tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r1563634 - in /tomcat/site/trunk: ./ docs/ xdocs/
Date Sun, 02 Feb 2014 15:26:07 GMT
Author: markt
Date: Sun Feb  2 15:26:07 2014
New Revision: 1563634

URL: http://svn.apache.org/r1563634
Log:
Update for 6.0.39 release (excluding docs)

Modified:
    tomcat/site/trunk/build.properties.default
    tomcat/site/trunk/docs/doap_Tomcat.rdf
    tomcat/site/trunk/docs/download-60.html
    tomcat/site/trunk/docs/index.html
    tomcat/site/trunk/docs/migration-6.html
    tomcat/site/trunk/docs/oldnews-2013.html
    tomcat/site/trunk/docs/security-6.html
    tomcat/site/trunk/docs/whichversion.html
    tomcat/site/trunk/xdocs/doap_Tomcat.rdf
    tomcat/site/trunk/xdocs/download-60.xml
    tomcat/site/trunk/xdocs/index.xml
    tomcat/site/trunk/xdocs/migration-6.xml
    tomcat/site/trunk/xdocs/oldnews-2013.xml
    tomcat/site/trunk/xdocs/security-6.xml
    tomcat/site/trunk/xdocs/whichversion.xml

Modified: tomcat/site/trunk/build.properties.default
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/build.properties.default?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/build.properties.default (original)
+++ tomcat/site/trunk/build.properties.default Sun Feb  2 15:26:07 2014
@@ -36,7 +36,7 @@ tomcat.loc=http://www.apache.org/dist/to
 
 
 # ----- Tomcat versions -----
-tomcat60=6.0.36
+tomcat60=6.0.39
 tomcat70=7.0.50
 tomcat80=8.0.0-RC10
 

Modified: tomcat/site/trunk/docs/doap_Tomcat.rdf
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/doap_Tomcat.rdf?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/doap_Tomcat.rdf (original)
+++ tomcat/site/trunk/docs/doap_Tomcat.rdf Sun Feb  2 15:26:07 2014
@@ -71,8 +71,8 @@
     <release>
       <Version>
         <name>Latest Stable 6.0.x Release</name>
-        <created>2013-05-03</created>
-        <revision>6.0.37</revision>
+        <created>2013-01-31</created>
+        <revision>6.0.39</revision>
       </Version>
     </release>
     <repository>

Modified: tomcat/site/trunk/docs/download-60.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-60.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/download-60.html (original)
+++ tomcat/site/trunk/docs/download-60.html Sun Feb  2 15:26:07 2014
@@ -204,8 +204,8 @@
 <div class="text">
         
 <a href="https://www.apache.org/dist/tomcat/tomcat-6/KEYS">KEYS</a> |
-        <a href="#6.0.37">6.0.37</a> |
-        <a href="[preferred]tomcat/tomcat-6/v6.0.37" rel="nofollow">Browse</a>
|
+        <a href="#6.0.39">6.0.39</a> |
+        <a href="[preferred]tomcat/tomcat-6/v6.0.39" rel="nofollow">Browse</a>
|
         <a href="http://archive.apache.org/dist/tomcat/tomcat-6">Archives</a>
       
 </div>
@@ -251,12 +251,12 @@
    
   
 </div>
-<h3 id="6.0.37">6.0.37</h3>
+<h3 id="6.0.39">6.0.39</h3>
 <div class="text">
       
 <p>
       Please see the 
-      <a href="[preferred]tomcat/tomcat-6/v6.0.37/README.html" rel="nofollow">README</a>
+      <a href="[preferred]tomcat/tomcat-6/v6.0.39/README.html" rel="nofollow">README</a>
       file for packaging information.  It explains what every distribution contains.
       </p>
 
@@ -272,44 +272,44 @@
           
 <li>
             
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip" rel="nofollow">zip</a>

-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip.md5">md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip" rel="nofollow">zip</a>

+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip.md5">md5</a>)
           </li>
           
 <li>
             
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz" rel="nofollow">tar.gz</a>

-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz.md5">md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz" rel="nofollow">tar.gz</a>

+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz.md5">md5</a>)
           </li>
           
 <li>
             
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip"
rel="nofollow">32-bit Windows zip</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip.md5">md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip"
rel="nofollow">32-bit Windows zip</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip.md5">md5</a>)
           </li>
           
 <li>
             
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip"
rel="nofollow">64-bit Windows zip</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip.md5">md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip"
rel="nofollow">64-bit Windows zip</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip.md5">md5</a>)
           </li>
           
