.gitignore

@@ -1 +1 @@
-SOURCES/tomcat-9.0.87.redhat-00005-src.zip
+SOURCES/tomcat-9.0.62.redhat-00018-src.zip

.tomcat.metadata

@@ -1 +1 @@
-3aeb163e738a5f2a4d2fc20f72d978813a459d5c SOURCES/tomcat-9.0.87.redhat-00005-src.zip
+5becf21ed1eb5c031c31d5f295ce499234e98f82 SOURCES/tomcat-9.0.62.redhat-00018-src.zip

SOURCES/fix-malformed-dtd.patch

@@ -0,0 +1,8 @@
+diff -up ./java/org/apache/tomcat/util/modeler/mbeans-descriptors.dtd.orig ./java/org/apache/tomcat/util/modeler/mbeans-descriptors.dtd
+--- ./java/org/apache/tomcat/util/modeler/mbeans-descriptors.dtd.orig	2023-02-07 14:11:25.294179017 -0500
++++ ./java/org/apache/tomcat/util/modeler/mbeans-descriptors.dtd	2023-02-07 14:11:28.629196705 -0500
+@@ -1,4 +1,3 @@
+-<?xml version="1.0" encoding="UTF-8"?>
+ <!--
+   Licensed to the Apache Software Foundation (ASF) under one or more
+   contributor license agreements.  See the NOTICE file distributed with

SOURCES/remove-bnd-annotation.patch

@@ -0,0 +1,74 @@
+diff --git a/build.xml b/build.xml
+index 5a0be1b..2131211 100644
+--- a/build.xml
++++ b/build.xml
+@@ -3062,7 +3062,7 @@ skip.installer property in build.properties" />
+ 
+   <target name="download-compile"
+           description="Download components necessary to compile"
+-          depends="setup-bnd">
++          >
+ 
+     <!-- Download Commons Daemon -->
+     <antcall target="downloadgz-2">
+diff --git a/java/org/apache/el/ExpressionFactoryImpl.java b/java/org/apache/el/ExpressionFactoryImpl.java
+index a6faeb6..5afbda7 100644
+--- a/java/org/apache/el/ExpressionFactoryImpl.java
++++ b/java/org/apache/el/ExpressionFactoryImpl.java
+@@ -33,7 +33,7 @@ import org.apache.el.util.MessageFactory;
+  *
+  * @author Jacob Hookom [jacob@hookom.net]
+  */
+-@aQute.bnd.annotation.spi.ServiceProvider(value=ExpressionFactory.class)
++//@aQute.bnd.annotation.spi.ServiceProvider(value=ExpressionFactory.class)
+ public class ExpressionFactoryImpl extends ExpressionFactory {
+ 
+     @Override
+diff --git a/java/org/apache/juli/logging/LogFactory.java b/java/org/apache/juli/logging/LogFactory.java
+index 56c805a..bd6eb0d 100644
+--- a/java/org/apache/juli/logging/LogFactory.java
++++ b/java/org/apache/juli/logging/LogFactory.java
+@@ -21,7 +21,7 @@ import java.nio.file.FileSystems;
+ import java.util.ServiceLoader;
+ import java.util.logging.LogManager;
+ 
+-import aQute.bnd.annotation.spi.ServiceConsumer;
++//import aQute.bnd.annotation.spi.ServiceConsumer;
+ 
+ /**
+  * This is a modified LogFactory that uses a simple {@link ServiceLoader} based
+@@ -63,7 +63,7 @@ import aQute.bnd.annotation.spi.ServiceConsumer;
+  * @author Costin Manolache
+  * @author Richard A. Sitze
+  */
+-@ServiceConsumer(value=org.apache.juli.logging.Log.class)
++//@ServiceConsumer(value=org.apache.juli.logging.Log.class)
+ public class LogFactory {
+ 
+     private static final LogFactory singleton = new LogFactory();
+diff --git a/java/org/apache/tomcat/websocket/WsContainerProvider.java b/java/org/apache/tomcat/websocket/WsContainerProvider.java
+index 3cb8873..7bc50f6 100644
+--- a/java/org/apache/tomcat/websocket/WsContainerProvider.java
++++ b/java/org/apache/tomcat/websocket/WsContainerProvider.java
+@@ -19,7 +19,7 @@ package org.apache.tomcat.websocket;
+ import javax.websocket.ContainerProvider;
+ import javax.websocket.WebSocketContainer;
+ 
+-@aQute.bnd.annotation.spi.ServiceProvider(value=ContainerProvider.class)
++//@aQute.bnd.annotation.spi.ServiceProvider(value=ContainerProvider.class)
+ public class WsContainerProvider extends ContainerProvider {
+ 
+     @Override
+diff --git a/java/org/apache/tomcat/websocket/server/DefaultServerEndpointConfigurator.java b/java/org/apache/tomcat/websocket/server/DefaultServerEndpointConfigurator.java
+index 5c385ed..2e4e82e 100644
+--- a/java/org/apache/tomcat/websocket/server/DefaultServerEndpointConfigurator.java
++++ b/java/org/apache/tomcat/websocket/server/DefaultServerEndpointConfigurator.java
+@@ -26,7 +26,7 @@ import javax.websocket.HandshakeResponse;
+ import javax.websocket.server.HandshakeRequest;
+ import javax.websocket.server.ServerEndpointConfig;
+ 
+-@aQute.bnd.annotation.spi.ServiceProvider(value=ServerEndpointConfig.Configurator.class)
++//@aQute.bnd.annotation.spi.ServiceProvider(value=ServerEndpointConfig.Configurator.class)
+ public class DefaultServerEndpointConfigurator
+         extends ServerEndpointConfig.Configurator {
+ 

