tomcat6-servlet-2.5-api-0:6.0.24-114.el6_10$>\T7/s1m O#><R?Rd!, 0 a  &,3<D H L T  8 \ ) (Q8Xx98x:x>P@PGPHPIPXPYP\P]P^QbQ0dQeQfQlQtQuQvRwRtxR|RCtomcat6-servlet-2.5-api6.0.24114.el6_10Apache Tomcat Servlet API implementation classesApache Tomcat Servlet API implementation classes.^y$x86-02.bsys.centos.orgCentOSASL 2.0CentOS BuildSystem Internet/WWW/Dynamic Contenthttp://tomcat.apache.org/linuxnoarch/usr/sbin/update-alternatives --install /usr/share/java/servlet.jar servlet \ /usr/share/java/tomcat6-servlet-2.5-api.jar 20500if [ "$1" = "0" ]; then /usr/sbin/update-alternatives --remove servlet \ /usr/share/java/tomcat6-servlet-2.5-api.jar fi"^y#^y46348de2ee6e4298fa918212f2e774f6828288e7c720aa7e6646dcee2ff0c35ftomcat6-servlet-2.5-api-6.0.24.jarrootrootrootroottomcat6-6.0.24-114.el6_10.src.rpmservletservlet25servlet6tomcat6-servlet-2.5-api     /bin/sh/bin/sh/usr/sbin/update-alternatives/usr/sbin/update-alternativesrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(VersionedDependencies)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-13.0.3-15.2-14.8.0^oj@^g@^b;@ZN@X@XX@W:WW@V@VVwVwVn@Vn@Vii@VhV2 @UUUUUT@T@T@T@T@T@TfT&@T@TS/SS@S"@S @SB@R0[@R/ R(r@R%@RC@R6Q@Q@Q@Q@P@P @PPj@OOtNO_6OOdOKONNi@N[@M@MMVMVMVM'M@M>MM~@MwkMp@M] M] MQ0@Ls@LL*@Le3LYV@L;L,@L)@L!@K$@K$@K/KKK\K\K\K@K0J@JlE@IW@I2I5#@I5#@IHO@HO@Hf@HH}@H@HuG@GGG@G߮G]@G.@G@GD@GR@F@Coty Sutherland 0:6.0.24-114Coty Sutherland 0:6.0.24-113Coty Sutherland 0:6.0.24-112Coty Sutherland 0:6.0.24-111Tomas Hoger 0:6.0.24-105Coty Sutherland 0:6.0.24-105Coty Sutherland 0:6.0.24-100Coty Sutherland 0:6.0.24-98Coty Sutherland 0:6.0.24-97Coty Sutherland 0:6.0.24-96Coty Sutherland 0:6.0.24-95Coty Sutherland 0:6.0.24-92Coty Sutherland 0:6.0.24-91Coty Sutherland 0:6.0.24-91Coty Sutherland 0:6.0.24-91Coty Sutherland 0:6.0.24-91Coty Sutherland 0:6.0.24-91Coty Sutherland 0:6.0.24-91Coty Sutherland 0:6.0.24-91David Knox 0:6.0.24-90David Knox 0:6.0.24-89David Knox 0:6.0.24-88David Knox 0:6.0.24-87David Knox 0:6.0.24-86David Knox 0:6.0.24-85David Knox 0:6.0.24-84David Knox 0:6.0.24-83David Knox 0:6.0.24-82David Knox 0:6.0.24-81David Knox 0:6.0.24-80David Knox 0:6.0.24-79David Knox 0:6.0.24-69David Knox 0:6.0.24-68David Knox 0:6.0.24-67David Knox 0:6.0.24-66David Knox 0:6,0.24-65David Knox 0:6.0.24-64David Knox 0:6.0.24-63David Knox 0:6.0.24-62David Knox 0:6.0.24-61David Knox 0:6.0.24-60David Knox 0:6.0.24-59David Knox 0:6.0.24-58David Knox 0:6.0.24-54David Knox 0:6.0.24-53David Knox 0:6.0.24-52David Knox 0:6.0.24-51David Knox 0:6.0.24-50David Knox 0:6.0.24-49David Knox 0:6.0.24-48David Knox 0:6.0.24-47David Knox 0:6.0.24-46David Knox 0:6.0.24-45David Knox 0:6.0.24-44David Knox 0:6.0.24-43David Knox 0:6.0.24-42David Knox 0:6.0.24-41David Knox 0:6.0.24-39David Knox 0:6.0.24-38David Knox 0:6.0.24-37David Knox 0:6.0.24-36David Knox 0:6.0.24-35David Knox 0:6.0.24-34David Knox 0:6.0.24-33David Knox 0:6.0.24-32David Knox 0:6.0.24-31David Knox 0:6.0.24-30David Knox 0:6.0.24-29David Knox 0:6.0.24-28David Knox 0:6.0.24-27David Knox 0:6.0.24-26David Knox 0:6.0.24-25David Knox 0:6.0.24-23David Knox 0:6.0.24-21David Knox 0:6.0.24-20David Knox 0:6.0.24-19David Knox 0:6.0.24-18David Knox 0:6.0.24-17David Knox 0:6.0.24-16David Knox 0:6.0.24-15David Knox 0:6.0.24-14David Knox 0:6.0.24-13David Knox 0:6.0.24-12David Knox 0:6.0.24-11David Knox 0:6.0.24-10David Knox 0:6.0.24-9David Knox 0:6.0.24-8David Knox 0:6.0.24-7David Knox 0:6.0.24-6David Knox 0:6.0.24-5david knox 0:6.0.24-4David Knox 0:6.0.24-3David Knox 0:6.0.24-2Alexander Kurtakov 0:6.0.24-1Alexander Kurtakov 0:6.0.20-2Alexander Kurtakov 0:6.0.20-1Fedora Release Engineering - 0:6.0.18-10.2Alexander