Package tomcat9-1:9.0.87-5.el10_0.3.noarch
| Name | tomcat9 |
|---|---|
| Epoch | 1 |
| Version | 9.0.87 |
| Release | 5.el10_0.3 |
| Architecture | noarch |
| Website/URL | http://tomcat.apache.org/ |
| License | Apache-2.0 |
| Build Time | 2025-08-21 06:59:07 |
| Build Host | builder-arm64-1.inferitos.ru |
| Summary | Apache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API |
| Repositories | AppStream |
| Description | Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. |
| Errata | INFSA-2025:14178 |
| Size | 98 KiB |
| Source Project | tomcat9-9.0.87-5.el10_0.3 |
| SHA-256 checksum | fae2068938d94cbead11dc3cc2f2b7f377fa428e915b4ce7edc0484d7d627bf4 |
×
![Full screenshot]()
* Mon Aug 18 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-5.el10_0.3 - Resolves: RHEL-102187 tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989) * Wed Aug 13 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-5.el10_0.2 - Resolves: RHEL-108484 tomcat: Apache Commons FileUpload DOS via part headers (CVE-2025-48976) - Resolves: RHEL-108492 tomcat: Dos in multipart upload (CVE-2025-48988) - Resolves: RHEL-108500 tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125) - Resolves: RHEL-108508 tomcat: Denial of service (CVE-2025-52434) - Resolves: RHEL-108520 tomcat: Denial of service (CVE-2025-52520) - Resolves: RHEL-108516 tomcat: Denial of service (CVE-2025-53506) * Mon May 26 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-5.el10_0.1 - Resolves: RHEL-91748 tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650) - Resolves: RHEL-94959 tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337) * Wed May 14 2025 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1:9.0.87-5 - Rebuilt for MSVSphere 10 * Mon Apr 14 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-5 - Resolves: RHEL-82927 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813) * Thu Feb 13 2025 Joe Orton <jorton@redhat.com> - 1:9.0.87-4 - add Obsoletes to aid upgrade path from tomcat-9.x Resolves: RHEL-79313 * Mon Feb 03 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-3 - Resolves: RHEL-77325 Missing conflicts in spec file * Fri Jan 24 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2 - Initial commit on c10s Resolves: RHEL-69841 - tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379)