SOURCES/tomcat-9.0-bnd-annotation.patch

@@ -1,10 +0,0 @@
---- build.xml.orig	2023-01-19 10:39:11.163687508 +0800
-+++ build.xml	2023-01-19 10:44:42.960604444 +0800
-@@ -213,6 +213,7 @@
-   <!-- Classpaths -->
-   <path id="compile.classpath">
-     <pathelement location="${bnd.jar}"/>
-+    <pathelement location="${bnd-annotation.jar}"/>
-     <pathelement location="${jdt.jar}"/>
-     <pathelement location="${jaxrpc-lib.jar}"/>
-     <pathelement location="${wsdl4j-lib.jar}"/>

SOURCES/tomcat-build.patch

@@ -1,11 +1,12 @@
---- ./res/bnd/build-defaults.bnd.orig	2024-05-01 11:07:38.804582327 +0300
-+++ ./res/bnd/build-defaults.bnd	2024-05-01 11:17:08.857295279 +0300
+diff -up ./res/bnd/build-defaults.bnd.orig ./res/bnd/build-defaults.bnd
+--- ./res/bnd/build-defaults.bnd.orig	2020-07-13 13:47:01.229077747 -0400
++++ ./res/bnd/build-defaults.bnd	2020-07-13 13:47:12.923095618 -0400
 @@ -13,7 +13,7 @@
  # See the License for the specific language governing permissions and
  # limitations under the License.
- 
+
 -Bundle-Version: ${version_cleanup;${version}}
 +Bundle-Version: ${version}
- Bundle-License: https://www.apache.org/licenses/LICENSE-2.0.txt
- 
+
  Specification-Title: Apache Tomcat
+ Specification-Version: ${version.major.minor}

SPECS/tomcat.spec

@@ -31,8 +31,8 @@
 %global jspspec 2.3
 %global major_version 9
 %global minor_version 0
-%global micro_version 87
-%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00005-src
+%global micro_version 62
+%global packdname  %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00018-src
 %global servletspec 4.0
 %global elspec 3.0
 %global tcuid 53
@@ -56,7 +56,7 @@
 Name:          tomcat
 Epoch:         1
 Version:       %{major_version}.%{minor_version}.%{micro_version}
-Release:       2%{?dist}
+Release:       29%{?dist}
 Summary:       Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
 
 License:       ASL 2.0
@@ -80,20 +80,22 @@ Patch1:        %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.pat
 Patch2:        %{name}-build.patch
 Patch3:        %{name}-%{major_version}.%{minor_version}-catalina-policy.patch
 Patch4:        rhbz-1857043.patch
-Patch6:        %{name}-%{major_version}.%{minor_version}-bnd-annotation.patch
+# remove bnd dependency which version is too low on rhel8
+Patch6:        remove-bnd-annotation.patch
 Patch7:        JmxRemoteLifecycleListener.patch
+Patch8:        fix-malformed-dtd.patch
 
 BuildArch:     noarch
 
 BuildRequires: ant
-BuildRequires: ecj >= 1:4.10
+BuildRequires: ecj
 BuildRequires: findutils
 BuildRequires: javapackages-local
 BuildRequires: aqute-bnd
 BuildRequires: aqute-bndlib
 BuildRequires: systemd
 
-Requires:      (java-headless >= 1:1.8 or java-1.8.0-headless or java-11-headless or java-17-headless or java-21-headless or java >= 1:1.8)
+Requires:      (java-headless >= 1:1.8 or java-1.8.0-headless or java-11-headless or java-17-headless or java >= 1:1.8)
 Requires:      javapackages-tools
 Requires:      %{name}-lib = %{epoch}:%{version}-%{release}
 %if 0%{?fedora} || 0%{?rhel} > 7
@@ -104,8 +106,7 @@ Requires(post):   systemd
 Requires(preun):  systemd
 Requires(postun): systemd
 
-Provides:  pki-servlet-engine
-Obsoletes: pki-servlet-engine
+Conflicts: pki-servlet-engine <= 1:9.0.50
 
 # added after log4j sub-package was removed
 Provides:         %{name}-log4j = %{epoch}:%{version}-%{release}
@@ -140,7 +141,7 @@ Provides: jsp = %{jspspec}
 Obsoletes: %{name}-jsp-2.2-api
 Requires: %{name}-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release}
 Requires: %{name}-el-%{elspec}-api = %{epoch}:%{version}-%{release}
-Obsoletes: pki-servlet-engine
+Conflicts: pki-servlet-engine <= 1:9.0.50
 
