diff --git a/.gitignore b/.gitignore
index d32af8d..9d97386 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/tomcat-9.0.87.redhat-00010-src.zip
+SOURCES/tomcat-9.0.87.redhat-00012-src.zip
diff --git a/.tomcat.metadata b/.tomcat.metadata
index 2258cf2..3213092 100644
--- a/.tomcat.metadata
+++ b/.tomcat.metadata
@@ -1 +1 @@
-3947449541e30df91b228e2c767bdb654dde9369 SOURCES/tomcat-9.0.87.redhat-00010-src.zip
+8b767b774d19e223f1fa9f4bb07e0db94234978a SOURCES/tomcat-9.0.87.redhat-00012-src.zip
diff --git a/SPECS/tomcat.spec b/SPECS/tomcat.spec
index ca0ef59..d00b3eb 100644
--- a/SPECS/tomcat.spec
+++ b/SPECS/tomcat.spec
@@ -32,7 +32,7 @@
 %global major_version 9
 %global minor_version 0
 %global micro_version 87
-%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00010-src
+%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00012-src
 %global servletspec 4.0
 %global elspec 3.0
 %global tcuid 53
@@ -56,7 +56,7 @@
 Name:          tomcat
 Epoch:         1
 Version:       %{major_version}.%{minor_version}.%{micro_version}
-Release:       1%{?dist}.4
+Release:       1%{?dist}.6
 Summary:       Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
 
 License:       ASL 2.0
@@ -556,6 +556,24 @@ fi
 
 
 %changelog
+* Thu Aug 14 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-1.el8_10.6
+- Resolves: RHEL-102193
+  tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989)
+
+* Tue Aug 12 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-1.el8_10.5
+- Resolves: RHEL-108486
+  tomcat: Apache Commons FileUpload DOS via part headers (CVE-2025-48976)
+- Resolves: RHEL-108494
+  tomcat: Dos in multipart upload (CVE-2025-48988)
+- Resolves: RHEL-108502
+  tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125)
+- Resolves: RHEL-108510
+  tomcat: Denial of service (CVE-2025-52434)
+- Resolves: RHEL-108524
+  tomcat: Denial of service (CVE-2025-52520)
+- Resolves: RHEL-108518
+  tomcat: Denial of service (CVE-2025-53506)
+
 * Mon May 26 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-1.el8_10.4
 - Resolves: RHEL-91761
   tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650)