diff --git a/.gitignore b/.gitignore
index baf7889..c2ecc53 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-/apache-tomcat-8.0.44-src.tar.gz
+/apache-tomcat-8.0.46-src.tar.gz
diff --git a/sources b/sources
index c8bb84d..3ed023d 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-b9eccb2c956aabd2c319e91ce308971b  apache-tomcat-8.0.44-src.tar.gz
+3feaec442115a40dcb068114c500b884  apache-tomcat-8.0.46-src.tar.gz
diff --git a/tomcat.spec b/tomcat.spec
index 169f6ec..9ff886e 100644
--- a/tomcat.spec
+++ b/tomcat.spec
@@ -31,7 +31,7 @@
 %global jspspec 2.3
 %global major_version 8
 %global minor_version 0
-%global micro_version 44
+%global micro_version 46
 %global packdname apache-tomcat-%{version}-src
 %global servletspec 3.1
 %global elspec 3.0
@@ -100,6 +100,11 @@ BuildRequires: apache-commons-pool
 BuildRequires: tomcat-taglibs-standard
 BuildRequires: java-devel >= 1:1.6.0
 BuildRequires: jpackage-utils >= 0:1.7.0
+%if 0%{?fedora} >= 27
+# add_maven_depmap is deprecated, using javapackages-local for now
+# See https://fedora-java.github.io/howto/latest/#_add_maven_depmap_macro
+BuildRequires: javapackages-local
+%endif
 BuildRequires: junit
 BuildRequires: geronimo-jaxrpc
 BuildRequires: wsdl4j
@@ -685,6 +690,13 @@ fi
 %attr(0660,tomcat,tomcat) %verify(not size md5 mtime) %{logdir}/catalina.out
 
 %changelog
+* Mon Aug 21 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.46-1
+- Update to 8.0.46
+- Resolves: rhbz#1480620 CVE-2017-7674 tomcat: Cache Poisoning
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:8.0.44-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
 * Fri Jun 09 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.44-1
 - Resolves: rhbz#1459160 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism