2016-07-25 17:23:51 |
Samuel Longiaru |
bug |
|
|
added bug |
2016-07-25 18:23:25 |
Hans Joachim Desserud |
affects |
ubuntu |
tomcat8 (Ubuntu) |
|
2016-07-25 18:23:33 |
Hans Joachim Desserud |
tags |
tomcat8 |
xenial |
|
2016-08-29 20:53:06 |
Launchpad Janitor |
tomcat8 (Ubuntu): status |
New |
Confirmed |
|
2016-08-29 20:54:22 |
Tim Donohue |
bug |
|
|
added subscriber Tim Donohue |
2016-08-30 16:46:46 |
Alberto Salvia Novella |
bug watch added |
|
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999 |
|
2016-08-30 16:46:46 |
Alberto Salvia Novella |
bug task added |
|
tomcat7 |
|
2016-08-30 16:47:23 |
Alberto Salvia Novella |
tomcat8 (Ubuntu): importance |
Undecided |
Critical |
|
2016-08-30 17:27:31 |
Bug Watch Updater |
tomcat7: status |
Unknown |
Fix Released |
|
2016-08-30 17:27:31 |
Bug Watch Updater |
tomcat7: importance |
Unknown |
High |
|
2016-09-18 12:50:05 |
MrKahuna |
bug |
|
|
added subscriber MrKahuna |
2016-09-22 13:55:14 |
Conrad Kostecki |
bug |
|
|
added subscriber ConiKost |
2016-09-23 13:23:55 |
Robie Basak |
tomcat8 (Ubuntu): importance |
Critical |
High |
|
2016-09-23 13:27:14 |
Robie Basak |
nominated for series |
|
Ubuntu Xenial |
|
2016-09-23 13:27:14 |
Robie Basak |
bug task added |
|
tomcat8 (Ubuntu Xenial) |
|
2016-09-23 13:28:26 |
Robie Basak |
bug |
|
|
added subscriber Robie Basak |
2016-09-23 13:28:33 |
Robie Basak |
bug |
|
|
added subscriber Ubuntu Server Team |
2016-12-09 11:16:38 |
Nish Aravamudan |
tomcat8 (Ubuntu): status |
Confirmed |
Fix Released |
|
2016-12-09 11:16:42 |
Nish Aravamudan |
tomcat8 (Ubuntu Xenial): status |
New |
Triaged |
|
2016-12-09 11:16:44 |
Nish Aravamudan |
tomcat8 (Ubuntu Xenial): importance |
Undecided |
High |
|
2016-12-09 11:16:47 |
Nish Aravamudan |
tomcat8 (Ubuntu): importance |
High |
Undecided |
|
2016-12-09 11:16:49 |
Nish Aravamudan |
tomcat8 (Ubuntu Xenial): assignee |
|
Nish Aravamudan (nacc) |
|
2016-12-09 11:17:24 |
Nish Aravamudan |
tomcat8 (Ubuntu Xenial): status |
Triaged |
In Progress |
|
2016-12-09 11:25:08 |
Nish Aravamudan |
nominated for series |
|
Ubuntu Yakkety |
|
2016-12-09 11:25:08 |
Nish Aravamudan |
bug task added |
|
tomcat8 (Ubuntu Yakkety) |
|
2016-12-09 11:25:16 |
Nish Aravamudan |
tomcat8 (Ubuntu Yakkety): status |
New |
Fix Released |
|
2016-12-14 00:40:20 |
Nish Aravamudan |
description |
Tomcat 8.0.32 has a known and corrected bug
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999
which in some cases prevents a webapp from executing. I have encountered this error. The fix will be to place a later version of Tomcat8 into the Ubuntu 16.04 repository.
I encountered this error using:
----------------------------
OpenVPMS 1.8.1 (veterinary practice management webapp)
MySQL 5.7.13
Open-jdk 1.8.0_91
Tomcat 8.0.32
mysql-connector-java-5.1.39
----------------------------
The webapp in this case (OpenVPMS) runs under tomcat7 but not under this specific version of Tomcat (8.0.32). Instead, tomcat throws a 404-/openvpms error. The relevant portion of the tomcat log is:
Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: 3
at java.lang.String.charAt(String.java:658)
at org.apache.catalina.loader.WebappClassLoaderBase.filter(WebappClassLoaderBase.java:2780)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1253)
at java.lang.ClassLoader.loadClass(ClassLoader.java:411)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
Thank you. |
[Impact]
* There was a software bug in the 8.0.32 release of tomcat8, subsequently fixed in 8.0.33, with acessing past the end of a string.
