You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2020/07/09 10:52:01 UTC
[tomcat] branch 9.0.x updated: Fix BZ 64852. Avoid exception under
a security manager
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 927f00a Fix BZ 64852. Avoid exception under a security manager
927f00a is described below
commit 927f00a2bf1d6d98671ae4b6fd8768ac8535bd8a
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Jul 9 11:50:39 2020 +0100
Fix BZ 64852. Avoid exception under a security manager
Patch provided by Johnathan Gilday
https://bz.apache.org/bugzilla/show_bug.cgi?id=64582
---
java/org/apache/catalina/security/SecurityClassLoad.java | 1 +
webapps/docs/changelog.xml | 9 +++++++++
2 files changed, 10 insertions(+)
diff --git a/java/org/apache/catalina/security/SecurityClassLoad.java b/java/org/apache/catalina/security/SecurityClassLoad.java
index 2510424..6ffe9cc 100644
--- a/java/org/apache/catalina/security/SecurityClassLoad.java
+++ b/java/org/apache/catalina/security/SecurityClassLoad.java
@@ -149,6 +149,7 @@ public final class SecurityClassLoad {
loader.loadClass(basePackage + "CoyoteInputStream$PrivilegedRead");
loader.loadClass(basePackage + "CoyoteInputStream$PrivilegedReadArray");
loader.loadClass(basePackage + "CoyoteInputStream$PrivilegedReadBuffer");
+ loader.loadClass(basePackage + "CoyoteOutputStream");
loader.loadClass(basePackage + "InputBuffer$PrivilegedCreateConverter");
loader.loadClass(basePackage + "Response$PrivilegedDoIsEncodable");
loader.loadClass(basePackage + "Response$PrivilegedGenerateCookieString");
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 7ee0ca7..ec10e5f 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -45,6 +45,15 @@
issues do not "pop up" wrt. others).
-->
<section name="Tomcat 9.0.38 (markt)" rtext="in development">
+ <subsection name="Catalina">
+ <changelog>
+ <fix>
+ <bug>64582</bug>: Pre-load the <code>CoyoteOutputStream</code> class to
+ prevent a potential exception when running under a security manager.
+ Patch provided by Johnathan Gilday. (markt)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="Coyote">
<changelog>
<fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org