Browse code
apache-tomcat: Upgrading to version 8.5.35
Change-Id: Ic8c08a535d7d96a26938f6a054ba5e9fb7f3b07c
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/6343
Reviewed-by: Priyesh Padmavilasom <ppadmavilasom@vmware.com>
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Dweep Advani <dadvani@vmware.com>
dweepadvani authored on 2018/12/09 06:15:15Showing 3 changed files
- SPECS/apache-tomcat/apache-tomcat-fix-cve-2018-8014.patch
- SPECS/apache-tomcat/apache-tomcat-use-jks-as-inmem-keystore.patch
- SPECS/apache-tomcat/apache-tomcat.spec
| 1 | 1 |
deleted file mode 100644 |
| ... | ... |
@@ -1,253 +0,0 @@ |
| 1 |
-+++ b/java/org/apache/catalina/filters/CorsFilter.java.new 2018/05/16 14:54:09 1831728 |
|
| 2 |
-@@ -267,17 +267,14 @@ |
|
| 3 |
- |
|
| 4 |
- // Section 6.1.3 |
|
| 5 |
- // Add a single Access-Control-Allow-Origin header. |
|
| 6 |
-- if (anyOriginAllowed && !supportsCredentials) {
|
|
| 7 |
-- // If resource doesn't support credentials and if any origin is |
|
| 8 |
-- // allowed |
|
| 9 |
-- // to make CORS request, return header with '*'. |
|
| 10 |
-+ if (anyOriginAllowed) {
|
|
| 11 |
-+ // If any origin is allowed, return header with '*'. |
|
| 12 |
- response.addHeader( |
|
| 13 |
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN, |
|
| 14 |
- "*"); |
|
| 15 |
- } else {
|
|
| 16 |
-- // If the resource supports credentials add a single |
|
| 17 |
-- // Access-Control-Allow-Origin header, with the value of the Origin |
|
| 18 |
-- // header as value. |
|
| 19 |
-+ // Add a single Access-Control-Allow-Origin header, with the value |
|
| 20 |
-+ // of the Origin header as value. |
|
| 21 |
- response.addHeader( |
|
| 22 |
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN, |
|
| 23 |
- origin); |
|
| 24 |
-@@ -781,6 +778,10 @@ |
|
| 25 |
- // For any value other then 'true' this will be false. |
|
| 26 |
- this.supportsCredentials = Boolean.parseBoolean(supportsCredentials); |
|
| 27 |
- |
|
| 28 |
-+ if (this.supportsCredentials && this.anyOriginAllowed) {
|
|
| 29 |
-+ throw new ServletException(sm.getString("corsFilter.invalidSupportsCredentials"));
|
|
| 30 |
-+ } |
|
| 31 |
-+ |
|
| 32 |
- try {
|
|
| 33 |
- if (!preflightMaxAge.isEmpty()) {
|
|
| 34 |
- this.preflightMaxAge = Long.parseLong(preflightMaxAge); |
|
| 35 |
-@@ -1090,7 +1091,7 @@ |
|
| 36 |
- /** |
|
| 37 |
- * By default, all origins are allowed to make requests. |
|
| 38 |
- */ |
|
| 39 |
-- public static final String DEFAULT_ALLOWED_ORIGINS = "*"; |
|
| 40 |
-+ public static final String DEFAULT_ALLOWED_ORIGINS = ""; |
|
| 41 |
- |
|
| 42 |
- /** |
|
| 43 |
- * By default, following methods are supported: GET, POST, HEAD and OPTIONS. |
|
| 44 |
-@@ -1106,7 +1107,7 @@ |
|
| 45 |
- /** |
|
| 46 |
- * By default, support credentials is turned on. |
|
| 47 |
- */ |
|
| 48 |
-- public static final String DEFAULT_SUPPORTS_CREDENTIALS = "true"; |
|
| 49 |
-+ public static final String DEFAULT_SUPPORTS_CREDENTIALS = "false"; |
|
| 50 |
- |
|
| 51 |
- /** |
|
| 52 |
- * By default, following headers are supported: |
|
| 53 |
- |
|
| 54 |
-+++ b/java/org/apache/catalina/filters/LocalStrings.properties.new 2018/05/16 14:54:09 1831728 |
|
| 55 |
-@@ -14,6 +14,8 @@ |
|
| 56 |
- # limitations under the License. |
|
| 57 |
- |
|
| 58 |
- addDefaultCharset.unsupportedCharset=Specified character set [{0}] is not supported
|
|
| 59 |
-+ |
|
| 60 |