 <li>
             
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip"
rel="nofollow">64-bit Itanium Windows zip</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip.md5">md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip"
rel="nofollow">64-bit Itanium Windows zip</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip.md5">md5</a>)
           </li>
           
 <li>
             
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe" rel="nofollow">32-bit/64-bit
Windows Service Installer</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe.md5">md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe" rel="nofollow">32-bit/64-bit
Windows Service Installer</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe.md5">md5</a>)
           </li>
           
 </ul>
@@ -321,16 +321,16 @@
           
 <li>
             
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip" rel="nofollow">zip</a>

-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip.asc">pgp</a>,
 
-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip.md5">md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip" rel="nofollow">zip</a>

+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip.asc">pgp</a>,
 
+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip.md5">md5</a>)
           </li>
           
 <li>
             
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz"
rel="nofollow">tar.gz</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz.md5">md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz"
rel="nofollow">tar.gz</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz.md5">md5</a>)
           </li>
           
 </ul>
@@ -353,16 +353,16 @@
         
 <li>
           
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz" rel="nofollow">tar.gz</a>

-          (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz.asc">pgp</a>,

-          <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz.md5">md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz" rel="nofollow">tar.gz</a>

+          (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz.asc">pgp</a>,

+          <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz.md5">md5</a>)
         </li>
         
 <li>
           
-<a href="[preferred]tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip" rel="nofollow">zip</a>

-          (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip.asc">pgp</a>,

-          <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip.md5">md5</a>)
+<a href="[preferred]tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip" rel="nofollow">zip</a>

+          (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip.asc">pgp</a>,

+          <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip.md5">md5</a>)
         </li>
       
 </ul>

Modified: tomcat/site/trunk/docs/index.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/index.html (original)
+++ tomcat/site/trunk/docs/index.html Sun Feb  2 15:26:07 2014
@@ -224,6 +224,35 @@ project logo are trademarks of the Apach
 
 
 </div>
+<h3 id="Tomcat_6.0.39_Released">
+<span style="float: right;">2014-01-31</span> Tomcat 6.0.39 Released</h3>
+<div class="text">
+
+<p>
+The Apache Tomcat Project is proud to announce the release of version 6.0.39 of
+Apache Tomcat. This release includes a number of security and bug fixes over
+Apache Tomcat 6.0.37. The notable changes include:</p>
+
+<ul>
+
+<li>Various improvements to XML configuration file validation.</li>
+
+<li>Better adherence to RFC2616 for Content-Type and Content-Length headers.
+</li>
+
+<li>Avoid CVE-2013-1571 when generating Javadoc.</li>
+
+</ul>
+
+
+<p style="text-align: center;">
+
+<a href="download-60.cgi">Download</a> |
+<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.39</a>
+
+</p>
+
+</div>
 <h3 id="Tomcat_7.0.50_Released">
 <span style="float: right;">2014-01-08</span> Tomcat 7.0.50 Released</h3>
 <div class="text">
@@ -396,25 +425,6 @@ Tomcat Native.
 </p>
 
 </div>
-<h3 id="Tomcat_6.0.37_Released">
-<span style="float: right;">2013-05-03</span> Tomcat 6.0.37 Released</h3>
-<div class="text">
-
-<p>
-The Apache Tomcat Project is proud to announce the release of version 6.0.37 of
-Apache Tomcat. This release includes security and bug fixes over Apache Tomcat
-6.0.36.
-
-</p>
-
-<p style="text-align: center;">
-
-<a href="download-60.cgi">Download</a> |
-<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.37</a>
-
-</p>
-
-</div>
 <h3 id="Tomcat_Connectors_1.2.37_Released">
 <span style="float: right;">2012-05-31</span> Tomcat Connectors 1.2.37 Released</h3>
 <div class="text">

