From 129412ec913d5312f0d351a7faecc185cc348427 Mon Sep 17 00:00:00 2001
From: houyingchao <1348375921@qq.com>
Date: Sat, 9 Oct 2021 15:26:15 +0800
Subject: [PATCH] Fix CVE-2021-41079

---
 CVE-2021-41079.patch | 24 ++++++++++++++++++++++++
 tomcat.spec          |  6 +++++-
 2 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2021-41079.patch

diff --git a/CVE-2021-41079.patch b/CVE-2021-41079.patch
new file mode 100644
index 0000000..20d1b47
--- /dev/null
+++ b/CVE-2021-41079.patch
@@ -0,0 +1,24 @@
+From d4b340fa8feaf55831f9a59350578f7b6ca048b8 Mon Sep 17 00:00:00 2001
+From: Mark Thomas <markt@apache.org>
+Date: Wed, 3 Mar 2021 12:00:46 +0000
+Subject: [PATCH] Improve robustness
+
+---
+ java/org/apache/tomcat/util/net/openssl/LocalStrings.properties | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties b/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties
+index 1919159..1ab5f43 100644
+--- a/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties
++++ b/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties
+@@ -52,6 +52,7 @@ engine.nullCipherSuite=Null cipher suite
+ engine.unsupportedCipher=Unsupported cipher suite: [{0}] [{1}]
+ engine.emptyCipherSuite=Empty cipher suite
+ engine.failedCipherSuite=Failed to enable cipher suite [{0}]
++engine.failedToReadAvailableBytes=There are plain text bytes available to read but no bytes were read
+ engine.unsupportedProtocol=Protocol [{0}] is not supported
+ engine.unverifiedPeer=Peer unverified
+ engine.noSession=SSL session ID not available
+-- 
+2.23.0
+
diff --git a/tomcat.spec b/tomcat.spec
index aa7acf6..55e1d3f 100644
--- a/tomcat.spec
+++ b/tomcat.spec
@@ -13,7 +13,7 @@
 Name:          tomcat
 Epoch:         1
 Version:       %{major_version}.%{minor_version}.%{micro_version}
-Release:       20
+Release:       21
 Summary:       Implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies
 License:       ASL 2.0
 URL:           http://tomcat.apache.org/
@@ -98,6 +98,7 @@ Patch6053: CVE-2021-30640-5.patch
 Patch6054: CVE-2021-30640-6.patch
 Patch6055: CVE-2021-30640-7.patch
 Patch6056: CVE-2021-30640-8.patch
+Patch6057: CVE-2021-41079.patch
 
 BuildRequires: ecj >= 1:4.6.1 findutils apache-commons-collections apache-commons-daemon
 BuildRequires: apache-commons-dbcp apache-commons-pool tomcat-taglibs-standard ant
@@ -499,6 +500,9 @@ fi
 %{_javadocdir}/%{name}
 
 %changelog
+* Sat Oct 9 2021 houyingchao <houyingchao@huawei.com> - 1:9.0.10-21
+- Fix CVE-2021-41079
+
 * Thu Jul 29 2021 wangyue <wangyue92@huawei.com> - 1:9.0.10-20
 - Fix CVE-2021-30640
 
-- 
Gitee