| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 01_dont_copy_test_lib.diff | Don't try to copy some JAR files into "lib" directory. | Damien Raude-Morvan <drazzib@drazzib.com> | not-needed | vendor | 2011-03-06 | |
| 02_junit_45.diff | compatibility patch for JUnit 4.5 | Damien Raude-Morvan <drazzib@drazzib.com> | no | vendor | 2009-07-16 | |
| 03_servlet_api_compatibility.diff | Fix the compatibility with the Servlet API 3.1 | Emmanuel Bourg <ebourg@apache.org> | no | |||
| 04_dom4j2_compatibility.diff | Fixes the compatibility with dom4j 2.x | Emmanuel Bourg <ebourg@apache.org> | no | |||
| CVE-2020-13959.patch | [PATCH] Fixed Reflected XSS Vuln Velocity Tools has an automatically generated error page, which echoes back the file name unescaped. This commit sanitizes user input and fixes the XSS Vulnerability! Updated XSS Vuln fix (used StringEscapeUtils) |
Jackson Henry <54763344+JHHAX@users.noreply.github.com> | no | debian | 2020-10-08 |