From b8eb98f8d7044d409f62e321cb75a257bff2d4e7 Mon Sep 17 00:00:00 2001
From: eabdullin <ed.abdullin.1@gmail.com>
Date: Thu, 17 Jul 2025 06:22:56 +0000
Subject: [PATCH] import OL tomcat-9.0.87-3.el9_6.1

---
 .gitignore            |  2 +-
 .tomcat.metadata      |  2 +-
 SOURCES/tomcat-server |  3 ++-
 SPECS/tomcat.spec     | 16 +++++++++++-----
 4 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/.gitignore b/.gitignore
index 7d74863..d32af8d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/tomcat-9.0.87.redhat-00008-src.zip
+SOURCES/tomcat-9.0.87.redhat-00010-src.zip
diff --git a/.tomcat.metadata b/.tomcat.metadata
index ac94e32..2258cf2 100644
--- a/.tomcat.metadata
+++ b/.tomcat.metadata
@@ -1 +1 @@
-d7a9c6c9ac2c92886aa3ade5c653c7854c6df1f1 SOURCES/tomcat-9.0.87.redhat-00008-src.zip
+3947449541e30df91b228e2c767bdb654dde9369 SOURCES/tomcat-9.0.87.redhat-00010-src.zip
diff --git a/SOURCES/tomcat-server b/SOURCES/tomcat-server
index 17ae385..25ef221 100644
--- a/SOURCES/tomcat-server
+++ b/SOURCES/tomcat-server
@@ -10,7 +10,8 @@ OPTIONS="-Dcatalina.base=$CATALINA_BASE \
 -Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS \
 -Djava.io.tmpdir=$CATALINA_TMPDIR \
 -Djava.util.logging.config.file=${LOGGING_PROPERTIES} \
--Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager"
+-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager \
+-Dsun.io.useCanonCaches=false"
 
 if [ "$1" = "start" ] ; then
   FLAGS="${FLAGS} $CATALINA_OPTS"
diff --git a/SPECS/tomcat.spec b/SPECS/tomcat.spec
index 14b8074..349570c 100644
--- a/SPECS/tomcat.spec
+++ b/SPECS/tomcat.spec
@@ -32,7 +32,7 @@
 %global major_version 9
 %global minor_version 0
 %global micro_version 87
-%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00008-src
+%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00010-src
 %global servletspec 4.0
 %global elspec 3.0
 %global tcuid 53
@@ -56,7 +56,7 @@
 Name:          tomcat
 Epoch:         1
 Version:       %{major_version}.%{minor_version}.%{micro_version}
-Release:       2%{?dist}.1
+Release:       3%{?dist}.1
 Summary:       Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
 
 License:       ASL 2.0
@@ -557,10 +557,16 @@ fi
 
 
 %changelog
-* Wed Apr 02 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2.el9_5.1
-- Resolves: RHEL-82946
+* Mon May 26 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-3.el9_6.1
+- Resolves: RHEL-91765
+  tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650)
+- Resolves: RHEL-71981
+  tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337)
+
+* Tue Apr 08 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-3
+- Resolves: RHEL-82945
   tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
-- Resolves: RHEL-71719
+- Resolves: RHEL-71723
   tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379)
 
 * Thu Aug 08 2024 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2