-+corsFilter.invalidSupportsCredentials=It is not allowed to configure supportsCredentials=[true] when allowedOrigins=[*] |
|
| 61 |
- corsFilter.invalidPreflightMaxAge=Unable to parse preflightMaxAge |
|
| 62 |
- corsFilter.nullRequest=HttpServletRequest object is null |
|
| 63 |
- corsFilter.nullRequestType=CORSRequestType object is null |
|
| 64 |
- |
|
| 65 |
-+++ b/test/org/apache/catalina/filters/TestCorsFilter.java.new 2018/05/16 14:54:09 1831728 |
|
| 66 |
-@@ -55,8 +55,7 @@ |
|
| 67 |
- corsFilter.doFilter(request, response, filterChain); |
|
| 68 |
- |
|
| 69 |
- Assert.assertTrue(response.getHeader( |
|
| 70 |
-- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals( |
|
| 71 |
-- "https://www.apache.org")); |
|
| 72 |
-+ CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
|
|
| 73 |
- Assert.assertTrue(((Boolean) request.getAttribute( |
|
| 74 |
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue()); |
|
| 75 |
- Assert.assertTrue(request.getAttribute( |
|
| 76 |
-@@ -88,8 +87,7 @@ |
|
| 77 |
- corsFilter.doFilter(request, response, filterChain); |
|
| 78 |
- |
|
| 79 |
- Assert.assertTrue(response.getHeader( |
|
| 80 |
-- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals( |
|
| 81 |
-- "https://www.apache.org")); |
|
| 82 |
-+ CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
|
|
| 83 |
- Assert.assertTrue(((Boolean) request.getAttribute( |
|
| 84 |
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue()); |
|
| 85 |
- Assert.assertTrue(request.getAttribute( |
|
| 86 |
-@@ -120,8 +118,7 @@ |
|
| 87 |
- corsFilter.doFilter(request, response, filterChain); |
|
| 88 |
- |
|
| 89 |
- Assert.assertTrue(response.getHeader( |
|
| 90 |
-- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals( |
|
| 91 |
-- "https://www.apache.org")); |
|
| 92 |
-+ CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
|
|
| 93 |
- Assert.assertTrue(((Boolean) request.getAttribute( |
|
| 94 |
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue()); |
|
| 95 |
- Assert.assertTrue(request.getAttribute( |
|
| 96 |
-@@ -166,41 +163,15 @@ |
|
| 97 |
- } |
|
| 98 |
- |
|
| 99 |
- /* |
|
| 100 |
-- * Tests the presence of the origin (and not '*') in the response, when |
|
| 101 |
-- * supports credentials is enabled alongwith any origin, '*'. |
|
| 102 |
-+ * Tests the that supports credentials may not be enabled with any origin, |
|
| 103 |
-+ * '*'. |
|
| 104 |
- * |
|
| 105 |
-- * @throws IOException |
|
| 106 |
- * @throws ServletException |
|
| 107 |
- */ |
|
| 108 |
-- @Test |
|
| 109 |
-- public void testDoFilterSimpleAnyOriginAndSupportsCredentials() |
|
| 110 |
-- throws IOException, ServletException {
|
|
| 111 |
-- TesterHttpServletRequest request = new TesterHttpServletRequest(); |
|
| 112 |
-- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, |
|
| 113 |
-- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG); |
|
| 114 |
-- request.setMethod("GET");
|
|
| 115 |
-- TesterHttpServletResponse response = new TesterHttpServletResponse(); |
|
| 116 |
-- |
|
| 117 |
-+ @Test(expected=ServletException.class) |
|
| 118 |
-+ public void testDoFilterSimpleAnyOriginAndSupportsCredentials() throws ServletException {
|
|
| 119 |
- CorsFilter corsFilter = new CorsFilter(); |
|
| 120 |
-- corsFilter.init(TesterFilterConfigs |
|
| 121 |
-- .getFilterConfigAnyOriginAndSupportsCredentials()); |
|
| 122 |
-- corsFilter.doFilter(request, response, filterChain); |
