Tue, 29 Apr 2025 05:34:32 MSK | login

Information for build tomcat-9.0.87-2.el9_5.1

ID28990
Package Nametomcat
Version9.0.87
Release2.el9_5.1
Epoch1
Sourcegit+http://git.inferitos.ru/rpms/tomcat#5208807e5b1935a85b4db922cf983813018d92c2
SummaryApache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API
DescriptionTomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world.
Built bysys_devci
State complete
Volume DEFAULT
StartedTue, 08 Apr 2025 09:03:59 MSK
CompletedTue, 08 Apr 2025 09:06:19 MSK
Taskbuild (inferit-9_5-candidate, /rpms/tomcat/:changed/i9c/tomcat-9.0.87-2.el9_5.1)
Extra{'source': {'original_url': 'git+http://git.inferitos.ru/rpms/tomcat/?#changed/i9c/tomcat-9.0.87-2.el9_5.1'}}
Tags
inferit-9_5-gate
inferit-9_5-updates
inferit-9_6-init
RPMs
src
tomcat-9.0.87-2.el9_5.1.src.rpm (info) (download)
noarch
tomcat-9.0.87-2.el9_5.1.noarch.rpm (info) (download)
tomcat-admin-webapps-9.0.87-2.el9_5.1.noarch.rpm (info) (download)
tomcat-docs-webapp-9.0.87-2.el9_5.1.noarch.rpm (info) (download)
tomcat-el-3.0-api-9.0.87-2.el9_5.1.noarch.rpm (info) (download)
tomcat-jsp-2.3-api-9.0.87-2.el9_5.1.noarch.rpm (info) (download)
tomcat-lib-9.0.87-2.el9_5.1.noarch.rpm (info) (download)
tomcat-servlet-4.0-api-9.0.87-2.el9_5.1.noarch.rpm (info) (download)
tomcat-webapps-9.0.87-2.el9_5.1.noarch.rpm (info) (download)
Logs
noarch
noarch_rpmdiff.json
root.log
state.log
mock_output.log
installed_pkgs.log
hw_info.log
build.log
Changelog * Wed Apr 02 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2.el9_5.1 - Resolves: RHEL-82946 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813) - Resolves: RHEL-71719 tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379) * Thu Aug 08 2024 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2 - Resolves: RHEL-46163 tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750) - Resolves: RHEL-18245 - OpenJDK 21 support for RHEL Tomcat * Fri May 03 2024 Sokratis Zappis <szappis@redhat.com> - 1:9.0.87-1 - Resolves: RHEL-35812 - Rebase tomcat to version 9.0.87 - Resolves: RHEL-29257 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) - Resolves: RHEL-29252 tomcat: : Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) - Resolves: RHEL-53001 - Amend tomcat's changelog (CVE-2023-46589, CVE-2023-45648, CVE-2023-42795, CVE-2023-42794, CVE-2023-44487, CVE-2023-41080) * Thu Jan 18 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-39 - Resolves: RHEL-17605 tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589) * Thu Nov 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-38 - Resolves: RHEL-13908 tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648) - Resolves: RHEL-13905 tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795) - Resolves: RHEL-12952 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794) - Resolves: RHEL-12552 tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) - Resolves: RHEL-2388 tomcat: Open Redirect vulnerability in FORM authentication (CVE-2023-41080) * Fri Oct 13 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-37 - Resolves: RHEL-12551 tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) - Remove JDK subpackges which are unused * Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-16 - Related: #2184133 Declare file conflicts * Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-15 - Resolves: #2184133 Fix bug in Obsoletes * Tue Aug 01 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-14 - Resolves: #2210632 CVE-2023-28709 tomcat * Wed Jul 26 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-13 - Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3 * Wed Jun 21 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-12 - Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3 - Resolves: #2173872 Remove java-11-openjdk-headles as a tomcat dependency - Resolves: #2181461 CVE-2023-28708 tomcat: not including the secure attribute causes information - Resolves: #2210632 CVE-2023-28709 - Resolves: #2184133 Add Obsoletes to tomcat package - Update patch command - Update source to include the CVE fixes * Tue May 09 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 1:9.0.62-11 - Rebuilt for MSVSphere 9.1.