Modified: tomcat/site/trunk/docs/migration-6.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-6.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/migration-6.html (original)
+++ tomcat/site/trunk/docs/migration-6.html Sun Feb  2 15:26:07 2014
@@ -534,7 +534,8 @@ of Apache Tomcat.</p>
           "6.0.33":"1158221",
           "6.0.35":"1207053",
           "6.0.36":"1398690",
-          "6.0.37":"1476938"
+          "6.0.37":"1476938",
+          "6.0.39":"1561893",
         };
 
         formSubmit.action = "http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/" +
@@ -587,8 +588,9 @@ of Apache Tomcat.</p>
     <option value="6.0.32">6.0.32</option>
     <option value="6.0.33">6.0.33</option>
     <option value="6.0.35">6.0.35</option>
-    <option value="6.0.36" selected>6.0.36</option>
-    <option value="6.0.37">6.0.37</option>
+    <option value="6.0.36">6.0.36</option>
+    <option value="6.0.37" selected>6.0.37</option>
+    <option value="6.0.39">6.0.39</option>
     </select>,</label> <label>new version:
     <select id="select-r2">
     <option value="6.0.0">6.0.0</option>
@@ -614,7 +616,8 @@ of Apache Tomcat.</p>
     <option value="6.0.33">6.0.33</option>
     <option value="6.0.35">6.0.35</option>
     <option value="6.0.36">6.0.36</option>
-    <option value="6.0.37" selected>6.0.37</option>
+    <option value="6.0.37">6.0.37</option>
+    <option value="6.0.39" selected>6.0.39</option>
     <option value="HEAD">trunk (unreleased)</option>
     </select></label>
     

Modified: tomcat/site/trunk/docs/oldnews-2013.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/oldnews-2013.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/oldnews-2013.html (original)
+++ tomcat/site/trunk/docs/oldnews-2013.html Sun Feb  2 15:26:07 2014
@@ -527,6 +527,25 @@ Full details of these changes, and all t
 </p>
 
 </div>
+<h3 id="Tomcat_6.0.37_Released">
+<span style="float: right;">2013-05-03</span> Tomcat 6.0.37 Released</h3>
+<div class="text">
+
+<p>
+The Apache Tomcat Project is proud to announce the release of version 6.0.37 of
+Apache Tomcat. This release includes security and bug fixes over Apache Tomcat
+6.0.36.
+
+</p>
+
+<p style="text-align: center;">
+
+<a href="download-60.cgi">Download</a> |
+<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.37</a>
+
+</p>
+
+</div>
 <h3 id="Tomcat_7.0.39_Released">
 <span style="float: right;">2013-03-26</span> Tomcat 7.0.39 Released</h3>
 <div class="text">

Modified: tomcat/site/trunk/docs/security-6.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-6.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-6.html (original)
+++ tomcat/site/trunk/docs/security-6.html Sun Feb  2 15:26:07 2014
@@ -200,6 +200,9 @@
 <a href="#Apache_Tomcat_6.x_vulnerabilities">Apache Tomcat 6.x vulnerabilities</a>
 </li>
 <li>
+<a href="#Fixed_in_Apache_Tomcat_6.0.39">Fixed in Apache Tomcat 6.0.39</a>
+</li>
+<li>
 <a href="#Fixed_in_Apache_Tomcat_6.0.37">Fixed in Apache Tomcat 6.0.37</a>
 </li>
 <li>
@@ -297,6 +300,64 @@
 
   
 </div>
+<h3 id="Fixed_in_Apache_Tomcat_6.0.39">
+<span style="float: right;">released 31 January 2014</span> Fixed in Apache Tomcat
6.0.39</h3>
+<div class="text">
+
+    
+<p>
+<i>Note: The issue below was fixed in Apache Tomcat 6.0.38 but the
+       release vote for the 6.0.38 release candidate did not pass. Therefore,
+       although users must download 6.0.39 to obtain a version that includes a
+       fix for these issues, version 6.0.38 is not  included in the list of
+       affected versions.</i>
+</p>
+
+    
+<p>
+<strong>Low: Frame injection in documentation Javadoc</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571" rel="nofollow">CVE-2013-1571</a>
+</p>
+
+    
+<p>Tomcat 6 is built with Java 5 which is known to generate Javadoc with a
+       frame injection vulnerability.</p>
+
+    
+<p>The published Javadoc on the Apache Tomcat website was fixed the day
+       this issue was announced. The Javadoc generation for releases was fixed
+       in revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1557724">1557724</a>.</p>
+
+    
+<p>This issue was published by Oracle on 18 June 2013.</p>
+
+    
+<p>Affects: 6.0.0-6.0.37</p>
+
+    
+<p>
+<strong>Important: Denial of service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544" rel="nofollow">CVE-2012-3544</a>
+</p>
+
+    
+<p>When processing a request submitted using the chunked transfer encoding,
+       Tomcat ignored but did not limit any extensions that were included. This
+       allows a client to perform a limited DOS by streaming an unlimited
+       amount of data to the server.</p>
+
+    
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1476592">1476592</a>.</p>
+
+    
+<p>This issue was reported to the Tomcat security team on 10 November 2011
+       and made public on 10 May 2013.</p>
+
+    
+<p>Affects: 6.0.0-6.0.36</p>
+
+  
+</div>
 <h3 id="Fixed_in_Apache_Tomcat_6.0.37">
 <span style="float: right;">released 3 May 2013</span> Fixed in Apache Tomcat
6.0.37</h3>
 <div class="text">

