From eebaed2b7662d514fa93cae753bc14451ba6814f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20H=C3=B6fling?= Date: Sun, 22 Mar 2020 13:34:01 +0100 Subject: gnu: java-tomcat: Update to 8.5.53. This fixes CVE-2020-1938 ("Ghostcat"). * gnu/packages/web.scm (java-tomcat): Update to 8.5.53. [properties]: Add cpe-name. --- gnu/packages/web.scm | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 10cbf6165b..6ce8b78c85 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -39,6 +39,7 @@ ;;; Copyright © 2020 Timotej Lazar ;;; Copyright © 2020 Alexandros Theodotou ;;; Copyright © 2020 Pierre Neidhardt +;;; Copyright © 2018, 2019, 2020 Björn Höfling ;;; ;;; This file is part of GNU Guix. ;;; @@ -6109,14 +6110,14 @@ encoder/decoder based on the draft-12 specification for UBJSON.") (define-public java-tomcat (package (name "java-tomcat") - (version "8.5.46") + (version "8.5.53") (source (origin (method url-fetch) (uri (string-append "mirror://apache/tomcat/tomcat-8/v" version "/src/apache-tomcat-" version "-src.tar.gz")) (sha256 (base32 - "0fb49gsqa3r6jrwc54yynvsakq9qbzr2pbxr7a29c2zvja2v65iq")) + "15lwq3clf21hzk7mma70sffpxjqn8ww5mjq6zhmwcp4m17m22z26")) (modules '((guix build utils))) ;; Delete bundled jars. (snippet @@ -6194,6 +6195,7 @@ encoder/decoder based on the draft-12 specification for UBJSON.") (let ((out (assoc-ref outputs "out"))) (copy-recursively "output/build" out)) #t))))) + (properties '((cpe-name . "tomcat"))) (home-page "https://tomcat.apache.org") (synopsis "Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket") -- cgit v1.2.3