 %description jsp-%{jspspec}-api
 Apache Tomcat JSP API Implementation Classes.
@@ -152,7 +153,7 @@ Requires: %{name}-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release}
 Requires: %{name}-el-%{elspec}-api = %{epoch}:%{version}-%{release}
 Requires: ecj >= 1:4.10
 Requires(preun): coreutils
-Obsoletes: pki-servlet-engine
+Conflicts: pki-servlet-engine <= 1:9.0.50
 
 %description lib
 Libraries needed to run the Tomcat Web container.
@@ -163,8 +164,7 @@ Provides: servlet = %{servletspec}
 Provides: servlet6
 Provides: servlet3
 Obsoletes: %{name}-servlet-3.1-api
-Provides:  pki-servlet-4.0-api
-Obsoletes: pki-servlet-4.0-api
+Conflicts: pki-servlet-4.0-api <= 1:9.0.50
 
 %description servlet-%{servletspec}-api
 Apache Tomcat Servlet API Implementation Classes.
@@ -173,7 +173,7 @@ Apache Tomcat Servlet API Implementation Classes.
 Summary: Apache Tomcat Expression Language v%{elspec} API Implementation Classes
 Provides: el_api = %{elspec}
 Obsoletes: %{name}-el-2.2-api
-Obsoletes: pki-servlet-engine
+Conflicts: pki-servlet-engine <= 1:9.0.50 and pki-servlet-container <= 1:9.0.7
 
 %description el-%{elspec}-api
 Apache Tomcat EL API Implementation Classes.
@@ -196,8 +196,9 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name "
 %patch -P2 -p0
 %patch -P3 -p0
 %patch -P4 -p0
-%patch -P6 -p0
+%patch -P6 -p1
 %patch -P7 -p1
+%patch -P8 -p1
 
 # Remove webservices naming resources as it's generally unused
 %{__rm} -rf java/org/apache/naming/factory/webservices
@@ -229,8 +230,7 @@ touch HACK
   -Dnsis.exe="HACK" \
   -Djaxrpc-lib.jar="HACK" \
   -Dwsdl4j-lib.jar="HACK" \
-  -Dbnd.jar="$(build-classpath aqute-bnd/biz.aQute.bnd)" \
-  -Dbnd-annotation.jar="$(build-classpath aqute-bnd/biz.aQute.bnd.annotation)" \
+  -Dbnd.jar="HACK" \
   -Dversion="%{version}" \
   -Dversion.build="%{micro_version}" \
   deploy
@@ -402,6 +402,7 @@ popd
 %mvn_artifact res/maven/tomcat-websocket-api.pom ${RPM_BUILD_ROOT}%{libdir}/websocket-api.jar
 %mvn_artifact res/maven/tomcat-websocket.pom ${RPM_BUILD_ROOT}%{libdir}/tomcat-websocket.jar
 %mvn_artifact res/maven/tomcat.pom
+
 %mvn_install
 
 %pre
@@ -557,560 +558,56 @@ fi
 
 
 %changelog
-* Thu Aug 08 2024 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2
-- Resolves: RHEL-46163
-  tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)
-- Resolves: RHEL-18245 - OpenJDK 21 support for RHEL Tomcat
+* Thu Jan 18 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-29
+- Resolves: RHEL-17602
 
-* Fri May 03 2024 Sokratis Zappis <szappis@redhat.com> - 1:9.0.87-1
-- Resolves: RHEL-35812 - Rebase tomcat to version 9.0.87
-- Resolves: RHEL-29257
-  tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)
-- Resolves: RHEL-29252
-  tomcat: : Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)
-- Resolves: RHEL-53001 - Amend tomcat's changelog
-  (CVE-2023-46589, CVE-2023-45648, CVE-2023-42795, CVE-2023-42794, CVE-2023-44487, CVE-2023-41080)
+* Thu Nov 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-28
+- Resolves: RHEL-13907
+- Resolves: RHEL-13904
+- Resolves: RHEL-12951
+- Resolves: RHEL-12544
+- Resolves: RHEL-2386
 
-* Thu Jan 18 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-39
-- Resolves: RHEL-17605
-  tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589)
+* Fri Oct 13 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-27
+- Related: RHEL-12543
+- Bump release number
 
-* Thu Nov 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-38
-- Resolves: RHEL-13908
-  tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648)
-- Resolves: RHEL-13905
-  tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795)
-- Resolves: RHEL-12952
-  tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794)
-- Resolves: RHEL-12552
-  tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
-- Resolves: RHEL-2388
-  tomcat: Open Redirect vulnerability in FORM authentication (CVE-2023-41080)
-
-* Fri Oct 13 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-37
-- Resolves: RHEL-12551
-  tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
+* Thu Oct 12 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-16
+- Resolves: RHEL-12543 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)
 - Remove JDK subpackges which are unused
 
-* Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-16
-- Related: #2184133 Declare file conflicts
+* Fri Sep 08 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-14
+- Related: RHEL-2330 Bump release number
 
-* Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-15
-- Resolves: #2184133 Fix bug in Obsoletes
+* Thu Sep 07 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-13
+- Resolves: RHEL-2330 Revert the fix for pki-servlet-engine
 
-* Tue Aug 01 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-14
-- Resolves: #2210632 CVE-2023-28709 tomcat
+* Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-12
+- Related: #2184135 Declare file conflicts
 
-* Wed Jul 26 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-13
-- Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3
+* Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-11
+- Resolves: #2184135 Fix bug introduced in initial commit
 
-* Wed Jun 21 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-12
-- Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3
-- Resolves: #2173872 Remove java-11-openjdk-headles as a tomcat dependency
-- Resolves: #2181461 CVE-2023-28708 tomcat: not including the secure attribute causes information
-- Resolves: #2210632 CVE-2023-28709
-- Resolves: #2184133 Add Obsoletes to tomcat package
-- Update patch command
-- Update source to include the CVE fixes
+* Fri Aug 18 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-10
+- Resolves: #2210630 CVE-2023-28709 tomcat
+- Resolves: #2181448 CVE-2023-28708 tomcat: not including the secure attribute causes information disclosure
 
-* Thu Feb 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-11
-- Bump release so that the NVR on RHEL-9 is higher than RHEL-8
+* Thu Aug 17 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-9
+- Resolves: #2184135 Add Obsoletes to tomcat package
+
+* Thu Aug 17 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-8
+- Resolves: #2189676 Missing Tomcat POM files in RHEL 8.9
+
+* Tue Aug 15 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-7
+- Related: #2173874 Tomcat installs older java even though newer java is installed
+- Bump release number
+
+* Fri Aug 11 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-6
+- Resolves: #2173874 Tomcat installs older java even though newer java is installed
+- Sync with rhel-8.8.0 branch
+
+* Thu Feb 16 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-5
+- Related: #2160455 Add conflicts to subpackage
 