Modified: tomcat/site/trunk/docs/whichversion.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/whichversion.html?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/docs/whichversion.html (original)
+++ tomcat/site/trunk/docs/whichversion.html Sun Feb  2 15:26:07 2014
@@ -253,7 +253,7 @@ mapping between the specifications and t
   <td>2.1</td>
   <td>N/A</td>
   <td>6.0.x</td>
-  <td>6.0.37</td>
+  <td>6.0.39</td>
   <td>1.5</td>
 
 </tr>

Modified: tomcat/site/trunk/xdocs/doap_Tomcat.rdf
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/doap_Tomcat.rdf?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/doap_Tomcat.rdf (original)
+++ tomcat/site/trunk/xdocs/doap_Tomcat.rdf Sun Feb  2 15:26:07 2014
@@ -71,8 +71,8 @@
     <release>
       <Version>
         <name>Latest Stable 6.0.x Release</name>
-        <created>2013-05-03</created>
-        <revision>6.0.37</revision>
+        <created>2013-01-31</created>
+        <revision>6.0.39</revision>
       </Version>
     </release>
     <repository>

Modified: tomcat/site/trunk/xdocs/download-60.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/download-60.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/download-60.xml (original)
+++ tomcat/site/trunk/xdocs/download-60.xml Sun Feb  2 15:26:07 2014
@@ -15,8 +15,8 @@
       <!-- Begin quick navigation section -->
       <section name="Quick Navigation">
         <a href="https://www.apache.org/dist/tomcat/tomcat-6/KEYS">KEYS</a> |
-        <a href="#6.0.37">6.0.37</a> |
-        <a href="[preferred]tomcat/tomcat-6/v6.0.37" rel="nofollow">Browse</a>
|
+        <a href="#6.0.39">6.0.39</a> |
+        <a href="[preferred]tomcat/tomcat-6/v6.0.39" rel="nofollow">Browse</a>
|
         <a href="http://archive.apache.org/dist/tomcat/tomcat-6">Archives</a>
       </section>
       <!-- End quick navigation section -->
@@ -58,11 +58,11 @@
   </section>
   <!-- End mirrors section -->
 
-      <!-- Begin 6.0.37 section -->
-      <section name="6.0.37">
+      <!-- Begin 6.0.39 section -->
+      <section name="6.0.39">
       <p>
       Please see the 
-      <a href="[preferred]tomcat/tomcat-6/v6.0.37/README.html" rel="nofollow">README</a>
+      <a href="[preferred]tomcat/tomcat-6/v6.0.39/README.html" rel="nofollow">README</a>
       file for packaging information.  It explains what every distribution contains.
       </p>
 
@@ -71,74 +71,74 @@
         <li>Core:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip"
rel="nofollow">zip</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip"
rel="nofollow">zip</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz"
rel="nofollow">tar.gz</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.tar.gz.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz"
rel="nofollow">tar.gz</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.tar.gz.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip"
rel="nofollow">32-bit Windows zip</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x86.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip"
rel="nofollow">32-bit Windows zip</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x86.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip"
rel="nofollow">64-bit Windows zip</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-x64.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip"
rel="nofollow">64-bit Windows zip</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-x64.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip"
rel="nofollow">64-bit Itanium Windows zip</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-windows-i64.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip"
rel="nofollow">64-bit Itanium Windows zip</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-windows-i64.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe"
rel="nofollow">32-bit/64-bit Windows Service Installer</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37.exe.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe"
rel="nofollow">32-bit/64-bit Windows Service Installer</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39.exe.md5">md5</a>)
           </li>
           </ul>
         </li>
         <li>Deployer:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip"
rel="nofollow">zip</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip.asc">pgp</a>,
 
-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip"
rel="nofollow">zip</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip.asc">pgp</a>,
 
+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz"
rel="nofollow">tar.gz</a> 
-            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz.asc">pgp</a>,

-            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/bin/apache-tomcat-6.0.37-deployer.tar.gz.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz"
rel="nofollow">tar.gz</a> 
+            (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz.asc">pgp</a>,

