From 04895e9d5d3170c015a41f87726b107bf8f2efbe Mon Sep 17 00:00:00 2001 From: eabdullin Date: Thu, 11 Dec 2025 08:42:12 +0000 Subject: [PATCH] import OL tomcat-9.0.87-1.el8_10.7 --- .gitignore | 2 +- .tomcat.metadata | 2 +- SPECS/tomcat.spec | 10 ++++++++-- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 9d97386..22f1060 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/tomcat-9.0.87.redhat-00012-src.zip +SOURCES/tomcat-9.0.87.redhat-00013-src.zip diff --git a/.tomcat.metadata b/.tomcat.metadata index 3213092..7961324 100644 --- a/.tomcat.metadata +++ b/.tomcat.metadata @@ -1 +1 @@ -8b767b774d19e223f1fa9f4bb07e0db94234978a SOURCES/tomcat-9.0.87.redhat-00012-src.zip +15a5e583a5ce045a1d47e660ca391964cd52a51a SOURCES/tomcat-9.0.87.redhat-00013-src.zip diff --git a/SPECS/tomcat.spec b/SPECS/tomcat.spec index d00b3eb..3aa2ad1 100644 --- a/SPECS/tomcat.spec +++ b/SPECS/tomcat.spec @@ -32,7 +32,7 @@ %global major_version 9 %global minor_version 0 %global micro_version 87 -%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00012-src +%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00013-src %global servletspec 4.0 %global elspec 3.0 %global tcuid 53 @@ -56,7 +56,7 @@ Name: tomcat Epoch: 1 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 1%{?dist}.6 +Release: 1%{?dist}.7 Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API License: ASL 2.0 @@ -556,6 +556,12 @@ fi %changelog +* Thu Nov 27 2025 Adam Krajcik - 1:9.0.87-1.el8_10.7 +- Resolves: RHEL-124507 + tomcat: Directory traversal via rewrite with possible RCE (CVE-2025-55752) +- Resolves: RHEL-91743 + tomcat: Bypass of rules in Rewrite Valve (CVE-2025-31651) + * Thu Aug 14 2025 Adam Krajcik - 1:9.0.87-1.el8_10.6 - Resolves: RHEL-102193 tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989)