[Test Case]
* @Samuel, are you able to provide an explicit testcase?
[Regression Potential]
* This is a strict backport from upstream of a bugfix. The regression potential is very low, as the current tomcat8 code is broken.
---
Tomcat 8.0.32 has a known and corrected bug
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999
which in some cases prevents a webapp from executing. I have encountered this error. The fix will be to place a later version of Tomcat8 into the Ubuntu 16.04 repository.
I encountered this error using:
----------------------------
OpenVPMS 1.8.1 (veterinary practice management webapp)
MySQL 5.7.13
Open-jdk 1.8.0_91
Tomcat 8.0.32
mysql-connector-java-5.1.39
----------------------------
The webapp in this case (OpenVPMS) runs under tomcat7 but not under this specific version of Tomcat (8.0.32). Instead, tomcat throws a 404-/openvpms error. The relevant portion of the tomcat log is:
Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: 3
at java.lang.String.charAt(String.java:658)
at org.apache.catalina.loader.WebappClassLoaderBase.filter(WebappClassLoaderBase.java:2780)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1253)
at java.lang.ClassLoader.loadClass(ClassLoader.java:411)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
Thank you. |
|
2016-12-14 00:41:30 |
Nish Aravamudan |
description |
[Impact]
* There was a software bug in the 8.0.32 release of tomcat8, subsequently fixed in 8.0.33, with acessing past the end of a string.
[Test Case]
* @Samuel, are you able to provide an explicit testcase?
[Regression Potential]
* This is a strict backport from upstream of a bugfix. The regression potential is very low, as the current tomcat8 code is broken.
---
Tomcat 8.0.32 has a known and corrected bug
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999
which in some cases prevents a webapp from executing. I have encountered this error. The fix will be to place a later version of Tomcat8 into the Ubuntu 16.04 repository.
I encountered this error using:
----------------------------
OpenVPMS 1.8.1 (veterinary practice management webapp)
MySQL 5.7.13
Open-jdk 1.8.0_91
Tomcat 8.0.32
mysql-connector-java-5.1.39
----------------------------
The webapp in this case (OpenVPMS) runs under tomcat7 but not under this specific version of Tomcat (8.0.32). Instead, tomcat throws a 404-/openvpms error. The relevant portion of the tomcat log is:
Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: 3
at java.lang.String.charAt(String.java:658)
at org.apache.catalina.loader.WebappClassLoaderBase.filter(WebappClassLoaderBase.java:2780)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1253)
at java.lang.ClassLoader.loadClass(ClassLoader.java:411)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
Thank you. |
[Impact]
* There was a software bug in the 8.0.32 release of tomcat8, subsequently fixed in 8.0.33, with acessing past the end of a string.
[Test Case]
* The Apache bug provides a test case.
[Regression Potential]
* This is a strict backport from upstream of a bugfix. The regression potential is very low, as the current tomcat8 code is broken.
---
Tomcat 8.0.32 has a known and corrected bug
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999
which in some cases prevents a webapp from executing. I have encountered this error. The fix will be to place a later version of Tomcat8 into the Ubuntu 16.04 repository.
I encountered this error using:
----------------------------
OpenVPMS 1.8.1 (veterinary practice management webapp)
MySQL 5.7.13
Open-jdk 1.8.0_91
Tomcat 8.0.32
mysql-connector-java-5.1.39
----------------------------
The webapp in this case (OpenVPMS) runs under tomcat7 but not under this specific version of Tomcat (8.0.32). Instead, tomcat throws a 404-/openvpms error. The relevant portion of the tomcat log is:
Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: 3
at java.lang.String.charAt(String.java:658)
at org.apache.catalina.loader.WebappClassLoaderBase.filter(WebappClassLoaderBase.java:2780)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1253)
at java.lang.ClassLoader.loadClass(ClassLoader.java:411)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
Thank you. |
|
2017-02-15 08:42:58 |
Àlex Magaz |
bug |
|
|
added subscriber Àlex Magaz |
2017-03-09 11:57:42 |
Helge Wiethoff |
bug |
|
|
added subscriber Helge Wiethoff |
2017-11-02 17:47:21 |
Eduard von Feek |
bug |
|
|
added subscriber Eduard von Feek |
2018-01-10 10:13:04 |
Thomas Mecklenburg |
bug |
|
|
added subscriber Thomas Mecklenburg |
2018-08-17 16:37:39 |
Robie Basak |
tags |
xenial |
bitesize xenial |
|
2018-08-17 16:44:45 |
sw |
bug |
|
|
added subscriber sw |
2018-11-23 08:14:57 |
Karl Stenerud |
description |
[Impact]
* There was a software bug in the 8.0.32 release of tomcat8, subsequently fixed in 8.0.33, with acessing past the end of a string.
[Test Case]
* The Apache bug provides a test case.
[Regression Potential]
* This is a strict backport from upstream of a bugfix. The regression potential is very low, as the current tomcat8 code is broken.
---
Tomcat 8.0.32 has a known and corrected bug
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999
which in some cases prevents a webapp from executing. I have encountered this error. The fix will be to place a later version of Tomcat8 into the Ubuntu 16.04 repository.
I encountered this error using:
----------------------------
OpenVPMS 1.8.1 (veterinary practice management webapp)
MySQL 5.7.13
Open-jdk 1.8.0_91
Tomcat 8.0.32
mysql-connector-java-5.1.39
----------------------------
The webapp in this case (OpenVPMS) runs under tomcat7 but not under this specific version of Tomcat (8.0.32). Instead, tomcat throws a 404-/openvpms error. The relevant portion of the tomcat log is:
Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: 3
at java.lang.String.charAt(String.java:658)
at org.apache.catalina.loader.WebappClassLoaderBase.filter(WebappClassLoaderBase.java:2780)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1253)
at java.lang.ClassLoader.loadClass(ClassLoader.java:411)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
Thank you. |
[Impact]
* There was a software bug in the 8.0.32 release of tomcat8, subsequently fixed in 8.0.33, with acessing past the end of a string.
[Test Case]
# lxc launch ubuntu:xenial tester && lxc exec tester bash
# apt update && apt dist-upgrade -y && apt install -y tomcat8 && mkdir -p /var/lib/tomcat8/webapps/test && echo '<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>$Title$</title>
</head>
<body>
<%
Class.forName("org");
%>
</body>
</html>
' >/var/lib/tomcat8/webapps/test/test.jsp
# service tomcat8 restart
# curl localhost:8080/test/test.jsp
...
An exception occurred processing JSP page /test.jsp at line 8
5: </head>
6: <body>
7: <%
8: Class.forName("org");
9: %>
10: </body>
11: </html>
...
</pre><p><b>root cause</b></p><pre>java.lang.StringIndexOutOfBoundsException: String index out of range: 3
...
[Regression Potential]
* This is a strict backport from upstream of a bugfix. The regression potential is very low, as the current tomcat8 code is broken.
---
Tomcat 8.0.32 has a known and corrected bug
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999
which in some cases prevents a webapp from executing. I have encountered this error. The fix will be to place a later version of Tomcat8 into the Ubuntu 16.04 repository.
I encountered this error using:
----------------------------
OpenVPMS 1.8.1 (veterinary practice management webapp)
MySQL 5.7.13
Open-jdk 1.8.0_91
Tomcat 8.0.32
mysql-connector-java-5.1.39
----------------------------
The webapp in this case (OpenVPMS) runs under tomcat7 but not under this specific version of Tomcat (8.0.32). Instead, tomcat throws a 404-/openvpms error. The relevant portion of the tomcat log is:
Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: 3
at java.lang.String.charAt(String.java:658)
at org.apache.catalina.loader.WebappClassLoaderBase.filter(WebappClassLoaderBase.java:2780)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1253)
at java.lang.ClassLoader.loadClass(ClassLoader.java:411)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
Thank you. |
|
2018-11-23 09:21:51 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~kstenerud/ubuntu/+source/tomcat8/+git/tomcat8/+merge/359229 |
|
2018-11-28 14:14:12 |
Andreas Hasenack |
tomcat8 (Ubuntu Xenial): assignee |
Nish Aravamudan (nacc) |
Karl Stenerud (kstenerud) |
|
2018-12-10 15:19:17 |
Karl Stenerud |
description |
[Impact]
* There was a software bug in the 8.0.32 release of tomcat8, subsequently fixed in 8.0.33, with acessing past the end of a string.
[Test Case]
# lxc launch ubuntu:xenial tester && lxc exec tester bash
# apt update && apt dist-upgrade -y && apt install -y tomcat8 && mkdir -p /var/lib/tomcat8/webapps/test && echo '<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>$Title$</title>
</head>
<body>
<%
Class.forName("org");
%>
</body>
</html>
' >/var/lib/tomcat8/webapps/test/test.jsp
# service tomcat8 restart
# curl localhost:8080/test/test.jsp
...
An exception occurred processing JSP page /test.jsp at line 8
5: </head>
6: <body>
7: <%
8: Class.forName("org");
9: %>
10: </body>
11: </html>
...
</pre><p><b>root cause</b></p><pre>java.lang.StringIndexOutOfBoundsException: String index out of range: 3
...
[Regression Potential]
* This is a strict backport from upstream of a bugfix. The regression potential is very low, as the current tomcat8 code is broken.
---
Tomcat 8.0.32 has a known and corrected bug
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999
which in some cases prevents a webapp from executing. I have encountered this error. The fix will be to place a later version of Tomcat8 into the Ubuntu 16.04 repository.
I encountered this error using:
----------------------------
OpenVPMS 1.8.1 (veterinary practice management webapp)
MySQL 5.7.13
Open-jdk 1.8.0_91
Tomcat 8.0.32
mysql-connector-java-5.1.39
----------------------------
The webapp in this case (OpenVPMS) runs under tomcat7 but not under this specific version of Tomcat (8.0.32). Instead, tomcat throws a 404-/openvpms error. The relevant portion of the tomcat log is:
Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: 3
at java.lang.String.charAt(String.java:658)
at org.apache.catalina.loader.WebappClassLoaderBase.filter(WebappClassLoaderBase.java:2780)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1253)
at java.lang.ClassLoader.loadClass(ClassLoader.java:411)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
Thank you. |
[Impact]
* There was a software bug in the 8.0.32 release of tomcat8, subsequently fixed in 8.0.33, with acessing past the end of a string.
[Test Case]
# lxc launch ubuntu:xenial tester && lxc exec tester bash
# apt update && apt dist-upgrade -y && apt install -y tomcat8 && mkdir -p /var/lib/tomcat8/webapps/test && echo '<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>$Title$</title>
</head>
<body>
<%
Class.forName("org");
%>
</body>
</html>
' >/var/lib/tomcat8/webapps/test/test.jsp
# service tomcat8 restart
# curl localhost:8080/test/test.jsp
...
An exception occurred processing JSP page /test.jsp at line 8
5: </head>
6: <body>
7: <%
8: Class.forName("org");
9: %>
10: </body>
11: </html>
...
</pre><p><b>root cause</b></p><pre>java.lang.StringIndexOutOfBoundsException: String index out of range: 3
...
[Regression Potential]
If the lengths are wrong in the patch, then this will filter out more than just the top level identifiers. Although tbh the chances of someone actually putting a partial identifier not the top level id is pretty low.
[Original Description]
---
Tomcat 8.0.32 has a known and corrected bug
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999
which in some cases prevents a webapp from executing. I have encountered this error. The fix will be to place a later version of Tomcat8 into the Ubuntu 16.04 repository.
I encountered this error using:
----------------------------
OpenVPMS 1.8.1 (veterinary practice management webapp)
MySQL 5.7.13
Open-jdk 1.8.0_91
Tomcat 8.0.32
mysql-connector-java-5.1.39
----------------------------
The webapp in this case (OpenVPMS) runs under tomcat7 but not under this specific version of Tomcat (8.0.32). Instead, tomcat throws a 404-/openvpms error. The relevant portion of the tomcat log is:
Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: 3
at java.lang.String.charAt(String.java:658)
at org.apache.catalina.loader.WebappClassLoaderBase.filter(WebappClassLoaderBase.java:2780)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1253)
at java.lang.ClassLoader.loadClass(ClassLoader.java:411)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
Thank you. |
|
2019-01-16 11:53:31 |
Robie Basak |
tomcat8 (Ubuntu Xenial): status |
In Progress |
Fix Committed |
|
2019-01-16 11:53:33 |
Robie Basak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2019-01-16 11:53:36 |
Robie Basak |
bug |
|
|
added subscriber SRU Verification |
2019-01-16 11:53:40 |
Robie Basak |
tags |
bitesize xenial |
bitesize verification-needed verification-needed-xenial xenial |
|
2019-01-25 08:57:02 |
Karl Stenerud |
tags |
bitesize verification-needed verification-needed-xenial xenial |
bitesize verification-done verification-done-xenial xenial |
|
2019-01-25 11:51:56 |
MrKahuna |
removed subscriber MrKahuna |
|
|
|
2019-01-28 09:38:27 |
Launchpad Janitor |
tomcat8 (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
2019-01-28 09:38:31 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|