0001-set-UTF-8-as-default-character-encoding.patch
0002-do-not-load-AJP13-connector-by-default.patch
0003-disable-APR-library-loading.patch
0004-split-deploy-webapps-target-from-deploy-target.patch
0005-change-default-DBCP-factory-class.patch
0006-add-JARs-below-var-to-class-loader.patch
0009-Use-java.security.policy-file-in-catalina.sh.patch
0010-debianize-build-xml.patch
0011-fix-classpath-lintian-warnings.patch
0012-java7-compat.patch
0013-dont-look-for-build-properties-in-user-home.patch
cve-2012-3439.patch
cve-2012-3439-tests.patch
0016-CVE-2012-4431.patch
0017-CVE-2012-3546.patch
0018-CVE-2014-0050.patch
0019-CVE-2013-2067.patch
0020-CVE-2013-2071.patch
0021-CVE-2012-3544.patch
0022-update-test-certificates.patch
0023-CVE-2013-4286.patch
0024-CVE-2013-4322.patch
0025-use-tls-in-ssl-unit-tests.patch
CVE-2014-7810.patch
CVE-2014-0099.patch
CVE-2013-4444.patch
CVE-2014-0075.patch
CVE-2014-0227.patch
CVE-2014-0230.patch
CVE-2014-0096.patch
CVE-2014-0119.patch
CVE-2015-5174.patch
CVE-2015-5345.patch
CVE-2015-5346.patch
CVE-2015-5351.patch
CVE-2016-0706.patch
CVE-2016-0714.patch
CVE-2016-0763.patch
CVE-2016-3092.patch
CVE-2016-5018.patch
CVE-2016-6794.patch
CVE-2016-6796.patch
CVE-2016-6797.patch
CVE-2016-0762.patch
CVE-2016-6816.patch
CVE-2016-8735.patch
CVE-2016-5018-part2.patch
CVE-2016-6797-part2.patch
CVE-2016-8745.patch
BZ57544-infinite-loop.patch
BZ57544-infinite-loop-part2.patch
CVE-2017-5647.patch
CVE-2017-5648.patch
CVE-2017-5664.patch
CVE-2017-12616.patch
CVE-2017-12617_1.patch
CVE-2017-12617_2.patch
CVE-2017-12617_3.patch
CVE-2017-12617_4.patch
CVE-2017-12617_5.patch
CVE-2017-12617_6.patch
CVE-2018-1304.patch
CVE-2018-1305.patch
