0001-set-UTF-8-as-default-character-encoding.patch
0002-do-not-load-AJP13-connector-by-default.patch
0003-disable-APR-library-loading.patch
0004-split-deploy-webapps-target-from-deploy-target.patch
0005-change-default-DBCP-factory-class.patch
0006-add-JARs-below-var-to-class-loader.patch
0009-Use-java.security.policy-file-in-catalina.sh.patch
0010-debianize-build-xml.patch
0011-fix-classpath-lintian-warnings.patch
0012-java7-compat.patch
0013-dont-look-for-build-properties-in-user-home.patch
cve-2012-3439.patch
cve-2012-3439-tests.patch
0016-CVE-2012-4431.patch
0017-CVE-2012-3546.patch
0018-CVE-2014-0050.patch
0019-CVE-2013-2067.patch
0020-CVE-2013-2071.patch
0021-CVE-2012-3544.patch
0022-update-test-certificates.patch
0023-CVE-2013-4286.patch
0024-CVE-2013-4322.patch
0025-use-tls-in-ssl-unit-tests.patch
CVE-2014-7810.patch
CVE-2014-0099.patch
CVE-2013-4444.patch
CVE-2014-0075.patch
CVE-2014-0227.patch
CVE-2014-0230.patch
CVE-2014-0096.patch
CVE-2014-0119.patch
CVE-2015-5174.patch
CVE-2015-5345.patch
CVE-2015-5346.patch
CVE-2015-5351.patch
CVE-2016-0706.patch
CVE-2016-0714.patch
CVE-2016-0763.patch