Kurtakov 0:6.0.18-9.2Fedora Release Engineering - 0:6.0.18-9.1David Walluck 0:6.0.18-8.1David Walluck 0:6.0.18-8David Walluck 0:6.0.18-7David Walluck 0:6.0.18-6David Walluck 0:6.0.18-5David Walluck 0:6.0.18-4David Walluck 0:6.0.18-3David Walluck 0:6.0.18-2David Walluck 0:6.0.18-1Tom "spot" Callaway - 0:6.0.16-1.8David Walluck 0:6.0.16-1jpp.7.fc9David Walluck 0:6.0.16-1jpp.6.fc9David Walluck 0:6.0.16-1jpp.6.fc9David Walluck 0:6.0.16-1jpp.5.fc9David Walluck 0:6.0.16-1jpp.4.fc9David Walluck 0:6.0.16-1jpp.3.fc9David Walluck 0:6.0.16-1jpp.2.fc9David Walluck 0:6.0.16-1jpp.1.fc9Jason Corley - 0:6.0.16-1jppJason Corley - 0:6.0.14-2jppJason Corley 0:6.0.14-1jpp- Related: rhbz#1806803 Update patch to remove secret attribute renaming- Related: rhbz#1806803 Add IIS attributes to filter pattern and update secret logic- Resolves: rhbz#1806803 CVE-2020-1938 tomcat6: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability* Sync with 6.9 - Resolves: rhbz#1498342 CVE-2017-12615 CVE-2017-12617 tomcat6: various flaws - Resolves: rhbz#1461291 CVE-2017-5664 tomcat6: tomcat: Security constrained bypass in error page mechanism - Resolves: rhbz#1441479 CVE-2017-5647 tomcat6: tomcat: Incorrect handling of pipelined requests when send file was used - Resolves: rhbz#1415824 The tomcat6 build is incompatible with the ECJ update- Sync with 6.8 - add CVE-2016-6816 follow-up patches and revert unreleased fixes. - Related: rhbz#1397484 CVE-2016-6816 Adding system property from asfbz-60594 to allow use of some un-encoded characters - Related: rhbz#1397484 CVE-2016-6816 Resolving a security regression (2017-6056) caused by CVE-2016-6816 - Reverts: rhbz#1415824 The tomcat6 build is incompatible with the ECJ update - Reverts: rhbz#1347778 The security manager doesn't work correctly- Related: rhbz#1415824 build. reverting ExcludeArch to fix composes- Resolves: rhbz#1413588 CVE-2016-8745 tomcat6: tomcat: information disclosure due to incorrect Processor sharing - Resolves: rhbz#1402665 CVE-2016-6816 tomcat6: tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests - Resolves: rhbz#1415824 The tomcat6 build is incompatible with the ECJ update- Resolves: rhbz#1362211 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz#1368120 CVE-2016-6325 tomcat6: tomcat: tomcat writable config files allow privilege escalation- Resolves: rhbz#1367052 CVE-2015-5174 tomcat6: tomcat: URL Normalization issue - Resolves: rhbz#1367057 CVE-2016-0706 tomcat6: tomcat: directory disclosure - Resolves: rhbz#1367059 CVE-2016-0714 Security Manager bypass via persistence mechanisms - Resolves: rhbz#1367055 CVE-2015-5345 Directory disclosure- Resolves: rhbz#1327238 rpm -V tomcat6 fails due on /var/log/tomcat6/catalina.out - Resolves: rhbz#1347778 The security manager doesn't work correctly- Related: rhbz#1084426 Reverting to prevent Satellite installation issues mentioned in rhbz-1302761- Resolves: rhbz#1293290 CVE-2014-7810 tomcat6 security manager bypass via EL expressions- Resolves: rhbz#886653 Tomcat6 files should be owned by user / group tomcat- Resolves: rhbz#1155509 tomcat6 packages are arch dependent- Resolves: rhbz#1264559 Correct behaviour of ResourceBundleELResolver.- Resolves: rhbz#1268352 Resolving NIO connector memory leak.- Resolves: rhbz#1134600 Resolve STRICT_SERVLET_COMPLIANCE issues.- Resolves: rhbz#1072484 Resolve fix translation problem affecting IBM JDK.- Resolves: rhbz#1221877 Add support for disableURLRewriting.- Related: rhbz#1042811 left over test value in the conf- Resolves: rhbz#1042811 tomcat6 service restarts will cause a - duplicated command-line arguments- Related: rhbz#1022061 changed in init file. Remove test - in function stop for result after initial command to - stop.