Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

tomcat-el-3.0-api-9.0.87-1.el8_10.4 RPM for noarch

From AlmaLinux 8.10 AppStream for ppc64le

Name: tomcat-el-3.0-api Distribution: AlmaLinux
Version: 9.0.87 Vendor: AlmaLinux
Release: 1.el8_10.4 Build date: Thu Jul 17 09:30:17 2025
Group: Unspecified Build host: s390x-builder02.almalinux.org
Size: 234081 Source RPM: tomcat-9.0.87-1.el8_10.4.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: http://tomcat.apache.org/
Summary: Apache Tomcat Expression Language v3.0 API Implementation Classes
 
Apache Tomcat EL API Implementation Classes.

Provides

Requires

License

ASL 2.0

Changelog

* Mon May 26 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-1.el8_10.4
  - Resolves: RHEL-91761
    tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650)
  - Resolves: RHEL-71971
    tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337)
* Wed Apr 02 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-1.el8_10.3
  - Resolves: RHEL-82934
    tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
  - Resolves: RHEL-71708
    tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379)
* Thu Aug 08 2024 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-1.el8_10.2
  - Resolves: RHEL-46167
    tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)
* Mon Jun 03 2024 Sokratis Zappis <szappis@redhat.com> - 1:9.0.87-1.el8_10.1
  - Resolves: RHEL-38548 - Amend tomcat package's changelog so that fixed CVEs are mentioned explicitly
  - Resolves: RHEL-35813 - Rebase tomcat to version 9.0.87
  - Resolves: RHEL-29255
    tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)
  - Resolves: RHEL-29250
    tomcat: Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)
* Fri Jan 19 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-30
  - Resolves: RHEL-6971
* Thu Jan 18 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-29
  - Resolves: RHEL-17602
    tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589)
  - tomcat: Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)
* Thu Nov 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-28
  - Resolves: RHEL-13907
    tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648)
  - Resolves: RHEL-13904
    tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795)
  - Resolves: RHEL-12951
    tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794)
  - Resolves: RHEL-12544
    tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
  - Resolves: RHEL-2386
    tomcat: Open Redirect vulnerability in FORM authentication (CVE-2023-41080)
* Fri Oct 13 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-27
  - Related: RHEL-12543
    tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
  - Bump release number
* Thu Oct 12 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-16
  - Resolves: RHEL-12543
    tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
  - Remove JDK subpackges which are unused
* Fri Sep 08 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-14
  - Related: RHEL-2330 Bump release number
* Thu Sep 07 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-13
  - Resolves: RHEL-2330 Revert the fix for pki-servlet-engine
* Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-12
  - Related: #2184135 Declare file conflicts
* Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-11
  - Resolves: #2184135 Fix bug introduced in initial commit
* Fri Aug 18 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-10
  - Resolves: #2210630 CVE-2023-28709 tomcat
  - Resolves: #2181448 CVE-2023-28708 tomcat: not including the secure attribute causes information disclosure
  - tomcat: Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998)
    tomcat: JsonErrorReportValve injection (CVE-2022-45143)
    tomcat: request smuggling (CVE-2022-42252)
    tomcat: local privilege escalation vulnerability (CVE-2022-23181)
* Thu Aug 17 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-9
  - Resolves: #2184135 Add Obsoletes to tomcat package
* Thu Aug 17 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-8
  - Resolves: #2189676 Missing Tomcat POM files in RHEL 8.9
* Tue Aug 15 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-7
  - Related: #2173874 Tomcat installs older java even though newer java is installed
  - Bump release number
* Fri Aug 11 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-6
  - Resolves: #2173874 Tomcat installs older java even though newer java is installed
  - Sync with rhel-8.8.0 branch
* Thu Feb 16 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-5
  - Related: #2160455 Add conflicts to subpackage
* Wed Feb 15 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-4
  - Resolves: #2160455 Add Tomcat 9 to RHEL8

Files

/usr/share/doc/tomcat-el-3.0-api
/usr/share/doc/tomcat-el-3.0-api/LICENSE
/usr/share/java/tomcat
/usr/share/java/tomcat-el-3.0-api.jar
/usr/share/java/tomcat-el-api.jar
/usr/share/java/tomcat/tomcat-el-3.0-api.jar
/usr/share/java/tomcat/tomcat-el-api.jar
/usr/share/maven-metadata/tomcat-tomcat-el-api.xml
/usr/share/maven-poms/tomcat
/usr/share/maven-poms/tomcat/tomcat-el-api.pom

Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Oct 31 09:50:01 2025