[ All 3 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ]
×

Project tomcat9-1:9.0.87-5.el10_0.3

Name tomcat9
Epoch 1
Version 9.0.87
Release 5.el10_0.3
Website/URL http://tomcat.apache.org/
License Apache-2.0
Build Time 2025-08-21 06:58:55
Build Host builder-arm64-1.inferitos.ru
Summary Apache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API
Repositories AppStream
Description Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world.
Errata
× Full screenshot
Found 3 old versions
Packages link
Package Summary SHA-256 checksum
noarch
tomcat9-1:9.0.87-5.el10_0.3.noarch Apache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API fae2068938d94cbead11dc3cc2f2b7f377fa428e915b4ce7edc0484d7d627bf4 download
tomcat9-admin-webapps-1:9.0.87-5.el10_0.3.noarch The host-manager and manager web applications for Apache Tomcat b245455e08e29cbfbc37845e5821171927ff4846a864a8d4e13517610e73a6f0 download
tomcat9-docs-webapp-1:9.0.87-5.el10_0.3.noarch The docs web application for Apache Tomcat 217f988e859ff8259a718553f0c2fc1bea6e5a8cf9e9f0ed2f93d92823af0041 download
tomcat9-el-3.0-api-1:9.0.87-5.el10_0.3.noarch Apache Tomcat Expression Language v3.0 API Implementation Classes c147276b832424f3d841e330ee8300187fe11644d1fbdbd84ae39f716d3db5f9 download
tomcat9-jsp-2.3-api-1:9.0.87-5.el10_0.3.noarch Apache Tomcat JavaServer Pages v2.3 API Implementation Classes 7caa434a01852acc9201b5cbaca271c43d55a4363c5817e7818c51b8e767f55b download
tomcat9-lib-1:9.0.87-5.el10_0.3.noarch Libraries needed to run the Tomcat Web container e38914e7073f7241f16c19f0ea3b8797a5ada118dc0777322527ba719c8da9cc download
tomcat9-servlet-4.0-api-1:9.0.87-5.el10_0.3.noarch Apache Tomcat Java Servlet v4.0 API Implementation Classes d11c719bddf7cc44b1bcae5a7ee69d80d16fac7e708ed8e147f2058e42905b9d download
tomcat9-webapps-1:9.0.87-5.el10_0.3.noarch The ROOT web application for Apache Tomcat 54d90805ed514963660af00d2eca5da0d12e058fd85ae7918fc6a4f3a7de47ec download
src
tomcat9-1:9.0.87-5.el10_0.3.src Apache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API e26aeac2bf4f7a468af27b3d325096ac25abf17024c4f4910889ee39c4f3846f download
Changelog link
* Mon Aug 18 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-5.el10_0.3
- Resolves: RHEL-102187
  tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989)

* Wed Aug 13 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-5.el10_0.2
- Resolves: RHEL-108484
  tomcat: Apache Commons FileUpload DOS via part headers (CVE-2025-48976)
- Resolves: RHEL-108492
  tomcat: Dos in multipart upload (CVE-2025-48988)
- Resolves: RHEL-108500
  tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125)
- Resolves: RHEL-108508
  tomcat: Denial of service (CVE-2025-52434)
- Resolves: RHEL-108520
  tomcat: Denial of service (CVE-2025-52520)
- Resolves: RHEL-108516
  tomcat: Denial of service (CVE-2025-53506)

* Mon May 26 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-5.el10_0.1
- Resolves: RHEL-91748
  tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650)
- Resolves: RHEL-94959
  tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337)

* Wed May 14 2025 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1:9.0.87-5
- Rebuilt for MSVSphere 10

* Mon Apr 14 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-5
- Resolves: RHEL-82927
  tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)

* Thu Feb 13 2025 Joe Orton <jorton@redhat.com> - 1:9.0.87-4
- add Obsoletes to aid upgrade path from tomcat-9.x
  Resolves: RHEL-79313

* Mon Feb 03 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-3
- Resolves: RHEL-77325 Missing conflicts in spec file

* Fri Jan 24 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2
- Initial commit on c10s
  Resolves: RHEL-69841
- tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379)