tomcat-9.0.87-1.el8_10.2 | Build Info

Information for build tomcat-9.0.87-1.el8_10.2

30768

Package Name

tomcat

Version

9.0.87

Release

1.el8_10.2

Epoch

Draft

False

Source

git+https://git.cclinux.org/stage/rpms/tomcat.git#1b8c07db8c65542df43cc40de9fb1852718ebaae

Summary

Apache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API

Description

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world.

Built by

distrobuild

State

complete

Volume

DEFAULT

Started

Thu, 22 Aug 2024 02:26:19 CST

Completed

Thu, 22 Aug 2024 02:28:20 CST

Task

build (dist-circle8_10-updates, /stage/rpms/tomcat.git:1b8c07db8c65542df43cc40de9fb1852718ebaae)

Extra

{'source': {'original_url': 'git+https://git.cclinux.org/stage/rpms/tomcat.git?#1b8c07db8c65542df43cc40de9fb1852718ebaae'}}

Tags

dist-circle8

dist-circle8-compose

RPMs

src
	tomcat-9.0.87-1.el8_10.2.src.rpm (info) (download)
noarch
	tomcat-9.0.87-1.el8_10.2.noarch.rpm (info) (download)
	tomcat-admin-webapps-9.0.87-1.el8_10.2.noarch.rpm (info) (download)
	tomcat-docs-webapp-9.0.87-1.el8_10.2.noarch.rpm (info) (download)
	tomcat-el-3.0-api-9.0.87-1.el8_10.2.noarch.rpm (info) (download)
	tomcat-jsp-2.3-api-9.0.87-1.el8_10.2.noarch.rpm (info) (download)
	tomcat-lib-9.0.87-1.el8_10.2.noarch.rpm (info) (download)
	tomcat-servlet-4.0-api-9.0.87-1.el8_10.2.noarch.rpm (info) (download)
	tomcat-webapps-9.0.87-1.el8_10.2.noarch.rpm (info) (download)

Logs

noarch
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	noarch_rpmdiff.json
	root.log
	state.log

Changelog

* Thu Aug 08 2024 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-1.el8_10.2 - Resolves: RHEL-46167 tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750) * Mon Jun 03 2024 Sokratis Zappis <szappis@redhat.com> - 1:9.0.87-1.el8_10.1 - Resolves: RHEL-38548 - Amend tomcat package's changelog so that fixed CVEs are mentioned explicitly - Resolves: RHEL-35813 - Rebase tomcat to version 9.0.87 - Resolves: RHEL-29255 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) - Resolves: RHEL-29250 tomcat: Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) * Fri Jan 19 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-30 - Resolves: RHEL-6971 * Thu Jan 18 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-29 - Resolves: RHEL-17602 tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589) - tomcat: Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) * Thu Nov 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-28 - Resolves: RHEL-13907 tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648) - Resolves: RHEL-13904 tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795) - Resolves: RHEL-12951 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794) - Resolves: RHEL-12544 tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) - Resolves: RHEL-2386 tomcat: Open Redirect vulnerability in FORM authentication (CVE-2023-41080) * Fri Oct 13 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-27 - Related: RHEL-12543 tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) - Bump release number * Thu Oct 12 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-16 - Resolves: RHEL-12543 tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) - Remove JDK subpackges which are unused * Fri Sep 08 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-14 - Related: RHEL-2330 Bump release number * Thu Sep 07 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-13 - Resolves: RHEL-2330 Revert the fix for pki-servlet-engine * Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-12 - Related: #2184135 Declare file conflicts * Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-11 - Resolves: #2184135 Fix bug introduced in initial commit * Fri Aug 18 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-10 - Resolves: #2210630 CVE-2023-28709 tomcat - Resolves: #2181448 CVE-2023-28708 tomcat: not including the secure attribute causes information disclosure - tomcat: Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998) tomcat: JsonErrorReportValve injection (CVE-2022-45143) tomcat: request smuggling (CVE-2022-42252) tomcat: local privilege escalation vulnerability (CVE-2022-23181) * Thu Aug 17 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-9 - Resolves: #2184135 Add Obsoletes to tomcat package * Thu Aug 17 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-8 - Resolves: #2189676 Missing Tomcat POM files in RHEL 8.9 * Tue Aug 15 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-7 - Related: #2173874 Tomcat installs older java even though newer java is installed - Bump release number * Fri Aug 11 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-6 - Resolves: #2173874 Tomcat installs older java even though newer java is installed - Sync with rhel-8.8.0 branch * Thu Feb 16 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-5 - Related: #2160455 Add conflicts to subpackage * Wed Feb 15 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-4 - Resolves: #2160455 Add Tomcat 9 to RHEL8

Main Site Links:

Information for build tomcat-9.0.87-1.el8_10.2