+            <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/bin/apache-tomcat-6.0.39-deployer.tar.gz.md5">md5</a>)
           </li>
           </ul>
         </li>
       </ul>
       </subsection>
-      <!-- End of 6.0.37 binary section -->
+      <!-- End of 6.0.39 binary section -->
  
-      <!-- Begin 6.0.37 source section -->
+      <!-- Begin 6.0.39 source section -->
       <subsection name="Source Code Distributions">
       <ul>
         <li>
-          <a href="[preferred]tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz"
rel="nofollow">tar.gz</a> 
-          (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz.asc">pgp</a>,

-          <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.tar.gz.md5">md5</a>)
+          <a href="[preferred]tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz"
rel="nofollow">tar.gz</a> 
+          (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz.asc">pgp</a>,

+          <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.tar.gz.md5">md5</a>)
         </li>
         <li>
-          <a href="[preferred]tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip"
rel="nofollow">zip</a> 
-          (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip.asc">pgp</a>,

-          <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.37/src/apache-tomcat-6.0.37-src.zip.md5">md5</a>)
+          <a href="[preferred]tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip"
rel="nofollow">zip</a> 
+          (<a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip.asc">pgp</a>,

+          <a href="https://www.apache.org/dist/tomcat/tomcat-6/v6.0.39/src/apache-tomcat-6.0.39-src.zip.md5">md5</a>)
         </li>
       </ul>
       </subsection>
-      <!-- End 6.0.37 source section -->
+      <!-- End 6.0.39 source section -->
 
     </section>
-    <!-- End 6.0.37 section -->
+    <!-- End 6.0.39 section -->
 
 </body>
 </document>

Modified: tomcat/site/trunk/xdocs/index.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/index.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/index.xml (original)
+++ tomcat/site/trunk/xdocs/index.xml Sun Feb  2 15:26:07 2014
@@ -37,6 +37,24 @@ project logo are trademarks of the Apach
 
 </section>
 
+<section name="Tomcat 6.0.39 Released" rtext="2014-01-31">
+<p>
+The Apache Tomcat Project is proud to announce the release of version 6.0.39 of
+Apache Tomcat. This release includes a number of security and bug fixes over
+Apache Tomcat 6.0.37. The notable changes include:</p>
+<ul>
+<li>Various improvements to XML configuration file validation.</li>
+<li>Better adherence to RFC2616 for Content-Type and Content-Length headers.
+</li>
+<li>Avoid CVE-2013-1571 when generating Javadoc.</li>
+</ul>
+
+<p style="text-align: center;">
+<a href="download-60.cgi">Download</a> |
+<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.39</a>
+</p>
+</section>
+
 <section name="Tomcat 7.0.50 Released" rtext="2014-01-08">
 <p>
 The Apache Tomcat Project is proud to announce the release of version 7.0.50 of
@@ -154,19 +172,6 @@ Tomcat Native.
 </p>
 </section>
 
-<section name="Tomcat 6.0.37 Released" rtext="2013-05-03">
-<p>
-The Apache Tomcat Project is proud to announce the release of version 6.0.37 of
-Apache Tomcat. This release includes security and bug fixes over Apache Tomcat
-6.0.36.
-
-</p>
-<p style="text-align: center;">
-<a href="download-60.cgi">Download</a> |
-<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.37</a>
-</p>
-</section>
-
 <section name="Tomcat Connectors 1.2.37 Released" rtext="2012-05-31">
 <p>
 The Apache Tomcat Project is proud to announce the release of version 1.2.37 of

Modified: tomcat/site/trunk/xdocs/migration-6.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/migration-6.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/migration-6.xml (original)
+++ tomcat/site/trunk/xdocs/migration-6.xml Sun Feb  2 15:26:07 2014
@@ -211,7 +211,8 @@ of Apache Tomcat.</p>
           "6.0.33":"1158221",
           "6.0.35":"1207053",
           "6.0.36":"1398690",
-          "6.0.37":"1476938"
+          "6.0.37":"1476938",
+          "6.0.39":"1561893",
         };
 
