| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: tomcat9 | Distribution: CentOS |
| Version: 9.0.87 | Vendor: CentOS |
| Release: 8.el10 | Build date: Mon Aug 25 18:24:51 2025 |
| Group: Unspecified | Build host: aarch64-06.stream.rdu2.redhat.com |
| Size: 330350 | Source RPM: tomcat9-9.0.87-8.el10.src.rpm |
| Packager: builder@centos.org | |
| Url: http://tomcat.apache.org/ | |
| Summary: Apache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API | |
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world.
Apache-2.0
* Mon Aug 18 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-8
- Resolves: RHEL-102186
tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989)
* Wed Aug 13 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-7
- Resolves: RHEL-108485
tomcat: Apache Commons FileUpload DOS via part headers (CVE-2025-48976)
- Resolves: RHEL-108493
tomcat: Dos in multipart upload (CVE-2025-48988)
- Resolves: RHEL-108501
tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125)
- Resolves: RHEL-108509
tomcat: Denial of service (CVE-2025-52434)
- Resolves: RHEL-108522
tomcat: Denial of service (CVE-2025-52520)
- Resolves: RHEL-108517
tomcat: Denial of service (CVE-2025-53506)
* Mon May 26 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-5.el10_0.1
- Resolves: RHEL-91750
tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650)
- Resolves: RHEL-94960
tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337)
* Mon Apr 14 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-5
- Resolves: RHEL-82927
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
* Thu Feb 13 2025 Joe Orton <jorton@redhat.com> - 1:9.0.87-4
- add Obsoletes to aid upgrade path from tomcat-9.x
Resolves: RHEL-79313
* Mon Feb 03 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-3
- Resolves: RHEL-77325 Missing conflicts in spec file
* Fri Jan 24 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2
- Initial commit on c10s
Resolves: RHEL-69841
- tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379)
/etc/logrotate.d/tomcat.disabled /etc/sysconfig/tomcat /etc/tomcat /etc/tomcat/Catalina /etc/tomcat/Catalina/localhost /etc/tomcat/catalina.policy /etc/tomcat/catalina.properties /etc/tomcat/conf.d /etc/tomcat/conf.d/README /etc/tomcat/conf.d/java-9-start-up-parameters.conf /etc/tomcat/context.xml /etc/tomcat/jaspic-providers.xml /etc/tomcat/jaspic-providers.xsd /etc/tomcat/logging.properties /etc/tomcat/server.xml /etc/tomcat/tomcat-users.xml /etc/tomcat/tomcat-users.xsd /etc/tomcat/tomcat.conf /etc/tomcat/web.xml /usr/bin/tomcat-digest /usr/bin/tomcat-tool-wrapper /usr/lib/systemd/system/tomcat.service /usr/lib/systemd/system/tomcat@.service /usr/libexec/tomcat /usr/libexec/tomcat/functions /usr/libexec/tomcat/preamble /usr/libexec/tomcat/server /usr/sbin/tomcat /usr/share/doc/tomcat9 /usr/share/doc/tomcat9/LICENSE /usr/share/doc/tomcat9/NOTICE /usr/share/doc/tomcat9/RELEASE-NOTES /usr/share/tomcat /usr/share/tomcat/bin/bootstrap.jar /usr/share/tomcat/bin/catalina-tasks.xml /usr/share/tomcat/conf /usr/share/tomcat/lib /usr/share/tomcat/logs /usr/share/tomcat/temp /usr/share/tomcat/webapps /usr/share/tomcat/work /var/cache/tomcat /var/cache/tomcat/temp /var/cache/tomcat/work /var/lib/tomcat /var/lib/tomcat/webapps /var/lib/tomcats /var/log/tomcat
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Oct 21 05:25:53 2025