 * Wed Feb 15 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-4
-- Bump release to run the tier1 test
-
-* Tue Feb 07 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-3
-- Add conflicts declaration to the appropriate subpackages
-- Fix malformed DTD file that caused problems with rpminspect
-
-* Fri Feb 03 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-2
-- Add conflicts with the pki-servlet-engine package
-
-* Mon Jan 16 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-1
-- Update to 9.0.62. Related: rhbz#2160511
-- Remove examples webapps from subpackage
-- Remove maven artifacts from build as they aren't very useful
-- Drop JSVC support as it's not very useful these days
-- Drop geronimo-saaj as it's no longer required
-- Drop geronimo-jaxrpc, which provided the webservices naming factory resources that are generally unused
-- Cleaning up some unused deps and system properties
-- Add Java 9 start-up parameters to allow reflection
-- Add bnd-annotation which is in bndlib
-- Add fixes for memory leak which have been fixed in 9.0.64
-
-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1:9.0.44-2
-- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
-
-* Thu Mar 18 2021 Hui Wang <huwang@redhat.com> - 1:9.0.44-1
-- Update to 9.0.44
-
-* Wed Feb 03 2021 Hui Wang <huwang@redhat.com> - 1:9.0.43-1
-- Update to 9.0.43
-
-* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:9.0.41-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
-* Wed Dec 09 2020 Hui Wang <huwang@redhat.com> - 1:9.0.41-1
-- Update to 9.0.41
-
-* Wed Nov 18 2020 Hui Wang <huwang@redhat.com> - 1:9.0.40-1
-- Update to 9.0.40
-
-* Mon Oct 12 2020 Hui Wang <huwang@redhat.com> - 1:9.0.39-1
-- Update to 9.0.39
-
-* Wed Sep 16 2020 Hui Wang <huwang@redhat.com> - 1:9.0.38-1
-- Update to 9.0.38
-
-* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:9.0.37-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Fri Jul 24 2020 Coty Sutherland <csutherl@redhat.com> - 1:9.0.37-3
-- Related: rhbz#1857043 Temporarily remove OSGi metadata from tomcat jars
-
-* Mon Jul 20 2020 Coty Sutherland <csutherl@redhat.com> - 1:9.0.37-2
-- Resolves: rhbz#1857043 Add patch to reinclude o.a.t.util.net.jsse and o.a.t.util.moduler.modules in tomcat-coyote.jar
-
-* Mon Jul 13 2020 Coty Sutherland <csutherl@redhat.com> - 1:9.0.37-1
-- Update to 9.0.37
-
-* Sat Jul 11 2020 Jiri Vanek <jvanek@redhat.com> - 1:9.0.36-2
-- Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11
-
-* Wed Jun 10 2020 Hui Wang <huwang@redhat.com> - 1:9.0.36-1
-- Upgrade to 9.0.36
-
-* Sun May 31 2020 Hui Wang <huwang@redhat.com> - 1:9.0.35-2
-- Upgrade to 9.0.35
-
-* Wed Apr 22 2020 Coty Sutherland <csutherl@redhat.com> - 1:9.0.34-2
-- Add updated catalina.policy patch to allow ECJ usage under the Security Manager
-
-* Tue Apr 21 2020 Coty Sutherland <csutherl@redhat.com> - 1:9.0.34-1
-- Update to 9.0.34
-
-* Thu Mar 05 2020 Coty Sutherland <csutherl@redhat.com> - 1:9.0.31-1
-- Update to 9.0.31
-- Resolves: rhbz#1806398 - CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability
-
-* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:9.0.30-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Fri Dec 20 2019 Coty Sutherland <csutherl@redhat.com> - 1:9.0.30-1
-- Update to 9.0.30
-
-* Thu Sep 26 2019 Coty Sutherland <csutherl@redhat.com> - 1:9.0.26-2
-- Resolves: rhbz#1510522 man page uid and gid mismatch for service accounts
-
-* Thu Sep 26 2019 Coty Sutherland <csutherl@redhat.com> - 1:9.0.26-1
-- Update to 9.0.26
-- Resolves: rhbz#1523112 tomcat systemd does not cope with - in service names
-- Resolves: rhbz#1510896 Problem to start tomcat with a user whose group has a name different to the user
-
-* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:9.0.21-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Wed Jul 17 2019 Coty Sutherland <csutherl@redhat.com> - 1:9.0.21-2
-- Update build-classpath calls to ECJ to specify the JAR we want to use
-
-* Tue Jun 18 2019 Coty Sutherland <csutherl@redhat.com> - 1:9.0.21-1
-- Update to 9.0.21
-
-* Tue Apr 02 2019 Coty Sutherland <csutherl@redhat.com> - 1:9.0.13-4
-- Remove javadoc subpackage to drop the jpackage-utils dependency
-
-* Wed Feb 20 2019 Coty Sutherland <csutherl@redhat.com> - 1:9.0.13-3
-- Remove OSGi MANIFEST files, these are now included in the upstream Tomcat distribution (as of 9.0.10)
-- Remove unused dependencies, apache-commons-collections, apache-commons-daemon, apache-commons-pool, junit
-
-* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:9.0.13-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Thu Dec 13 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.13-1
-- Update to 9.0.13
-- Resolves: rhbz#1636513 - CVE-2018-11784 tomcat: Open redirect in default servlet
-
-* Sun Oct 14 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1:9.0.10-2
-- Drop legcy sys-v bits
-
-* Tue Jul 31 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.10-1
-- Update to 9.0.10
-- Resolves: rhbz#1624929 - CVE-2018-1336 tomcat: A bug in the UTF-8 decoder can lead to DoS
-- Resolves: rhbz#1579612 - CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins
-- Resolves: rhbz#1607586 - CVE-2018-8034 tomcat: host name verification missing in WebSocket client
-- Resolves: rhbz#1607584 - CVE-2018-8037 tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up
-
-* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:9.0.7-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Tue May 01 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.7-1
-- Update to 9.0.7
-
-* Thu Mar 15 2018 Coty Sutherland <csutherl@redhat.com> - 1:8.5.29-1
-- Update to 8.5.29
-- Resolves: rhbz#1548290 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unitended exposure of resources
-- Resolves: rhbz#1548284 CVE-2018-1305 tomcat: Late application of security constraints can lead to resource exposure for unauthorised users
-
-* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1:8.0.49-2
-- Escape macros in %%changelog
-
-* Thu Feb 01 2018 Coty Sutherland <csutherl@redhat.com> - 1:8.0.49-1
-- Update to 8.0.49
-
-* Tue Dec 12 2017 Merlin Mathesius <mmathesi@redhat.com> - 1:8.0.47-3
-- Cleanup spec file conditionals
-
-* Tue Oct 24 2017 Troy Dawson <tdawson@redhat.com> - 1:8.0.47-2
-- Change "zip -u" to "zip"
-- Resolves: rhbz#1495241 [tomcat] zip -u in spec file causes race condition
-
-* Wed Oct 04 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.47-1
-- Update to 8.0.47
-- Resolves: rhbz#1497682 CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615
-
-* Mon Aug 21 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.46-1
-- Update to 8.0.46
-- Resolves: rhbz#1480620 CVE-2017-7674 tomcat: Cache Poisoning
-
-* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:8.0.44-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
-
-* Fri Jun 09 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.44-1
-- Resolves: rhbz#1459160 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism
-
-* Tue Apr 11 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.43-1
-- Update to 8.0.43
-
-* Fri Mar 31 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.42-1
-- Update to 8.0.42
-
-* Thu Feb 16 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.41-1
-- Update to 8.0.41
-- Resolves: rhbz#1403825 CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing
-
-* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:8.0.39-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
-
-* Tue Nov 29 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.39-1
-- Update to 8.0.39
-- Resolves: rhbz#1397493 CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 tomcat: various flaws
-
-* Tue Oct 25 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.38-1
-- Update to 8.0.38
-
-* Sun Oct 23 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.37-3
-- Resolves: rhbz#1383216 CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation
-- Resolves: rhbz#1382310 CVE-2016-5425 tomcat: Local privilege escalation via systemd-tmpfiles service
-
-* Tue Sep 13 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.37-1
-- Rebase to 8.0.37
-- Resolves: rhbz#1375581 CVE-2016-5388 CGI sets environmental variable based on user supplied Proxy request header
-- Resolves: rhbz#1370262 catalina.out is no longer in use in the main package, but still gets rotated
-
-* Thu Aug 11 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.36-2
-- Related: rhbz#1349469 Correct typo in changelog entry
-
-* Mon Aug 08 2016 Coty Sutherland <csutherl@redhat.com> - 1:8.0.36-1
-- Resolves: rhbz#1349469 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service (updates to 8.0.36)
-- Resolves: rhbz#1364056 The command tomcat-digest doesn't work
-- Resolves: rhbz#1363884 The tomcat-tool-wrapper script is broken
-- Resolves: rhbz#1347864 The systemd service unit does not allow tomcat to shut down gracefully
-- Resolves: rhbz#1347835 The security manager doesn't work correctly (JSPs cannot be compiled)
-- Resolves: rhbz#1341853 rpm -V tomcat fails on /var/log/tomcat/catalina.out
-- Resolves: rhbz#1341850 tomcat-jsvc.service has TOMCAT_USER value hard-coded
-- Resolves: rhbz#1359737 Missing maven depmap for the following artifacts: org.apache.tomcat:tomcat-websocket, org.apache.tomcat:tomcat-websocket-api
-- Resolves: asfbz#59960  Building javadocs with java8 fails
-
-* Wed Mar 2 2016 Ivan Afonichev <ivan.afonichev@gmail.com> - 1:8.0.32-4
-- Revert sysconfig migration changes, resolves: rhbz#1311771, rhbz#1311905
-- Add /etc/tomcat/conf.d/ with shell expansion support, resolves rhbz#1293636
-
-* Sat Feb 27 2016 Ivan Afonichev <ivan.afonichev@gmail.com> - 1:8.0.32-3
-- Load sysconfig from tomcat.conf, resolves: rhbz#1311771, rhbz#1311905
-- Set default javax.sql.DataSource factory to apache commons one, resolves rhbz#1214381
-
-* Sun Feb 21 2016 Ivan Afonichev <ivan.afonichev@gmail.com> - 1:8.0.32-2
-- Fix symlinks from $CATALINA_HOME/lib perspective, resolves: rhbz#1308685
-
-* Thu Feb 11 2016 Ivan Afonichev <ivan.afonichev@gmail.com> - 1:8.0.32-1
-- Updated to 8.0.32
-- Remove log4j support. It has never been working actually. See rhbz#1236297
-- Move shipped config to /etc/sysconfig/tomcat. /etc/tomcat/tomcat.conf can now be used to override it with shell expansion, resolves rhbz#1293636
-- Recommend tomcat-native, resolves: rhbz#1243132
-
-* Wed Feb 10 2016 Coty Sutherland <csutherl@redhat.com> 1:8.0.26-4
-- Resolves: rhbz#1286800 Failed to start component due to wrong allowLinking="true" in context.xml
-- Program /bin/nologin does not exist (#1302718)
-
-* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1:8.0.26-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
-
