| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: tomcat-lib | Distribution: CentOS |
| Version: 9.0.87 | Vendor: CentOS |
| Release: 2.el9 | Build date: Wed Aug 21 14:14:24 2024 |
| Group: Unspecified | Build host: s390-07.stream.rdu2.redhat.com |
| Size: 7139758 | Source RPM: tomcat-9.0.87-2.el9.src.rpm |
| Packager: builder@centos.org | |
| Url: http://tomcat.apache.org/ | |
| Summary: Libraries needed to run the Tomcat Web container | |
Libraries needed to run the Tomcat Web container.
ASL 2.0
* Thu Aug 08 2024 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2
- Resolves: RHEL-46163
tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)
- Resolves: RHEL-18245 - OpenJDK 21 support for RHEL Tomcat
* Fri May 03 2024 Sokratis Zappis <szappis@redhat.com> - 1:9.0.87-1
- Resolves: RHEL-35812 - Rebase tomcat to version 9.0.87
- Resolves: RHEL-29257
tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)
- Resolves: RHEL-29252
tomcat: : Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)
- Resolves: RHEL-53001 - Amend tomcat's changelog
(CVE-2023-46589, CVE-2023-45648, CVE-2023-42795, CVE-2023-42794, CVE-2023-44487, CVE-2023-41080)
* Thu Jan 18 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-39
- Resolves: RHEL-17605
tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589)
* Thu Nov 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-38
- Resolves: RHEL-13908
tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648)
- Resolves: RHEL-13905
tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795)
- Resolves: RHEL-12952
tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794)
- Resolves: RHEL-12552
tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
- Resolves: RHEL-2388
tomcat: Open Redirect vulnerability in FORM authentication (CVE-2023-41080)
* Fri Oct 13 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-37
- Resolves: RHEL-12551
tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
- Remove JDK subpackges which are unused
* Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-16
- Related: #2184133 Declare file conflicts
* Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-15
- Resolves: #2184133 Fix bug in Obsoletes
* Tue Aug 01 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-14
- Resolves: #2210632 CVE-2023-28709 tomcat
* Wed Jul 26 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-13
- Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3
* Wed Jun 21 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-12
- Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3
- Resolves: #2173872 Remove java-11-openjdk-headles as a tomcat dependency
- Resolves: #2181461 CVE-2023-28708 tomcat: not including the secure attribute causes information
- Resolves: #2210632 CVE-2023-28709
- Resolves: #2184133 Add Obsoletes to tomcat package
- Update patch command
- Update source to include the CVE fixes
* Thu Feb 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-11
- Bump release so that the NVR on RHEL-9 is higher than RHEL-8
* Wed Feb 15 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-4
- Bump release to run the tier1 test
* Tue Feb 07 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-3
- Add conflicts declaration to the appropriate subpackages
- Fix malformed DTD file that caused problems with rpminspect
* Fri Feb 03 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-2
- Add conflicts with the pki-servlet-engine package
* Mon Jan 16 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-1
- Update to 9.0.62. Related: rhbz#2160511
- Remove examples webapps from subpackage
- Remove maven artifacts from build as they aren't very useful
- Drop JSVC support as it's not very useful these days
- Drop geronimo-saaj as it's no longer required
- Drop geronimo-jaxrpc, which provided the webservices naming factory resources that are generally unused
- Cleaning up some unused deps and system properties
- Add Java 9 start-up parameters to allow reflection
- Add bnd-annotation which is in bndlib
- Add fixes for memory leak which have been fixed in 9.0.64
/usr/share/java/tomcat /usr/share/java/tomcat/annotations-api.jar /usr/share/java/tomcat/catalina-ant.jar /usr/share/java/tomcat/catalina-ha.jar /usr/share/java/tomcat/catalina-ssi.jar /usr/share/java/tomcat/catalina-storeconfig.jar /usr/share/java/tomcat/catalina-tribes.jar /usr/share/java/tomcat/catalina.jar /usr/share/java/tomcat/jasper-el.jar /usr/share/java/tomcat/jasper-jdt.jar /usr/share/java/tomcat/jasper.jar /usr/share/java/tomcat/jaspic-api.jar /usr/share/java/tomcat/tomcat-api.jar /usr/share/java/tomcat/tomcat-coyote.jar /usr/share/java/tomcat/tomcat-dbcp.jar /usr/share/java/tomcat/tomcat-el-api.jar /usr/share/java/tomcat/tomcat-i18n-cs.jar /usr/share/java/tomcat/tomcat-i18n-de.jar /usr/share/java/tomcat/tomcat-i18n-es.jar /usr/share/java/tomcat/tomcat-i18n-fr.jar /usr/share/java/tomcat/tomcat-i18n-ja.jar /usr/share/java/tomcat/tomcat-i18n-ko.jar /usr/share/java/tomcat/tomcat-i18n-pt-BR.jar /usr/share/java/tomcat/tomcat-i18n-ru.jar /usr/share/java/tomcat/tomcat-i18n-zh-CN.jar /usr/share/java/tomcat/tomcat-jdbc.jar /usr/share/java/tomcat/tomcat-jni.jar /usr/share/java/tomcat/tomcat-jsp-api.jar /usr/share/java/tomcat/tomcat-juli.jar /usr/share/java/tomcat/tomcat-servlet-api.jar /usr/share/java/tomcat/tomcat-util-scan.jar /usr/share/java/tomcat/tomcat-util.jar /usr/share/java/tomcat/tomcat-websocket.jar /usr/share/java/tomcat/websocket-api.jar /usr/share/maven-metadata/tomcat.xml /usr/share/maven-poms/tomcat /usr/share/maven-poms/tomcat/annotations-api.pom /usr/share/maven-poms/tomcat/catalina-ant.pom /usr/share/maven-poms/tomcat/catalina-ha.pom /usr/share/maven-poms/tomcat/catalina-ssi.pom /usr/share/maven-poms/tomcat/catalina-storeconfig.pom /usr/share/maven-poms/tomcat/catalina-tribes.pom /usr/share/maven-poms/tomcat/catalina.pom /usr/share/maven-poms/tomcat/jasper-el.pom /usr/share/maven-poms/tomcat/jasper.pom /usr/share/maven-poms/tomcat/jaspic-api.pom /usr/share/maven-poms/tomcat/tomcat-api.pom /usr/share/maven-poms/tomcat/tomcat-coyote.pom /usr/share/maven-poms/tomcat/tomcat-dbcp.pom /usr/share/maven-poms/tomcat/tomcat-i18n-cs.pom /usr/share/maven-poms/tomcat/tomcat-i18n-de.pom /usr/share/maven-poms/tomcat/tomcat-i18n-es.pom /usr/share/maven-poms/tomcat/tomcat-i18n-fr.pom /usr/share/maven-poms/tomcat/tomcat-i18n-ja.pom /usr/share/maven-poms/tomcat/tomcat-i18n-ko.pom /usr/share/maven-poms/tomcat/tomcat-i18n-pt-BR.pom /usr/share/maven-poms/tomcat/tomcat-i18n-ru.pom /usr/share/maven-poms/tomcat/tomcat-i18n-zh-CN.pom /usr/share/maven-poms/tomcat/tomcat-jdbc.pom /usr/share/maven-poms/tomcat/tomcat-jni.pom /usr/share/maven-poms/tomcat/tomcat-juli.pom /usr/share/maven-poms/tomcat/tomcat-util-scan.pom /usr/share/maven-poms/tomcat/tomcat-util.pom /usr/share/maven-poms/tomcat/tomcat-websocket.pom /usr/share/maven-poms/tomcat/tomcat.pom /usr/share/maven-poms/tomcat/websocket-api.pom /usr/share/tomcat/bin/tomcat-juli.jar
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Oct 21 05:11:33 2025