From 0e379df1cf0c0979da38d507376c4b99f79ad0bc Mon Sep 17 00:00:00 2001 From: eabdullin Date: Wed, 9 Apr 2025 07:53:42 +0000 Subject: [PATCH] Import from CS git --- .gitignore | 2 +- .tomcat.metadata | 2 +- SPECS/tomcat.spec | 10 ++++++++-- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 5596185..7d74863 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/tomcat-9.0.87.redhat-00005-src.zip +SOURCES/tomcat-9.0.87.redhat-00008-src.zip diff --git a/.tomcat.metadata b/.tomcat.metadata index 2c0fd0d..ac94e32 100644 --- a/.tomcat.metadata +++ b/.tomcat.metadata @@ -1 +1 @@ -3aeb163e738a5f2a4d2fc20f72d978813a459d5c SOURCES/tomcat-9.0.87.redhat-00005-src.zip +d7a9c6c9ac2c92886aa3ade5c653c7854c6df1f1 SOURCES/tomcat-9.0.87.redhat-00008-src.zip diff --git a/SPECS/tomcat.spec b/SPECS/tomcat.spec index 3e34334..7e9ee92 100644 --- a/SPECS/tomcat.spec +++ b/SPECS/tomcat.spec @@ -32,7 +32,7 @@ %global major_version 9 %global minor_version 0 %global micro_version 87 -%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00005-src +%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00008-src %global servletspec 4.0 %global elspec 3.0 %global tcuid 53 @@ -56,7 +56,7 @@ Name: tomcat Epoch: 1 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 1%{?dist}.2 +Release: 1%{?dist}.3 Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API License: ASL 2.0 @@ -556,6 +556,12 @@ fi %changelog +* Wed Apr 02 2025 Adam Krajcik - 1:9.0.87-1.el8_10.3 +- Resolves: RHEL-82934 + tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813) +- Resolves: RHEL-71708 + tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379) + * Thu Aug 08 2024 Adam Krajcik - 1:9.0.87-1.el8_10.2 - Resolves: RHEL-46167 tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)