-* Wed Nov 11 2015 Robert Scheck <robert@fedoraproject.org> 1:8.0.26-2
-- CATALINA_OPTS are only read when SECURITY_MANAGER is true (#1147105)
-
-* Thu Aug 27 2015 Alexander Kurtakov <akurtako@redhat.com> 1:8.0.26-1
-- Update to 8.0.26.
-
-* Fri Jul 10 2015 Alexander Kurtakov <akurtako@redhat.com> 1:8.0.24-2
-- Update to 8.0.24.
-
-* Fri Jun 19 2015 Alexander Kurtakov <akurtako@redhat.com> 1:8.0.23-2
-- Drop javax.el:el-api alias.
-
-* Thu Jun 18 2015 Alexander Kurtakov <akurtako@redhat.com> 1:8.0.23-1
-- Update to 8.0.23.
-
-* Thu Jun 18 2015 Alexander Kurtakov <akurtako@redhat.com> 1:8.0.20-3
-- Drop jetty alias for servlet.
-
-* Tue Jun 09 2015 Michal Srb <msrb@redhat.com> - 1:8.0.20-2
-- Fix metadata for org.apache.tomcat:{tomcat-jni,tomcat-util-scan}
-
-* Thu Mar 5 2015 Alexander Kurtakov <akurtako@redhat.com> 1:8.0.18-5
-- Rebuild against tomcat-taglibs-standard.
-
-* Wed Mar 4 2015 Alexander Kurtakov <akurtako@redhat.com> 1:8.0.18-4
-- Fix epoch bumped el_1_0_api that would override all other glassfish/jboss/etc. due to wrong epoch.
-- Drop old provides. 
-
-* Tue Mar 03 2015 Stephen Gallagher <sgallagh@redhat.com> 1:8.0.18-3
-- Bump epoch to maintain upgrade path from Fedora 22
-
-* Mon Feb 16 2015 Michal Srb <msrb@redhat.com> - 0:8.0.18-2
-- Install POM files for org.apache.tomcat:{tomcat-jni,tomcat-util-scan}
-
-* Sun Feb 15 2015 Ivan Afonichev <ivan.afonichev@gmail.com> 0:8.0.18-1
-- Updated to 8.0.18
-
-* Sat Sep 20 2014 Ivan Afonichev <ivan.afonichev@gmail.com> 0:8.0.12-1
-- Updated to 8.0.12
-- Substitute libnames in catalina-tasks.xml, resolves: rhbz#1126439
-- Use CATALINA_OPTS only on start, resolves: rhbz#1051194
-
-* Mon Jun 16 2014 Michal Srb <msrb@redhat.com> - 0:7.0.54-3
-- jsp-api requires el-api
-
-* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0:7.0.54-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
-
-* Thu Jun 5 2014 Alexander Kurtakov <akurtako@redhat.com> 0:7.0.54-1
-- Update to upstream 7.0.54 - fixes compile with Java 8.
-
-* Wed May 21 2014 Alexander Kurtakov <akurtako@redhat.com> 0:7.0.52-3
-- Drop servlet/el api provides to reduce user machines ending with both.
-
-* Sun Mar 30 2014 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.52-2
-- Don't provide maven javax.jsp:jsp-api and javax.servlet.jsp:javax.servlet.jsp-api resolves: rhbz#1076949
-- Move log4j support into subpackage, resolves: rhbz#1027716
-
-* Wed Mar 26 2014 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.52-1
-- Updated to 7.0.52
-- Rewrite jsvc implementation, resolves: rhbz#1051743
-- Switch to java-headless R, resolves: rhbz#1068566
-- Create and own %%{_localstatedir}/lib/tomcats, resolves: rhbz#1026741
-- Add pom for tomcat-jdbc, resolves: rhbz#1011003 
-
-* Tue Jan 21 2014 Mikolaj Izdebski <mizdebsk@redhat.com> - 0:7.0.47-3
-- Fix installation of Maven metadata for tomcat-juli.jar
-- Resolves: rhbz#1033664
-
-* Wed Jan 15 2014 Stanislav Ochotnicky <sochotnicky@redhat.com> - 0:7.0.47-2
-- Rebuild for bug #1033664
-
-* Sun Nov 03 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.47-1
-- Updated to 7.0.47
-- Fix java.security.policy
-
-* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0:7.0.42-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
-
-* Fri Jul 12 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.42-2
-- Remove jpackage-utils R
-
-* Thu Jul 11 2013 Dmitry Tikhonov <squall.sama@gmail.com> 0:7.0.42-1
-- Updated to 7.0.42
-
-* Tue Jun 11 2013 Paul Komkoff <i@stingr.net> 0:7.0.40-3
-- Dropped systemv inits. Bye-bye.
-- Updated the systemd wrappers to allow running multiple instances.
-  Added wrapper scripts to do that, ported the original non-named
-  service file to work with the same wrappers, updated
-  /usr/sbin/tomcat to call systemctl.
-
-* Sat May 11 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.40-1
-- Updated to 7.0.40
-- Resolves: rhbz 956569 added missing commons-pool link
-- Remove ant-nodeps BR
-
-* Mon Mar  4 2013 Mikolaj Izdebski <mizdebsk@redhat.com> - 0:7.0.37-2
-- Add depmaps for org.eclipse.jetty.orbit
-- Resolves: rhbz#917626
-
-* Wed Feb 20 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.39-1
-- Updated to 7.0.39
-
-* Wed Feb 20 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.37-1
-- Updated to 7.0.37
-
-* Mon Feb 4 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.35-1
-- Updated to 7.0.35
-- systemd SuccessExitStatus=143 for proper stop exit code processing
-
-* Mon Dec 24 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.34-1
-- Updated to 7.0.34
-- ecj >= 4.2.1 now required
-- Resolves: rhbz 889395 concat classpath correctly; chdir to $CATALINA_HOME
-
-* Fri Dec 7 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.33-2
-- Resolves: rhbz 883806 refix logdir ownership 
-
-* Sun Dec 2 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.33-1
-- Updated to 7.0.33
-- Resolves: rhbz 873620 need chkconfig for update-alternatives
-
-* Wed Oct 17 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.32-1
-- Updated to 7.0.32
-- Resolves: rhbz 842620 symlinks to taglibs
-
-* Fri Aug 24 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.29-1
-- Updated to 7.0.29
-- Add pidfile as tmpfile
-- Use systemd for running as unprivileged user
-- Resolves: rhbz 847751 upgrade path was broken
-- Resolves: rhbz 850343 use new systemd-rpm macros
-
-* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0:7.0.28-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
-
-* Mon Jul 2 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.28-1
-- Updated to 7.0.28
-- Resolves: rhbz 820119 Remove bundled apache-commons-dbcp
-- Resolves: rhbz 814900 Added tomcat-coyote POM
-- Resolves: rhbz 810775 Remove systemv stuff from %%post scriptlet
-- Remove redhat-lsb R 
-
-* Mon Apr 9 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.27-2
-- Fixed native download hack
-
-* Sat Apr 7 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.27-1
-- Updated to 7.0.27
-- Fixed jakarta-taglibs-standard BR and R
-
-* Wed Mar 21 2012 Stanislav Ochotnicky <sochotnicky@redhat.com> - 0:7.0.26-2
-- Add more depmaps to J2EE apis to help jetty/glassfish updates
-
-* Wed Mar 14 2012 Juan Hernandez <juan.hernandez@redhat.com> 0:7.0.26-2
-- Added the POM files for tomcat-api and tomcat-util (#803495)
-
-* Wed Feb 22 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.26-1
-- Updated to 7.0.26
-- Bug 790334: Change ownership of logdir for logrotate
-
-* Thu Feb 16 2012 Krzysztof Daniel <kdaniel@redhat.com> 0:7.0.25-4
-- Bug 790694: Priorities of jsp, servlet and el packages updated.
-
-* Wed Feb 8 2012 Krzysztof Daniel <kdaniel@redhat.com> 0:7.0.25-3
-- Dropped indirect dependecy to tomcat 5
-
-* Sun Jan 22 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.25-2
-- Added hack for maven depmap of tomcat-juli absolute link [ -f ] pass correctly
-
-* Sat Jan 21 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.25-1
-- Updated to 7.0.25
-- Removed EntityResolver patch (changes already in upstream sources)
-- Place poms and depmaps in the same package as jars
-- Added javax.servlet.descriptor to export-package of servlet-api
-- Move several chkconfig actions and reqs to systemv subpackage
-- New maven depmaps generation method
-- Add patch to support java7. (patch sent upstream).
-- Require java >= 1:1.6.0
-
-* Fri Jan 13 2012 Krzysztof Daniel <kdaniel@redhat.com> 0:7.0.23-5
-- Exported javax.servlet.* packages in version 3.0 as 2.6 to make
-  servlet-api compatible with Eclipse.
-
-* Thu Jan 12 2012 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.23-4
-- Move jsvc support to subpackage
-
-* Wed Jan 11 2012 Alexander Kurtakov <akurtako@redhat.com> 0:7.0.23-2
-- Add EntityResolver setter patch to jasper for jetty's need. (patch sent upstream).
-
-* Mon Dec 12 2011 Joseph D. Wagner <joe@josephdwagner.info> 0:7.0.23-3
-- Added support to /usr/sbin/tomcat-sysd and /usr/sbin/tomcat for
-  starting tomcat with jsvc, which allows tomcat to perform some
-  privileged operations (e.g. bind to a port < 1024) and then switch
-  identity to a non-privileged user. Must add USE_JSVC="true" to
-  /etc/tomcat/tomcat.conf or /etc/sysconfig/tomcat.
-
-* Mon Nov 28 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.23-1
-- Updated to 7.0.23
-
-* Fri Nov 11 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.22-2
-- Move tomcat-juli.jar to lib package
-- Drop %%update_maven_depmap as in tomcat6
-- Provide native systemd unit file ported from tomcat6
-
-* Thu Oct 6 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.22-1
-- Updated to 7.0.22
-
-* Mon Oct 03 2011 Rex Dieter <rdieter@fedoraproject.org> - 0:7.0.21-3.1
-- rebuild (java), rel-eng#4932
-
-* Mon Sep 26 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.21-3
-- Fix basedir mode
-
-* Tue Sep 20 2011 Roland Grunberg <rgrunber@redhat.com> 0:7.0.21-2
-- Add manifests for el-api, jasper-el, jasper, tomcat, and tomcat-juli.
-
-* Thu Sep 8 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.21-1
-- Updated to 7.0.21
-
-* Mon Aug 15 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.20-3
-- Require java = 1:1.6.0
-
-* Mon Aug 15 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.20-2
-- Require java < 1.7.0
-
-* Mon Aug 15 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.20-1
-- Updated to 7.0.20
-
-* Tue Jul 26 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.19-1
-- Updated to 7.0.19
-
-* Tue Jun 21 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.16-1
-- Updated to 7.0.16
-
-* Mon Jun 6 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.14-3
-- Added initial systemd service
-- Fix some paths
-
-* Sat May 21 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.14-2
-- Fixed http source link
-- Securify some permissions
-- Added licenses for el-api and servlet-api
-- Added dependency on jpackage-utils for the javadoc subpackage
-
-* Sat May 14 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.14-1
-- Updated to 7.0.14
-
-* Thu May 5 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.12-4
-- Provided local paths for libs
-- Fixed dependencies
-- Fixed update temp/work cleanup
-
-* Mon May 2 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.12-3
-- Fixed package groups
-- Fixed some permissions
-- Fixed some links
-- Removed old tomcat6 crap
-
-* Thu Apr 28 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.12-2
-- Package now named just tomcat instead of tomcat7
-- Removed Provides:  %%{name}-log4j
-- Switched to apache-commons-* names instead of jakarta-commons-* .
-- Remove the old changelog
-- BR/R java >= 1:1.6.0 , same for java-devel
-- Removed old tomcat6 crap
-
-* Wed Apr 27 2011 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.12-1
-- Tomcat7
+- Resolves: #2160455 Add Tomcat 9 to RHEL8