- Resolves: rhbz#1128396 NPE in chunked encoding. - Regenerated patches for 4322 and 0227- Resolves: rhbz#1068689 Add option to disable log rotation - in FileHandler- Resolves: CVE-2014-0227 Limited DoS in chunked transfer- Resolves: rhbz#1022061 Tomcat init script needs to be adjusted to kill tomcat - if stop is unsuccessful- Resolves: rhbz#1054817 Mark Tomcat Manager web.xml as - config in spec- Resolves: rhbz#1031327 Backport apache 50072 blank responses- Resolves: rhbz#1183252 Tomcat breaks in serving large files - greater than 1.7 mb and under high load and high threading- Related: CVE-2013-4590 - remove xml schema names javaee_5, - javaee_web_services_1_2, and javaee_web_services_1_2_client - from descriptor.DigesterFactory initialization. These - schema definitions are not relevant to 6.0.24 as the version - of their spec did not exist at the time. - Resolves: rhbz#1140855 - request parameter truncated- Related: rhbz#1140301 - have to bump the nvr to be greater - than 6.5.z- Resolves: rhbz#1140301 - reverse changes of 845786. - Rebuilding for compose.- Resolves: CVE-2013-4590 - Resolves: CVE-2014-0119- Related: CVE-2014-0075 incomplete- Related: CVE-2014-0050 - Related: CVE-2013-4322- Resolves: CVE-2014-0099 - Resolves: CVE-2014-0096 - Resolves: CVE-2014-0075- Resolves: CVE-2014-0050- Resolves: CVE-2013-4322 CVE-2013-4286. Branched from - rhel-6.5- Related: rhbz 915447 Introduced a space char in TOMCAT_GROUP- Related: rhbz 915447 Typo in conf and sysconf- Related: rhbz 915447 can't start with group other than tomcat - changes in init script. Added TOMCAT_GROUP to sysconfig and - tomcat6.conf. Also changed default to the group that user - tomcat belongs.- Related: CVE-2012-3439 Digest Authentication. Fixed typo - in the patch file.- Resolves: CVE-2012-3439 - Resolves: CVE-2012-4534 - Resolves: CVE-2012-3546 - Increment build number to exceed 6_4 build number. Demanded - by rpmdiff- Resolves: rhbz 845786 webapps-docs contained empty files. - Build will fail of architectures ppc s390x ppc64. Use - target rhel-6.5-noarch-candidate - Resolves: rhbz 915447 can't start with group other than tomcat - changes in init script - Resolves: rhbz 950647 Error in checkpidfile of init script - Resolves: rhbz 977685 Full implementation of juli and juli - adapters. Jars placed in new extras directory - Resolves: 960225 Status script does not return proper PID- Resolves: CVE-2013-2067 session fixation- Related: rhbz#955977 CVE-2013-1976- Related: rhbz#955977 CVE-2013-1976 Changed location of - TOMCAT_LOG to /var/log where only root can write to it. Touching - TOMCAT_LOG is no longer necessary- Resolves: rhbz#955977 CVE-2013-1976 Improper TOMCAT_LOG management in - init script- Related: rhbz 576540 - Javadoc is not being generated correctly by the build- Resolves: rhbz 576540 - regression init script in the - wrong place. Changed _initrddir definition herein to point to the - right place.- Resolves: rhbz 857066 apache bz 48843 ArrayIndexOutofBounds- Resolves: rhbz 847288 classloader deadlock compiler JSPs - Resolves: rhbz 785954 HTML filtering needed - Resolves: rhbz 798617 init gives incorrect status- Resolves: rhbz 757632 regression- Resolves: CVE-2012-0022 regression. Change made to patch.- Resolves: rhbz# 802396. Changes made to init script.- Resolves cve-2012-0022 (2011-4858) rhbz 783728- Resolves: rhbz 782400 - remove redhat-lsb dependency - Resolves: rhbz 726169 (783407) - Unable to compile class for JSP - Resolves: rhbz 783567 - tag attributes parsing throws exception- Resolves: rhbz 757632 - version arg results in CNFException - changes made to initscript.