This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 076cd7a44e FollowUp on Improve CVE-2024-56337 protection
076cd7a44e is described below
commit 076cd7a44e136f84a29f625c5ff602649aca4ec4
Author: Markus Hoffrogge <mhoffro...@gmail.com>
AuthorDate: Tue May 20 17:21:54 2025 +0200
FollowUp on Improve CVE-2024-56337 protection
- service.bat:
- fix JvmOptions9 to match changes in catalina.bat
- improve legibility of JvmOptions9 parameter line
by introducing intermediate set variable JVM9_OPTIONS
- add comment to JVM9_OPTIONS settings
with hint to keep in line with catalina.bat
- catalina.bat:
- add comment to JAVA_OPTIONS --add-opens settings
with hint to keep in line with service.bat
---
bin/catalina.bat | 2 +-
bin/service.bat | 10 +++++++++-
2 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/bin/catalina.bat b/bin/catalina.bat
index af97bedc4c..863b7d5000 100755
--- a/bin/catalina.bat
+++ b/bin/catalina.bat
@@ -224,7 +224,7 @@ if not "%LOGGING_MANAGER%" == "" goto noJuliManager
set
LOGGING_MANAGER=-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
:noJuliManager
-rem Configure module start-up parameters
+rem Configure module start-up parameters - ensure to keep it in line with
service.bat
set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.base/java.lang=ALL-UNNAMED"
set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.base/java.lang.reflect=ALL-UNNAMED"
set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.base/java.io=ALL-UNNAMED"
diff --git a/bin/service.bat b/bin/service.bat
index d7c23ef560..ea1b11aa7e 100755
--- a/bin/service.bat
+++ b/bin/service.bat
@@ -200,6 +200,14 @@ if exist "%CATALINA_HOME%\bin\%DEFAULT_SERVICE_NAME%.exe" (
)
)
+rem Configure JAVA 9 specific start-up parameters - ensure to keep it in line
with catalina.bat
+set "JVM9_OPTIONS=--add-opens=java.base/java.lang=ALL-UNNAMED"
+set
"JVM9_OPTIONS=%JVM9_OPTIONS%;--add-opens=java.base/java.lang.reflect=ALL-UNNAMED"
+set "JVM9_OPTIONS=%JVM9_OPTIONS%;--add-opens=java.base/java.io=ALL-UNNAMED"
+set "JVM9_OPTIONS=%JVM9_OPTIONS%;--add-opens=java.base/java.util=ALL-UNNAMED"
+set
"JVM9_OPTIONS=%JVM9_OPTIONS%;--add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
+set
"JVM9_OPTIONS=%JVM9_OPTIONS%;--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
+
"%EXECUTABLE%" //IS//%SERVICE_NAME% ^
--Description "Apache Tomcat @VERSION@ Server -
https://tomcat.apache.org/"; ^
--DisplayName "Apache Tomcat @VERSION_MAJOR_MINOR@ %SERVICE_NAME%" ^
@@ -218,7 +226,7 @@ if exist "%CATALINA_HOME%\bin\%DEFAULT_SERVICE_NAME%.exe" (
--StartParams start ^
--StopParams stop ^
--JvmOptions
"-Dcatalina.home=%CATALINA_HOME%;-Dcatalina.base=%CATALINA_BASE%;-Djava.io.tmpdir=%CATALINA_BASE%\temp;-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager;-Djava.util.logging.config.file=%CATALINA_BASE%\conf\logging.properties;-Dsun.io.useCanonCaches=false;%JvmArgs%"
^
- --JvmOptions9
"--add-opens=java.base/java.lang=ALL-UNNAMED#--add-opens=java.base/java.io=ALL-UNNAMED#--add-opens=java.base/java.util=ALL-UNNAMED#--add-opens=java.base/java.util.concurrent=ALL-UNNAMED#--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
^
+ --JvmOptions9 "%JVM9_OPTIONS%" ^
--Startup "%SERVICE_STARTUP_MODE%" ^
--JvmMs "%JvmMs%" ^
--JvmMx "%JvmMx%"
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