         formSubmit.action = "http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/" +
@@ -259,8 +260,9 @@ of Apache Tomcat.</p>
     <option value="6.0.32">6.0.32</option>
     <option value="6.0.33">6.0.33</option>
     <option value="6.0.35">6.0.35</option>
-    <option value="6.0.36" selected="selected">6.0.36</option>
-    <option value="6.0.37">6.0.37</option>
+    <option value="6.0.36">6.0.36</option>
+    <option value="6.0.37" selected="selected">6.0.37</option>
+    <option value="6.0.39">6.0.39</option>
     </select>,</label> <label>new version:
     <select id="select-r2">
     <option value="6.0.0">6.0.0</option>
@@ -286,7 +288,8 @@ of Apache Tomcat.</p>
     <option value="6.0.33">6.0.33</option>
     <option value="6.0.35">6.0.35</option>
     <option value="6.0.36">6.0.36</option>
-    <option value="6.0.37" selected="selected">6.0.37</option>
+    <option value="6.0.37">6.0.37</option>
+    <option value="6.0.39" selected="selected">6.0.39</option>
     <option value="HEAD">trunk (unreleased)</option>
     </select></label>
     </p>

Modified: tomcat/site/trunk/xdocs/oldnews-2013.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/oldnews-2013.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/oldnews-2013.xml (original)
+++ tomcat/site/trunk/xdocs/oldnews-2013.xml Sun Feb  2 15:26:07 2014
@@ -247,6 +247,19 @@ Full details of these changes, and all t
 </p>
 </section>
 
+<section name="Tomcat 6.0.37 Released" rtext="2013-05-03">
+<p>
+The Apache Tomcat Project is proud to announce the release of version 6.0.37 of
+Apache Tomcat. This release includes security and bug fixes over Apache Tomcat
+6.0.36.
+
+</p>
+<p style="text-align: center;">
+<a href="download-60.cgi">Download</a> |
+<a href="tomcat-6.0-doc/changelog.html">ChangeLog for 6.0.37</a>
+</p>
+</section>
+
 <section name="Tomcat 7.0.39 Released" rtext="2013-03-26">
 <p>
 The Apache Tomcat Project is proud to announce the release of version 7.0.39 of

Modified: tomcat/site/trunk/xdocs/security-6.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-6.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-6.xml (original)
+++ tomcat/site/trunk/xdocs/security-6.xml Sun Feb  2 15:26:07 2014
@@ -49,6 +49,45 @@
   </section>
 
 
+  <section name="Fixed in Apache Tomcat 6.0.39" rtext="released 31 January 2014">
+
+    <p><i>Note: The issue below was fixed in Apache Tomcat 6.0.38 but the
+       release vote for the 6.0.38 release candidate did not pass. Therefore,
+       although users must download 6.0.39 to obtain a version that includes a
+       fix for these issues, version 6.0.38 is not  included in the list of
+       affected versions.</i></p>
+
+    <p><strong>Low: Frame injection in documentation Javadoc</strong>
+       <cve>CVE-2013-1571</cve></p>
+
+    <p>Tomcat 6 is built with Java 5 which is known to generate Javadoc with a
+       frame injection vulnerability.</p>
+
+    <p>The published Javadoc on the Apache Tomcat website was fixed the day
+       this issue was announced. The Javadoc generation for releases was fixed
+       in revision <revlink rev="1557724">1557724</revlink>.</p>
+
+    <p>This issue was published by Oracle on 18 June 2013.</p>
+
+    <p>Affects: 6.0.0-6.0.37</p>
+
+    <p><strong>Important: Denial of service</strong>
+       <cve>CVE-2012-3544</cve></p>
+
+    <p>When processing a request submitted using the chunked transfer encoding,
+       Tomcat ignored but did not limit any extensions that were included. This
+       allows a client to perform a limited DOS by streaming an unlimited
+       amount of data to the server.</p>
+
+    <p>This was fixed in revision <revlink rev="1476592">1476592</revlink>.</p>
+
+    <p>This issue was reported to the Tomcat security team on 10 November 2011
+       and made public on 10 May 2013.</p>
+
+    <p>Affects: 6.0.0-6.0.36</p>
+
+  </section>
+  
   <section name="Fixed in Apache Tomcat 6.0.37" rtext="released 3 May 2013">
 
     <p><strong>Important: Session fixation</strong>

Modified: tomcat/site/trunk/xdocs/whichversion.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/whichversion.xml?rev=1563634&r1=1563633&r2=1563634&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/whichversion.xml (original)
+++ tomcat/site/trunk/xdocs/whichversion.xml Sun Feb  2 15:26:07 2014
@@ -55,7 +55,7 @@ mapping between the specifications and t
   <td>2.1</td>
   <td>N/A</td>
   <td>6.0.x</td>
-  <td>6.0.37</td>
+  <td>6.0.39</td>
   <td>1.5</td>
 </tr>
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message