Package tomcat-jsp-2.3-api-1:9.0.87-3.el9_6.3.noarch
| Name | tomcat-jsp-2.3-api |
|---|---|
| Epoch | 1 |
| Version | 9.0.87 |
| Release | 3.el9_6.3 |
| Architecture | noarch |
| Website/URL | http://tomcat.apache.org/ |
| License | ASL 2.0 |
| Build Time | 2025-08-21 06:59:23 |
| Build Host | builder-arm64-1.inferitos.ru |
| Summary | Apache Tomcat JavaServer Pages v2.3 API Implementation Classes |
| Repositories | AppStream |
| Description | Apache Tomcat JSP API Implementation Classes. |
| Errata | — |
| Size | 73 KiB |
| Source Project | tomcat-9.0.87-3.el9_6.3 |
| SHA-256 checksum | 390972bc789594b86e2eba35bdbfd60b5870687984ac511c74c18c1a91c4d652 |
×
![Full screenshot]()
* Thu Aug 14 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-3.el9_6.3 - Resolves: RHEL-102200 tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989) * Tue Aug 12 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-3.el9_6.2 - Resolves: RHEL-108491 tomcat: Apache Commons FileUpload DOS via part headers (CVE-2025-48976) - Resolves: RHEL-108499 tomcat: Dos in multipart upload (CVE-2025-48988) - Resolves: RHEL-108507 tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125) - Resolves: RHEL-108515 tomcat: Denial of service (CVE-2025-52434) - Resolves: RHEL-108531 tomcat: Denial of service (CVE-2025-52520) - Resolves: RHEL-108527 tomcat: Denial of service (CVE-2025-53506) * Mon May 26 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-3.el9_6.1 - Resolves: RHEL-91765 tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650) - Resolves: RHEL-71981 tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337) * Tue Apr 08 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-3 - Resolves: RHEL-82945 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813) - Resolves: RHEL-71723 tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379) * Thu Aug 08 2024 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2 - Resolves: RHEL-46163 tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750) - Resolves: RHEL-18245 - OpenJDK 21 support for RHEL Tomcat * Fri May 03 2024 Sokratis Zappis <szappis@redhat.com> - 1:9.0.87-1 - Resolves: RHEL-35812 - Rebase tomcat to version 9.0.87 - Resolves: RHEL-29257 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) - Resolves: RHEL-29252 tomcat: : Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) - Resolves: RHEL-53001 - Amend tomcat's changelog (CVE-2023-46589, CVE-2023-45648, CVE-2023-42795, CVE-2023-42794, CVE-2023-44487, CVE-2023-41080) * Thu Jan 18 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-39 - Resolves: RHEL-17605 tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589) * Thu Nov 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-38 - Resolves: RHEL-13908 tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648) - Resolves: RHEL-13905 tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795) - Resolves: RHEL-12952 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794) - Resolves: RHEL-12552 tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) - Resolves: RHEL-2388 tomcat: Open Redirect vulnerability in FORM authentication (CVE-2023-41080) * Fri Oct 13 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-37 - Resolves: RHEL-12551 tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) - Remove JDK subpackges which are unused * Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-16 - Related: #2184133 Declare file conflicts