- All JDK ports (and JDK documentation ports) that were formerly maintained by
znerd have been assigned to java@FreeBSD.org
- I will handle some of the remaining ports (jakarta-commons-*, jdom, xalan-j
and xmlenc)
- Everything else is reset to ports@FreeBSD.org
Approved by: znerd (maintainer)
previously already set to jakarta-tomcat[VERSION], but this
was not consistent with the jakarta-tomcat5 port.
PR: 63210
Submitted by: Kang Liu <liukang@bjpu.edu.cn>
News & Status page:
A security vulnerability has been confirmed to exist in
Apache Tomcat 4.0.x releases (including Tomcat 4.0.5),
which allows to use a specially crafted URL to return the
unprocessed source of a JSP page, or, under special
circumstances, a static resource which would otherwise have been
protected by security constraint, without the need for being
properly authenticated. This is based on a variant of the
exploit that was disclosed on
09/24/2002.
See:
http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/v4.0.6/RELEASE-NOTES
The fix consists of 2 lines at the beginning of the program:
setuid(geteuid());
setgid(getegid());
Bumped PORTREVISION of Orion, Tomcat and JBoss ports.
PR: 40470, 43679
Submitted by: Ari Suutari <ari.suutari@syncrontech.com>
Reviewed by: audit
Approved by: Silence on -audit (since Sept 13, 2002)
before the name of the application being started/stopped. The
advantage is that if there is an error, then the message will
have a space prepended instead of being appended to the previous
application name.
When the application is 'stop'ped, the error messages, if any,
are now hidden. Instead the name of the application is just
shown.
Bumped PORTREVISION.
shared among other ports, like www/orion, www/jboss2 and
www/jakarta-tomcat3.
Now displaying installation settings in pre-patch phase.
Customizing files using ${SED} in post-patch phase.
Furthermore some small changes to promote consistency and
genericity. I'm attempting to make the result of
$ diff -ruN --exclude=CVS jakarta-tomcat3 jakarta-tomcat4
as small as possible.
Bumped PORTREVISION to help portupgrade in doing what it
does best ;)
terminated. If not, it will send the process a SIGKILL
after a certain time-out period. The time-out can be
passed to the port Makefile as a parameter.
Improved documentation a bit here and there.
Added some explicit casts to make lint(1) a bit
happier :-)
Applied some refactoring here and there. Moved some
functionality into a new function 'existsProcess'.
Slightly changed the output of the program.
Bumped PORTREVISION.
not installed because there was the control program tomcat4ctl
already. For some instances, however, tomcat4ctl is not
powerful enough. For instance when setting up multiple
instances of Tomcat, see
http://jakarta.apache.org/tomcat/tomcat-4.0-doc/RUNNING.txt.
Also added tools.jar to pkg-plist. It should have been added
previously.
Bumped PORTREVISION.
Prompted by: Gavin Cameron <gavin@itworks.com.au>
to make the man page fully generic for jakarta-tomcat,
jakarta-tomcat4, orion and possibly others.
PORTREVISION is not bumped, since the resulting man
page is exactly the same.
to 3.3.1. Using HTTP_PORT i.s.o. LISTEN_PORT. Using
daemonctl.c i.s.o. tomcatctl shell script. Displaying steps
i.s.o. commands being executed. Synced man page.
in ${PREFIX}/etc/rc.d and the control script in ${PREFIX}/bin have
been refactored and now actually work very well.
Using the 'www' user and group, creating them if they don't exist.
I've used the same approach as www/apache13.
STDOUT_LOG and STDERR_LOG are now fixed (no ?= anymore) since the
package deinstall does not support a different location.
This fixes the first half of PR 28624.
See: http://www.freebsd.org/cgi/query-pr.cgi?pr=34931
Reported by: Kees Jan Koster <k.j.koster@kpn.com>
