rpms/tomcat9
7
0
Fork 0
Code Issues Pull Requests Releases Activity
20 Commits 4 Branches 20 Tags 280 KiB
a10s
Commit Graph

20 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eduard Abdullin
b701cc9382 Exclude i686 architecture from build 2026-04-24 03:51:19 +00:00
pmeloni
f7dfc91917 SOLVES RHEL-150720 tomcat9: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation 2026-04-22 15:43:07 +02:00
Eduard Abdullin
d182e18fef Exclude i686 architecture from build 2026-04-17 03:59:38 +00:00
Coty Sutherland
5c6a19b36d Resolves: RHEL-168243 2026-04-15 15:08:18 -04:00
Eduard Abdullin
5ffae414de Exclude i686 architecture from build 2026-03-27 03:55:51 +00:00
Coty Sutherland
df0564d748 Resolves: RHEL-158962 NPE in tomcat9 when used with TLS enabled custom connector 2026-03-24 11:38:56 -04:00
Eduard Abdullin
90ff0ab448 Exclude i686 architecture from build 2026-02-21 04:18:25 +00:00
Coty Sutherland
f5d3a1825f Resolves: RHEL-148687 Update to Apache Tomcat 9.0.110 for PQC support, and switched to compiling with Java 25 
* Add java-25-headless to the BuildRequires & Requires lists & set JAVA_HOME to java-25 to always use it for compiling with java-25
* Add build-with-java-25.patch that replaces the  attribute with explicit  and  attributes in javac tasks to support building with Java 25 JDK while generating appropriate bytecode versions. This enables the build to use Java 25 APIs while producing different bytecode targets, required for PQC support via FFM in Tomcat 9.0.110.
* Drop the JmxRemoteLifecycleListener patch is it's no longer necessary
* Use tar.gz instead of zip for the sources due to line ending issues
* Add rm for commons-daemon.jar from bin
 2026-02-18 07:33:35 -05:00
Eduard Abdullin
f31ec20c2c Exclude i686 architecture from build 2026-02-10 13:59:26 +00:00
Adam Krajcik
eb8ee63e74 Fix CVE-2025-55752 and CVE-2025-31651 
Resolves: RHEL-124496 - tomcat: Directory traversal via rewrite with possible RCE
Resolves: RHEL-132559 - tomcat: Bypass of rules in Rewrite Valve
 2026-02-04 04:50:59 +01:00
Adam Krajcik
ab17886acb Fix CVE-20225-48989 
Resolves: RHEL-102186 - tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames
 2025-08-21 21:22:57 +02:00
Adam Krajcik
851a855628 Fix multiple CVES 
Resolves: RHEL-108485 - CVE-2025-48976
Resolves: RHEL-108493 - CVE-2025-48988
Resolves: RHEL-108501 - CVE-2025-49125
Resolves: RHEL-108509 - CVE-2025-52434
Resolves: RHEL-108522 - CVE-2025-52520
Resolves: RHEL-108517 - CVE-2025-53506
 2025-08-21 15:14:26 +02:00
Adam Krajcik
56a8925bc9 Fix CVE-2025-31650 and CVE-2024-56337 
Resolves: RHEL-91750 - tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE
Resolves: RHEL-94960 - tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation
 2025-07-21 18:13:38 +02:00
Adam Krajcik
916ab516bb Fix CVE-2025-24813 
Resolves: RHEL-82927 - tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
 2025-04-14 07:30:27 +02:00
Joe Orton
d77a2c5118 add Obsoletes to aid upgrade path from tomcat-9.x 
Resolves: RHEL-79313
 2025-02-13 17:10:25 +00:00
Adam Krajcik
daf29a0dc4 Related: RHEL-77325 Fix date format in changelog entry 2025-02-03 10:31:40 +01:00
Adam Krajcik
c3a902975e Resolves: RHEL-77325 Missing conflicts 2025-02-03 10:00:12 +01:00
Adam Krajcik
569f79b875 Add gating 2025-01-31 13:58:13 +01:00
Adam Krajcik
c2b793848e Initial commit on c10s 
Resolves: RHEL-69841
Resolves: RHEL-71701
 2025-01-29 15:04:40 +01:00
Release Configuration Management
211f228dd3 New branch setup 2025-01-14 09:56:52 -05:00