SOLVE RHEL-150719: Certificate revocation bypass due to improper OCSP response validation

2026-04-22 15:18:20 +02:00 · 2026-04-22 15:18:20 +02:00 · 43abffff38
commit 43abffff38
parent 5cca2f2c58
2 changed files with 7 additions and 3 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (tomcat-10.1.49.redhat-00006-src.zip) = dc3426f6ba370b8240a6ed5215af30cce853fcd4ab80f7b0797e5224d438222220dc731d005b7ce3ab419013f51d515bb5443b5a877aa2d153d4f22181c71437
+SHA512 (tomcat-10.1.49.redhat-00007-src.zip) = f72bf5cb755e14a0c4555bcdc3db6bef64c8353339699fc321d6ec2162c72b6999807ddbf3910d9a3217c20df7e94baf5b2c9bb5da7e143c776d01589a41dc4a
--- a/tomcat.spec
+++ b/tomcat.spec
@ -32,7 +32,7 @@
 %global major_version 10
 %global minor_version 1
 %global micro_version 49
-%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00006-src
+%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00007-src
 %global servletspec 6.0
 %global elspec 5.0
 %global tcuid 53
@ -54,7 +54,7 @@
 Name:          tomcat
 Epoch:         1
 Version:       %{major_version}.%{minor_version}.%{micro_version}
-Release:       1%{?dist}
+Release:       1%{?dist}.1
 Summary:       Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API

 License:       Apache-2.0
@ -551,6 +551,10 @@ exit 0
 %{appdir}/ROOT

 %changelog
+* Wed Apr 22 2026 Pietro Meloni <pmeloni@redhat.com> - 1:10.1.36-3.el10_1.1
+- Resolves: RHEL-150719
+  Certificate revocation bypass due to improper OCSP response validation (CVE-2026-24734)
+
 * Mon Feb 16 2026 Coty Sutherland <csutherl@redhat.com> - 1:10.1.49-1
 - Resolves: RHEL-150099 Rebase tomcat package to enable PQC features