|
| 123 |
-- |
|
| 124 |
-- Assert.assertTrue(response.getHeader( |
|
| 125 |
-- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals( |
|
| 126 |
-- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG)); |
|
| 127 |
-- Assert.assertTrue(response.getHeader( |
|
| 128 |
-- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_CREDENTIALS) |
|
| 129 |
-- .equals( |
|
| 130 |
-- "true")); |
|
| 131 |
-- Assert.assertTrue(((Boolean) request.getAttribute( |
|
| 132 |
-- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue()); |
|
| 133 |
-- Assert.assertTrue(request.getAttribute( |
|
| 134 |
-- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals( |
|
| 135 |
-- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG)); |
|
| 136 |
-- Assert.assertTrue(request.getAttribute( |
|
| 137 |
-- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals( |
|
| 138 |
-- CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH))); |
|
| 139 |
-+ corsFilter.init(TesterFilterConfigs.getFilterConfigAnyOriginAndSupportsCredentials()); |
|
| 140 |
- } |
|
| 141 |
- |
|
| 142 |
- /* |
|
| 143 |
-@@ -261,8 +232,7 @@ |
|
| 144 |
- corsFilter.doFilter(request, response, filterChain); |
|
| 145 |
- |
|
| 146 |
- Assert.assertTrue(response.getHeader( |
|
| 147 |
-- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals( |
|
| 148 |
-- "https://www.apache.org")); |
|
| 149 |
-+ CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
|
|
| 150 |
- Assert.assertTrue(response.getHeader( |
|
| 151 |
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_EXPOSE_HEADERS) |
|
| 152 |
- .equals(TesterFilterConfigs.EXPOSED_HEADERS)); |
|
| 153 |
-@@ -727,9 +697,8 @@ |
|
| 154 |
- }); |
|
| 155 |
- corsFilter.doFilter(request, response, filterChain); |
|
| 156 |
- |
|
| 157 |
-- Assert.assertTrue(response.getHeader( |
|
| 158 |
-- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals( |
|
| 159 |
-- "https://www.apache.org")); |
|
| 160 |
-+ Assert.assertNull(response.getHeader( |
|
| 161 |
-+ CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN)); |
|
| 162 |
- Assert.assertTrue(((Boolean) request.getAttribute( |
|
| 163 |
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue()); |
|
| 164 |
- Assert.assertTrue(request.getAttribute( |
|
| 165 |
-@@ -1412,7 +1381,7 @@ |
|
| 166 |
- Assert.assertTrue(corsFilter.getAllowedOrigins().size() == 0); |
|
| 167 |
- Assert.assertTrue(corsFilter.isAnyOriginAllowed()); |
|
| 168 |
- Assert.assertTrue(corsFilter.getExposedHeaders().size() == 0); |
|
| 169 |
-- Assert.assertTrue(corsFilter.isSupportsCredentials()); |
|
| 170 |
-+ Assert.assertFalse(corsFilter.isSupportsCredentials()); |
|
| 171 |
- Assert.assertTrue(corsFilter.getPreflightMaxAge() == 1800); |
|
| 172 |
- } |
|
| 173 |
- |
|
| 174 |
-@@ -1448,9 +1417,9 @@ |
|
| 175 |
- Assert.assertTrue(corsFilter.getAllowedHttpHeaders().size() == 6); |
|
| 176 |
- Assert.assertTrue(corsFilter.getAllowedHttpMethods().size() == 4); |
|
| 177 |
- Assert.assertTrue(corsFilter.getAllowedOrigins().size() == 0); |
|
| 178 |
-- Assert.assertTrue(corsFilter.isAnyOriginAllowed()); |
|
| 179 |
-+ Assert.assertFalse(corsFilter.isAnyOriginAllowed()); |
|
| 180 |
- Assert.assertTrue(corsFilter.getExposedHeaders().size() == 0); |
|
| 181 |
-- Assert.assertTrue(corsFilter.isSupportsCredentials()); |
|
| 182 |
-+ Assert.assertFalse(corsFilter.isSupportsCredentials()); |
|
| 183 |
- Assert.assertTrue(corsFilter.getPreflightMaxAge() == 1800); |
|
| 184 |
- } |
|
| 185 |
- |
|
| 186 |
-@@ -1554,8 +1523,7 @@ |
|
| 187 |
- corsFilter.doFilter(request, response, filterChain); |
|
| 188 |
- |
|
| 189 |
- Assert.assertTrue(response.getHeader( |
|
| 190 |
-- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals( |
|
| 191 |
-- "https://www.apache.org")); |
|
| 192 |
-+ CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
|
|
| 193 |
- Assert.assertNull(request |
|
| 194 |
- .getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)); |
|
| 195 |
- Assert.assertNull(request |
|
| 196 |
- |
|
| 197 |
-+++ b/test/org/apache/catalina/filters/TesterFilterConfigs.java.new 2018/05/16 14:54:09 1831728 |
|
| 198 |
-@@ -36,12 +36,13 @@ |
|
| 199 |
- public static final TesterServletContext mockServletContext = |
|
| 200 |
- new TesterServletContext(); |
|
| 201 |
- |
|
| 202 |
-+ // Default config for the test is to allow any origin |
|
| 203 |
- public static FilterConfig getDefaultFilterConfig() {
|
|
| 204 |
- final String allowedHttpHeaders = |
|
| 205 |
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
|
| 206 |
- final String allowedHttpMethods = |
|
| 207 |
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS; |
|
| 208 |
-- final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS; |
|
| 209 |
-+ final String allowedOrigins = ANY_ORIGIN; |
|
| 210 |
- final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
|
| 211 |
- final String supportCredentials = |
|
| 212 |
- CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS; |
|
| 213 |
-@@ -59,7 +60,7 @@ |
|
| 214 |
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
|
| 215 |
- final String allowedHttpMethods = |
|
| 216 |
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT"; |
|
| 217 |
-- final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS; |
|
| 218 |
-+ final String allowedOrigins = ANY_ORIGIN; |
|
| 219 |
- final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
|
| 220 |
- final String supportCredentials = "true"; |
|
| 221 |
- final String preflightMaxAge = |
|
| 222 |
-@@ -77,7 +78,7 @@ |
|
| 223 |
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
|
| 224 |
- final String allowedHttpMethods = |
|
| 225 |
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT"; |
|
| 226 |
-- final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS; |
|
| 227 |
-+ final String allowedOrigins = ANY_ORIGIN; |
|
| 228 |
- final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
|
| 229 |
- final String supportCredentials = "false"; |
|
| 230 |
- final String preflightMaxAge = |
|
| 231 |
-@@ -131,7 +132,7 @@ |
|
| 232 |
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
|
| 233 |
- final String allowedHttpMethods = |
|
| 234 |
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS; |
|
| 235 |
-- final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS; |
|
| 236 |
-+ final String allowedOrigins = ANY_ORIGIN; |
|
| 237 |
- final String exposedHeaders = EXPOSED_HEADERS; |
|
| 238 |
- final String supportCredentials = |
|
| 239 |
- CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS; |
|
| 240 |
-@@ -240,7 +241,7 @@ |
|
| 241 |
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS; |
|
| 242 |
- final String allowedHttpMethods = |
|
| 243 |
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS; |
|
| 244 |
-- final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS; |
|
