[bitnami/jasperreports] Release 8.1.0-debian-11-r75 (#31779)

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>

bitnami/jasperreports/8/debian-11/Dockerfile

@@ -5,10 +5,10 @@ ARG TARGETARCH
 
 LABEL com.vmware.cp.artifact.flavor="sha256:109c7d51bd69bb6b3df71017440c1ea0699454f81fe188056c083f0b57c96ea6" \
       org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \
-      org.opencontainers.image.created="2023-04-23T00:48:57Z" \
+      org.opencontainers.image.created="2023-04-26T02:13:08Z" \
       org.opencontainers.image.description="Application packaged by VMware, Inc" \
       org.opencontainers.image.licenses="Apache-2.0" \
-      org.opencontainers.image.ref.name="8.1.0-debian-11-r74" \
+      org.opencontainers.image.ref.name="8.1.0-debian-11-r75" \
       org.opencontainers.image.title="jasperreports" \
       org.opencontainers.image.vendor="VMware, Inc." \
       org.opencontainers.image.version="8.1.0"
@@ -25,7 +25,7 @@ RUN install_packages acl ca-certificates curl fontconfig git libaudit1 libbsd0 l
 RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \
     COMPONENTS=( \
       "java-1.8.362-4-linux-${OS_ARCH}-debian-11" \
-      "tomcat-9.0.74-1-linux-${OS_ARCH}-debian-11" \
+      "tomcat-9.0.74-2-linux-${OS_ARCH}-debian-11" \
       "postgresql-client-11.19.0-4-linux-${OS_ARCH}-debian-11" \
       "mysql-client-10.11.2-5-linux-${OS_ARCH}-debian-11" \
       "render-template-1.0.5-5-linux-${OS_ARCH}-debian-11" \

bitnami/jasperreports/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json

@@ -33,6 +33,6 @@
         "arch": "amd64",
         "distro": "debian-11",
         "type": "NAMI",
-        "version": "9.0.74-1"
+        "version": "9.0.74-2"
     }
 }

bitnami/jasperreports/8/debian-11/rootfs/opt/bitnami/scripts/libtomcat.sh

@@ -132,6 +132,24 @@ tomcat_enable_ajp() {
     fi
 }
 
+########################
+# Enable a specific Tomcat application for public access
+# Globals:
+#   TOMCAT_*
+# Arguments:
+#   $1 - Tomcat application to enable
+# Returns:
+#   None
+#########################
+tomcat_enable_application() {
+    local application="${1:?missing application}"
+    # Access control is configured in the application's context.xml with a Valve element
+    # context.xml docs: https://tomcat.apache.org/tomcat-9.0-doc/config/context.html
+    # Valve docs for Access Control: https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Access_Control
+    [[ -f "${TOMCAT_WEBAPPS_DIR}/${application}/META-INF/context.xml" ]] || return
+    xmlstarlet ed -S --inplace --update '//Valve/@allow' --value '\d+\.\d+\.\d+\.\d+' "${TOMCAT_WEBAPPS_DIR}/${application}/META-INF/context.xml"
+}
+
 ########################
 # Ensure Tomcat is initialized
 # Globals:
@@ -187,15 +205,14 @@ EOF
             info "Skipping deployment of default webapps"
         fi
 
-        # Access control is configured in the application's context.xml with a Valve element
-        # context.xml docs: https://tomcat.apache.org/tomcat-9.0-doc/config/context.html
-        # Valve docs for Access Control: https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Access_Control
+        # These applications have been enabled for historical reasons, and do not pose any security threat
+        tomcat_enable_application examples
+        tomcat_enable_application docs
         if is_boolean_yes "$TOMCAT_ALLOW_REMOTE_MANAGEMENT"; then
+            # These applications should not be enabled by default, for security reasons
             info "Enabling remote connections for manager and host-manager applications"
-             for application in manager host-manager examples docs; do
-                [[ -f "${TOMCAT_WEBAPPS_DIR}/${application}/META-INF/context.xml" ]] || continue
-                xmlstarlet ed -S --inplace --update '//Valve/@allow' --value '\d+\.\d+\.\d+\.\d+' "${TOMCAT_WEBAPPS_DIR}/${application}/META-INF/context.xml"
-            done
+            tomcat_enable_application manager
+            tomcat_enable_application host-manager
         fi
     fi
 }