diff options
author | Björn Höfling <bjoern.hoefling@bjoernhoefling.de> | 2020-03-22 13:34:01 +0100 |
---|---|---|
committer | Björn Höfling <bjoern.hoefling@bjoernhoefling.de> | 2020-03-26 21:39:49 +0100 |
commit | eebaed2b7662d514fa93cae753bc14451ba6814f (patch) | |
tree | 7cc72ead92a1f642d0eaa43736a99a806d7f8f8e | |
parent | 3089b70d766bd9ec70e1464867130b7b864fbe17 (diff) | |
download | guix-eebaed2b7662d514fa93cae753bc14451ba6814f.tar.gz guix-eebaed2b7662d514fa93cae753bc14451ba6814f.zip |
gnu: java-tomcat: Update to 8.5.53.
This fixes CVE-2020-1938 ("Ghostcat").
* gnu/packages/web.scm (java-tomcat): Update to 8.5.53.
[properties]: Add cpe-name.
-rw-r--r-- | gnu/packages/web.scm | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 10cbf6165b..6ce8b78c85 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -39,6 +39,7 @@ ;;; Copyright © 2020 Timotej Lazar <timotej.lazar@araneo.si> ;;; Copyright © 2020 Alexandros Theodotou <alex@zrythm.org> ;;; Copyright © 2020 Pierre Neidhardt <mail@ambrevar.xyz> +;;; Copyright © 2018, 2019, 2020 Björn Höfling <bjoern.hoefling@bjoernhoefling.de> ;;; ;;; This file is part of GNU Guix. ;;; @@ -6109,14 +6110,14 @@ encoder/decoder based on the draft-12 specification for UBJSON.") (define-public java-tomcat (package (name "java-tomcat") - (version "8.5.46") + (version "8.5.53") (source (origin (method url-fetch) (uri (string-append "mirror://apache/tomcat/tomcat-8/v" version "/src/apache-tomcat-" version "-src.tar.gz")) (sha256 (base32 - "0fb49gsqa3r6jrwc54yynvsakq9qbzr2pbxr7a29c2zvja2v65iq")) + "15lwq3clf21hzk7mma70sffpxjqn8ww5mjq6zhmwcp4m17m22z26")) (modules '((guix build utils))) ;; Delete bundled jars. (snippet @@ -6194,6 +6195,7 @@ encoder/decoder based on the draft-12 specification for UBJSON.") (let ((out (assoc-ref outputs "out"))) (copy-recursively "output/build" out)) #t))))) + (properties '((cpe-name . "tomcat"))) (home-page "https://tomcat.apache.org") (synopsis "Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket") |