Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

tomcat-9.0.87-1.el9_4.1 RPM for noarch

From AlmaLinux 9.4 AppStream for aarch64

Name: tomcat Distribution: AlmaLinux
Version: 9.0.87 Vendor: AlmaLinux
Release: 1.el9_4.1 Build date: Tue May 28 11:33:08 2024
Group: Unspecified Build host: s390x-builder02.almalinux.org
Size: 330048 Source RPM: tomcat-9.0.87-1.el9_4.1.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: http://tomcat.apache.org/
Summary: Apache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is intended
to be a collaboration of the best-of-breed developers from around the world.

Provides

Requires

License

ASL 2.0

Changelog

* Fri May 03 2024 Sokratis Zappis <szappis@redhat.com> - 1:9.0.87-1.el9_4.1
  - Resolves: RHEL-34815 - Rebase tomcat to version 9.0.87
  - Resolves: RHEL-31048
    tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)
  - Resolves: RHEL-31032
    tomcat: : Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)
  - Resolves: RHEL-35328 - Amend tomcat's changelog
    (CVE-2023-46589, CVE-2023-45648, CVE-2023-42795, CVE-2023-42794, CVE-2023-44487, CVE-2023-41080)
* Thu Jan 18 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-39
  - Resolves: RHEL-17605
* Thu Nov 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-38
  - Resolves: RHEL-13908
    tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648)
  - Resolves: RHEL-13905
    tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795)
  - Resolves: RHEL-12952
    tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794)
  - Resolves: RHEL-12552
    tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
  - Resolves: RHEL-2388
    tomcat: Open Redirect vulnerability in FORM authentication (CVE-2023-41080)
* Fri Oct 13 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-37
  - Resolves: RHEL-12551
    tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
  - Remove JDK subpackges which are unused
* Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-16
  - Related: #2184133 Declare file conflicts
* Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-15
  - Resolves: #2184133 Fix bug in Obsoletes
* Tue Aug 01 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-14
  - Resolves: #2210632 CVE-2023-28709 tomcat
* Wed Jul 26 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-13
  - Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3
* Wed Jun 21 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-12
  - Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3
  - Resolves: #2173872 Remove java-11-openjdk-headles as a tomcat dependency
  - Resolves: #2181461 CVE-2023-28708 tomcat: not including the secure attribute causes information
  - Resolves: #2210632 CVE-2023-28709
  - Resolves: #2184133 Add Obsoletes to tomcat package
  - Update patch command
  - Update source to include the CVE fixes
* Thu Feb 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-11
  - Bump release so that the NVR on RHEL-9 is higher than RHEL-8
* Wed Feb 15 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-4
  - Bump release to run the tier1 test
* Tue Feb 07 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-3
  - Add conflicts declaration to the appropriate subpackages
  - Fix malformed DTD file that caused problems with rpminspect
* Fri Feb 03 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-2
  - Add conflicts with the pki-servlet-engine package
* Mon Jan 16 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-1
  - Update to 9.0.62. Related: rhbz#2160511
  - Remove examples webapps from subpackage
  - Remove maven artifacts from build as they aren't very useful
  - Drop JSVC support as it's not very useful these days
  - Drop geronimo-saaj as it's no longer required
  - Drop geronimo-jaxrpc, which provided the webservices naming factory resources that are generally unused
  - Cleaning up some unused deps and system properties
  - Add Java 9 start-up parameters to allow reflection
  - Add bnd-annotation which is in bndlib
  - Add fixes for memory leak which have been fixed in 9.0.64

Files

/etc/logrotate.d/tomcat.disabled
/etc/sysconfig/tomcat
/etc/tomcat
/etc/tomcat/Catalina
/etc/tomcat/Catalina/localhost
/etc/tomcat/catalina.policy
/etc/tomcat/catalina.properties
/etc/tomcat/conf.d
/etc/tomcat/conf.d/README
/etc/tomcat/conf.d/java-9-start-up-parameters.conf
/etc/tomcat/context.xml
/etc/tomcat/jaspic-providers.xml
/etc/tomcat/jaspic-providers.xsd
/etc/tomcat/logging.properties
/etc/tomcat/server.xml
/etc/tomcat/tomcat-users.xml
/etc/tomcat/tomcat-users.xsd
/etc/tomcat/tomcat.conf
/etc/tomcat/web.xml
/usr/bin/tomcat-digest
/usr/bin/tomcat-tool-wrapper
/usr/lib/systemd/system/tomcat.service
/usr/lib/systemd/system/tomcat@.service
/usr/libexec/tomcat
/usr/libexec/tomcat/functions
/usr/libexec/tomcat/preamble
/usr/libexec/tomcat/server
/usr/sbin/tomcat
/usr/share/doc/tomcat
/usr/share/doc/tomcat/LICENSE
/usr/share/doc/tomcat/NOTICE
/usr/share/doc/tomcat/RELEASE-NOTES
/usr/share/tomcat
/usr/share/tomcat/bin/bootstrap.jar
/usr/share/tomcat/bin/catalina-tasks.xml
/usr/share/tomcat/conf
/usr/share/tomcat/lib
/usr/share/tomcat/logs
/usr/share/tomcat/temp
/usr/share/tomcat/webapps
/usr/share/tomcat/work
/var/cache/tomcat
/var/cache/tomcat/temp
/var/cache/tomcat/work
/var/lib/tomcat
/var/lib/tomcat/webapps
/var/lib/tomcats
/var/log/tomcat


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Nov 12 07:34:42 2024