Harden the class loader to provide a mitigation for CVE-2022-22965
a Spring Framework vulnerability: Effectively disable the
WebappClassLoaderBase.getResources() method as it is not used and
if something accidently exposes the class loader this method can be used to gain
access to Tomcat internals.
Changes: https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.62_(remm)
PR: 262975
This is the FreeBSD Ports Collection. For an easy to use
WEB-based interface to it, please see:
https://www.FreeBSD.org/ports
For general information on the Ports Collection, please see the
FreeBSD Handbook ports section which is available from:
https://docs.freebsd.org/en/books/handbook/ports/
for the latest official version
or:
The ports(7) manual page (man ports).
These will explain how to use ports and packages.
If you would like to search for a port, you can do so easily by
saying (in /usr/ports):
make search name="<name>"
or:
make search key="<keyword>"
which will generate a list of all ports matching <name> or <keyword>.
make search also supports wildcards, such as:
make search name="gtk*"
For information about contributing to FreeBSD ports, please see the Porter's
Handbook, available at:
https://docs.freebsd.org/en/books/porters-handbook/
NOTE: This tree will GROW significantly in size during normal usage!
The distribution tar files can and do accumulate in /usr/ports/distfiles,
and the individual ports will also use up lots of space in their work
subdirectories unless you remember to "make clean" after you're done
building a given port. /usr/ports/distfiles can also be periodically
cleaned without ill-effect.
e9395fe9f8