[#CWD-710] Update Tomcat to 5.5.25 to fix reported vulns

Crowd

Update Tomcat to 5.5.25 to fix reported vulns

Created: 03/Jan/08 05:14 PM Updated: 15/Jan/08 08:33 PM

Component/s:

None

Affects Version/s:

1.2.1

Fix Version/s:

1.2.2

Time Tracking:

Original Estimate:

2 hours

Remaining Estimate:

2 hours

Time Spent:

Not Specified

Issue Links:

Blocker

This issue blocks:

~~CWD-717~~ When 1.2.1 was being released mvn release:perform didn't deploy the artifact

Part

This issue incorporates:

~~CWD-654~~ Xalan is missing from the demo applications WEB-INF/lib folder.

Participants:	David O'Flynn [Atlassian] and James Dumay [Atlassian]
Since last comment:	51 weeks, 1 day ago
Resolution Date:	15/Jan/08 08:33 PM
Labels:

Description

« Hide

A number of vulnerabilities have been reported in Tomcat. Update our packaged instance to the patched version.

All

Comments

Work Log

Change History

Sort Order:

[ Permlink | « Hide ]

James Dumay [Atlassian] added a comment - 03/Jan/08 05:59 PM

Checked in r51038 and r51037 with requested change.

[ Permlink | « Hide ]

David O'Flynn [Atlassian] added a comment - 07/Jan/08 12:06 AM

crowd/distribution/trunk/standalone/src/main/assembly/standalone.xml contains hard-coded paths that reference the tomcat directory by name. They've not been updated, meaning that the built artifacts are invalid.

[ Permlink | « Hide ]

James Dumay [Atlassian] added a comment - 14/Jan/08 05:31 PM

Fixed on stable. Need to merge into trunk.

[ Permlink | « Hide ]

James Dumay [Atlassian] added a comment - 15/Jan/08 08:33 PM

Not fixed on trunk