diff --git a/.gitignore b/.gitignore index 42f32b9..04a722c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /tomcat-9.0.87.redhat-00005-src.zip /tomcat-9.0.87.redhat-00006-src.zip /tomcat-9.0.87.redhat-00008-src.zip +/tomcat-9.0.87.redhat-00010-src.zip diff --git a/sources b/sources index 6988a48..7a0d3a5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (tomcat-9.0.87.redhat-00008-src.zip) = 5863c033928427db91d1ecf92485641aa3de8d0bf38dd23293c6d86667da46df77b592342031f7caf915a52ed87a415a1d88937809a0b799a17b5901ceda03c2 +SHA512 (tomcat-9.0.87.redhat-00010-src.zip) = fd65e91c2fd11d48396692e0e88fbba8c2025ec35cbefb29b9b192c516af958ad357a1232e21abd262187d14add45b1441c34d3fa76ac40ba0866febbbfb341d diff --git a/tomcat-server b/tomcat-server index 17ae385..25ef221 100644 --- a/tomcat-server +++ b/tomcat-server @@ -10,7 +10,8 @@ OPTIONS="-Dcatalina.base=$CATALINA_BASE \ -Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS \ -Djava.io.tmpdir=$CATALINA_TMPDIR \ -Djava.util.logging.config.file=${LOGGING_PROPERTIES} \ --Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager" +-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager \ +-Dsun.io.useCanonCaches=false" if [ "$1" = "start" ] ; then FLAGS="${FLAGS} $CATALINA_OPTS" diff --git a/tomcat9.spec b/tomcat9.spec index 6d6116a..3ebaa0d 100644 --- a/tomcat9.spec +++ b/tomcat9.spec @@ -32,7 +32,7 @@ %global major_version 9 %global minor_version 0 %global micro_version 87 -%global packdname tomcat-%{major_version}.%{minor_version}.%{micro_version}.redhat-00008-src +%global packdname tomcat-%{major_version}.%{minor_version}.%{micro_version}.redhat-00010-src %global servletspec 4.0 %global elspec 3.0 %global tcuid 53 @@ -53,7 +53,7 @@ Name: tomcat9 Epoch: 1 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 5%{?dist} +Release: 6%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API License: Apache-2.0 @@ -622,6 +622,12 @@ fi %{appdir}/ROOT %changelog +* Mon May 26 2025 Adam Krajcik - 1:9.0.87-5.el10_0.1 +- Resolves: RHEL-91750 + tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650) +- Resolves: RHEL-94960 + tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337) + * Mon Apr 14 2025 Adam Krajcik - 1:9.0.87-5 - Resolves: RHEL-82927 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)