| 245 |
-+ final String allowedOrigins = ANY_ORIGIN; |
|
| 246 |
- final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS; |
|
| 247 |
- final String supportCredentials = |
|
| 248 |
- CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS; |
|
| 249 |
- |
| ... | ... |
@@ -1,8 +1,8 @@ |
| 1 | 1 |
--- a/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java |
| 2 |
-+++ b/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java.new |
|
| 3 |
-@@ -241,13 +241,7 @@ public class JSSEUtil extends SSLUtilBase {
|
|
| 4 |
- Key k = ks.getKey(keyAlias, keyPassArray); |
|
| 5 |
- if (k != null && "PKCS#8".equalsIgnoreCase(k.getFormat())) {
|
|
| 2 |
+@@ -266,13 +266,7 @@ public class JSSEUtil extends SSLUtilBas |
|
| 3 |
+ if (k != null && !"DKS".equalsIgnoreCase(certificate.getCertificateKeystoreType()) && |
|
| 4 |
+ "PKCS#8".equalsIgnoreCase(k.getFormat())) {
|
|
| 6 | 5 |
// Switch to in-memory key store |
| 7 | 6 |
- String provider = certificate.getCertificateKeystoreProvider(); |
| 8 | 7 |
- if (provider == null) {
|
| ... | ... |
@@ -15,4 +15,3 @@ |
| 15 | 15 |
ksUsed.load(null, null); |
| 16 | 16 |
ksUsed.setKeyEntry(keyAlias, k, keyPassArray, ks.getCertificateChain(keyAlias)); |
| 17 | 17 |
} |
| 18 |
- |
| ... | ... |
@@ -1,20 +1,19 @@ |
| 1 | 1 |
Summary: Apache Tomcat |
| 2 | 2 |
Name: apache-tomcat |
| 3 |
-Version: 8.5.31 |
|
| 4 |
-Release: 3%{?dist}
|
|
| 3 |
+Version: 8.5.35 |
|
| 4 |
+Release: 1%{?dist}
|
|
| 5 | 5 |
License: Apache |
| 6 | 6 |
URL: http://tomcat.apache.org |
| 7 | 7 |
Group: Applications/System |
| 8 | 8 |
Vendor: VMware, Inc. |
| 9 | 9 |
Distribution: Photon |
| 10 | 10 |
BuildArch: noarch |
| 11 |
-Source0: http://mirrors.koehn.com/apache/tomcat/tomcat-8/v%{version}/src/%{name}-%{version}-src.tar.gz
|
|
| 12 |
-%define sha1 apache-tomcat=c364d8814f06d1911e3dedf599fb07ab6c020c1d |
|
| 11 |
+Source0: https://archive.apache.org/dist/tomcat/tomcat-8/v%{version}/src/%{name}-%{version}-src.tar.gz
|
|
| 12 |
+%define sha1 apache-tomcat=c1c68f8cfeb816be2f9210903cbdd9eb4759a52f |
|
| 13 | 13 |
# base-for-apache-tomcat is a cached -Dbase.path folder |
| 14 | 14 |
Source1: base-for-%{name}-%{version}.tar.gz
|
| 15 |
-%define sha1 base=9c954df61d7c72f6d5e7319d25351e178a84cab4 |
|
| 15 |
+%define sha1 base=68897a45e160a2b09ac5132a34ff6d5e30771365 |
|
| 16 | 16 |
Patch0: apache-tomcat-use-jks-as-inmem-keystore.patch |
| 17 |
-Patch1: apache-tomcat-fix-cve-2018-8014.patch |
|
| 18 | 17 |
BuildRequires: openjre8 |
| 19 | 18 |
BuildRequires: openjdk8 |
| 20 | 19 |
BuildRequires: apache-ant |
| ... | ... |
@@ -39,7 +38,6 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name " |
| 39 | 39 |
-name "*.jar" -o -name "*.war" -o -name "*.zip" \) -delete |
| 40 | 40 |
%setup -D -b 1 -n %{name}-%{version}-src
|
| 41 | 41 |
%patch0 -p1 |
| 42 |
-%patch1 -p1 |
|
| 43 | 42 |
|
| 44 | 43 |
%build |
| 45 | 44 |
ant -Dbase.path="../base-for-%{name}-%{version}" deploy dist-prepare dist-source
|
| ... | ... |
@@ -103,6 +101,8 @@ rm -rf %{buildroot}/*
|
| 103 | 103 |
%{_logsdir}/catalina.out
|
| 104 | 104 |
|
| 105 | 105 |
%changelog |
| 106 |
+* Sat Dec 08 2018 Dweep Advani <dadvani@vmware.com> 8.5.35-1 |
|
| 107 |
+- Upgraded to version 8.5.35 |
|
| 106 | 108 |
* Mon Jun 25 2018 Srinidhi Rao <srinidhir@vmware.com> 8.5.31-3 |
| 107 | 109 |
- Fix for CVE-2018-8014 |
| 108 | 110 |
* Thu May 17 2018 Xiaolin Li <xiaolinl@vmware.com> 8.5.31-2 |