Debian Patches

Status for tomcat9/9.0.43-2~deb11u10

Patch Description Author Forwarded Bugs Origin Last update
0004-split-deploy-webapps-target-from-deploy-target.patch [PATCH] split deploy-webapps target from deploy target Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> no 2010-06-28
0005-skip-test-failures.patch Ignore the failing tests Emmanuel Bourg <ebourg@apache.org> not-needed
0009-Use-java.security.policy-file-in-catalina.sh.patch [PATCH] Use java.security.policy file in catalina.sh Make sure catalina.sh uses the Debian/Ubuntu java.security.policy
file location when Tomcat is started with a security manager.		 Adam Guthrie <asguthrie@gmail.com> not-needed debian 2010-06-28
0010-debianize-build-xml.patch Disable usage of embedded library copies James Pages <james.page@canonical.com> no 2011-05-16
0013-dont-look-for-build-properties-in-user-home.patch Don't look for build.properties in the user home directory. This directory doesn't exist on the builders and the attempt to load
a property file there causes a build failure.		 Jakub Adam <jakub.adam@ktknet.cz> not-needed
0018-fix-manager-webapp.patch This patch changes the manager path from webapps/manager to ../tomcat9-admin/manager TJ <ubuntu@iam.tj>, Gianfranco Costamagna <costamagnagianfranco@yahoo.it> no 2013-08-01
0019-add-distribution-to-error-page.patch Adds the name of the distribution to the version of Tomcat reported on the error pages (i.e. 'Apache Tomcat/8.0.x (Debian)') Yolanda Robla <yolanda.robla@canonical.com> not-needed debian
0021-dont-test-unsupported-ciphers.patch Don't check the IDEA cipher during the tests since it is disabled in Debian (see #327739) Also ignore ARIA which is disabled by default in OpenSSL. Emmanuel Bourg <ebourg@apache.org> not-needed
0023-disable-shutdown-by-socket.patch Disables the shutdown port (8005) by default Emmanuel Bourg <ebourg@apache.org> no
0024-systemd-log-formatter.patch Adds a log formatter suitable for systemd Emmanuel Bourg <ebourg@apache.org> no
0025-invalid-configuration-exit-status.patch Fix the exit status when Tomcat terminates because the configuration is invalid Emmanuel Bourg <ebourg@apache.org> yes upstream
0026-easymock4-compatibility.patch Fixes the compatibility with the version of Easymock in Debian Emmanuel Bourg <ebourg@apache.org> no
0027-java11-compilation.patch Fixes the compilation with Java 11 Emmanuel Bourg <ebourg@apache.org> no
CVE-2021-30640.patch CVE-2021-30640 Markus Koschany <apo@debian.org> no debian https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945 2021-08-06
CVE-2021-33037.patch CVE-2021-33037 Markus Koschany <apo@debian.org> no debian https://github.com/apache/tomcat/commit/a2c3dc4c96168743ac0bab613709a5bbdaec41d0 2021-08-06
CVE-2021-41079.patch CVE-2021-41079 Markus Koschany <apo@debian.org> no https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8 2021-09-25
CVE-2021-42340.patch CVE-2021-42340 Markus Koschany <apo@debian.org> no https://github.com/apache/tomcat/commit/80f1438ec45e77a07b96419808971838d259eb47 2021-11-12
CVE-2022-23181.patch CVE-2022-23181 Markus Koschany <apo@debian.org> no https://github.com/apache/tomcat/commit/1385c624b4a1e994426e810075c850edc38a700e 2022-10-25
CVE-2022-29885.patch CVE-2022-29885 Markus Koschany <apo@debian.org> no https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48 2022-10-25
CVE-2021-43980.patch CVE-2021-43980 Markus Koschany <apo@debian.org> no https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1 2022-10-29
CVE-2022-42252.patch CVE-2022-42252 Markus Koschany <apo@debian.org> no https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77 2023-04-05
CVE-2022-45143.patch CVE-2022-45143 Markus Koschany <apo@debian.org> no https://github.com/apache/tomcat/commit/b336f4e58893ea35114f1e4a415657f723b1298e 2023-04-05
CVE-2023-24998.patch Update packaged renamed fork of Commons File Upload no upstream, https://github.com/apache/tomcat/commit/cf77cc545de0488fb89e24294151504a7432df74
CVE-2023-28708.patch CVE-2023-28708 Markus Koschany <apo@debian.org> no debian https://github.com/apache/tomcat/commit/3b51230764da595bb19e8d0962dd8c69ab40dfab 2023-04-05
CVE-2023-28709.patch Fix parameter counting logic no upstream, https://github.com/apache/tomcat/commit/fbd81421629afe8b8a3922d59020cde81caea861
CVE-2023-41080.patch Avoid protocol relative redirects no upstream, https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b.patch
CVE-2023-42795.patch Improve handling of failures during recycle() methods no upstream, https://github.com/apache/tomcat/commit/44d05d75d696ca10ce251e4e370511e38f20ae75
CVE-2023-44487.patch Improvements to HTTP/2 overhead protection. https://github.com/apache/tomcat/commit/94480483910f2d19561e88fb194d7b415bb527da
https://github.com/apache/tomcat/commit/caafb952f77107fb4730546e60bf5d7756ef4c5a
https://github.com/apache/tomcat/commit/3f0efca913b09fa3a3d9c246cc29045ac8a2befe
https://github.com/apache/tomcat/commit/c551ecaa1ba4ffe50a67009a9c94efb03439ae8b
https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a		 no backport, https://github.com/apache/tomcat/commit/30cae120a61f075b1712f2e8da4daa23f1135c83
CVE-2023-45648.patch Align processing of trailer headers with standard processing no upstream, https://github.com/apache/tomcat/commit/59583245639d8c42ae0009f4a4a70464d3ea70a0
CVE-2024-23672.patch CVE-2024-23672 Markus Koschany <apo@debian.org> no debian https://github.com/apache/tomcat/commit/0052b374684b613b0c849899b325ebe334ac6501 2024-04-03
CVE-2024-24549.patch CVE-2024-24549 Markus Koschany <apo@debian.org> no debian https://github.com/apache/tomcat/commit/d07c82194edb69d99b438828fe2cbfadbb207843 2024-04-03
CVE-2023-46589.patch CVE-2023-46589 Markus Koschany <apo@debian.org> no debian https://github.com/apache/tomcat/commit/b5776d769bffeade865061bc8ecbeb2b56167b08 2024-04-03

All known versions for source package 'tomcat9'

Links