- resolves: rhbz 748813 NPE w/no data in chunked POST request - Not included in 6.2. Slated for 6.3- resolves: cve-2011-3190 rhbz 738504 - resolves: cve-2011-2204 rhbz 738504 - resolves: cve-2011-2526 rhbz 738504 - resolves: cve-2011-1184 rhbz 738504 - resolves: rhbz 698624 - revisited- resolves: rhbz 726169 - jsp1.1 regression exception - Not included in 6.2 slated for 6.3- resolves: rhbz 687968 - tomcat6 broken when LANG="fr_FR"- resolves: rhbz 701759 - hardcoded catalina.out - Not included in 6.2 slated for 6.3- resolves: rhbz 695284 - multiple instances logging fiasco- Resolves: rhbz 698624 - inet4address can't be cast to String- Resolves: rhbz 656403 - cve-2010-4172 jsp syntax error- Resolves: rhbz#697504 initscript logging location- Resolves: rhbz#656403, rhbz#675926, rhbz#676011 - CVE-2010-4172, CVE-2010-3718, CVE-2011-0013, CVE-2010-4476, - CVE-2011-0534- Resovles rhbz#695284 - wrapper logs to different locations - CVE-2010-4172, CVE-2011-0013, CVE-2010-3718 commented out - until needed.- naming-factory-dbcp missing fix in tomcat6.conf - Add Obsoletes for log4j- Add log4j to package lib. Corrected typo in log4 Provides - epock versus epoch- Installed permissions do not allow tomcat to start - incrementing NVR so yum won't get confused with the zstream- Resolves: rhbz 678671 - useradd sets shell to nologin - dangling symlink for log4j. Added it as R: and R(post)- Resolves: 678671 - tomcat user requires login shell- Resolves: rhbz#636997 Additionally created instances of tomcat - are broken- Resolves: CVE-2011-0534 rhbz# 675926- Resolves: rhbz# 661244 missing tomcat6-juli link - Fixed symlinks to commons-collections and log4j in libdir - Removed log4j package- Replacing commons-xxxx-tomcat5 with jakarta-commons-xxxx- Resolves: rhbz#636997 - Additionally created instances of tomcat are - broken- Resolves: rhbz#617501 CVE-2010-2227- Added 2227 patch- fixed servlet-api typo- Resolves: rhbz#584699. A respin was required to fix post and - postun for el. Updated EL-spec to 2.1 from 1.0. Tomcat6 uses - elspec 2.1- Resolves: rhbz#584699 initscript collected problems LSB - compliant. Not complete yet. Return values are correct and - usage function has been implemented.- Resolves: rhbz#606822 CVE-2010-1157- Resolves: rhbz#582037 Revert to Java 1.5. Also fixed Error - deploying web application.- Resolves: rhbz#584699 - and two other bugs along with - various spec flaws fixed.- Build and run using gcj 1.5. Spec refactored. JSP examples - are working.- Patched spec file to avoid sinjdoc issue- Adding patch for setPerformancePrefernces- increment build number- Removed prerun lib and post WEB-INF/lib. Moved build-jar-repos to - after the installs. Added Requires and BuildRequires for jakarta- - commons-{dbcp,pool,collections}-tomcat5 and ecj. Changed define macro to - global.- Revert: Revert JDK/Java Requires and BuildRequires to version 1.5 versus 1.6- Update to 6.0.24.- Drop file requires on /usr/share/java/ecj.jar.- Update to 6.0.20. Fixes CVE-2009-0033,CVE-2009-0580.- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Add OSGi manifest for servlet-api.- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- build for Fedora- fix directory ownership- add Requires for update-alternatives- use lsb_release instead of lsb-release to get the distributor- fix initscript messages on Mandriva Linux - fix help message in initscript- redefine %_initrddir for FHS-compliance - make initscript LSB-complaint- fix status in initscript- remove initscripts and /sbin/service requirement - call initscript directly without using /sbin/service - require /sbin/chkconfig instead of chkconfig - remove chkconfig requirement from packages that don't require it- 6.0.18 - Resolves: CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2008-2938 - fix definition of java.security.policy with d%{name} start-security - don't pass $CATALINA_OPTS with d%{name} stop - redefine tempdir and workdir for tmpwatch workaround - change eclipse-ecj references to ecj- drop repotag- version jsp and servlet Provides with their spec versions - remove Obsoletes/Provides for servletapi6 package as it can co-exist - check for java-functions existence in wrapper script - move d%{name} to %{name} and create symlink for d%{name} - improve status function in initscript - change license to ASL 2.0 again as per Fedora guidelines- remove Requires: tomcat-native - put back original JPackage Group (except javadoc) and License tags - add Provides for jsp and servlet - use ant macro - build and install sample webapp - call /sbin/service to stop service on uninstall - remove references to $RPM_BUILD_DIR - use copy instead of move to fix short-circuit install build - remove prebuilt sample.war - remove Thumbs.db files - add Requires: java >= 0:1.6.0- remove Requires: tomcat-native - put back original JPackage Group (except javadoc) and License tags - add Provides for jsp and servlet - use ant macro - build and install sample webapp - call /sbin/service to stop service on uninstall - remove references to $RPM_BUILD_DIR - use copy instead of move to fix short-circuit install build - remove prebuilt sample.war - remove Thumbs.db files - add Requires: java >= 0:1.6.0- explicitly unset CLASSPATH - explicitly set OPT_JAR_LIST to include ant/ant-trax- remove BuildRequires: sed - remove specific references to icedtea- add digest and tool-wrapper scripts - Requires: tomcat-native- use %{_var} for appdir instead of /srv - use ${JAVACMD} for java executable in wrapper script - use built-in status function in initscript where possible - add missing require on procps for status function - fix java.library.path setting in %{_sysconfdir}/sysconfig/%{name} - add patch to document webapps in %{_sysconfdir}/%{name}/tomcat-users.xml - remove %{appdir}/ROOT/admin - move %{_bindir}/d%{name} to %{_sbindir}/d%{name}- use %{_initrddir} macro instead of %{_sysconfdir}/init.d (rhbz #153187) - fix java.library.path setting in %{name}.conf (rhbz #253605) - fix incorrect initscript output (rhbz #380921) - update initscript (rhbz #247077) - add logrotate support - fix strange-permission - fix %prep - replace /var with %{_var} - replace %{_localstatedir} with %{_var} - use %{logdir} where possible - call build-jar-repository with full path in scriptlets - remove file-based requires - build with icedtea and set as the default JAVA_HOME in %{name}.conf - fix non-standard-group - change ecj references to eclipse-ecj - change Apache Software License 2.0 to ASL 2.0 for rpmlint- update to 6.0.16- add /etc/tomcat6/Catalina/localhost (Alexander Kurtakov)- first JPackage release/bin/sh/bin/sh2.50:6.0.24-114.el6_10tomcat6-servlet-2.5-api-6.0.24.jartomcat6-servlet-2.5-api.jar/usr/share/java/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tablesdrpmxz2noarch-redhat-linux-gnudirectoryempty (Zip archive data, at least v1.0 to extract)symbolic link to `tomcat6-servlet-2.5-api-6.0.24.jar'?@7zXZ !#,W]"k%3WƵˡK^ \Ha^O< &1`׹I6o %eH]nzlSq_:\r)'2Mngkj"nura+!Q8LIe`i/E&ؕ#]<q>z3崷>}(טpoaة8_ERk/?}J/ۂl۱ȧAkD2GxQ']6ԗ6Dݳ]Rvȋ'͗UH@'~sj뙽Eatc9|R;)&aƆ!-I;J΢Հm|Oޒwb4 5*aԷf7c)25Rn"铪]9*b⸂tD˴8>DkTII,8w͓2t ;]D_rH߬VWwHz\wf7{fm~Vm? C\tlԕRY ңR YZ