - Removed old tomcat6 crap- Tomcat70:7.0.76-16.el7_9tomcat-jsvc.service/usr/lib/systemd/system/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m32 -march=x86-64 -mtune=generic -mfpmath=sse -fasynchronous-unwind-tablescpioxz2noarch-redhat-linux-gnuASCII text?7zXZ !#,] b2u Q{K?JV/Xe!B x9v ?2!