SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for tomcat-jsp-2.3-api-9.0.87-1.el9_4.2.noarch.rpm :

* Thu Aug 08 2024 Adam Krajcik - 1:9.0.87-1.el9_4.2- Resolves: RHEL-46162 tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)
* Fri May 03 2024 Sokratis Zappis - 1:9.0.87-1.el9_4.1- Resolves: RHEL-34815 - Rebase tomcat to version 9.0.87- Resolves: RHEL-31048 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)- Resolves: RHEL-31032 tomcat: : Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)- Resolves: RHEL-35328 - Amend tomcat\'s changelog (CVE-2023-46589, CVE-2023-45648, CVE-2023-42795, CVE-2023-42794, CVE-2023-44487, CVE-2023-41080)
* Thu Jan 18 2024 Hui Wang - 1:9.0.62-39- Resolves: RHEL-17605
* Thu Nov 23 2023 Hui Wang - 1:9.0.62-38- Resolves: RHEL-13908 tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648)- Resolves: RHEL-13905 tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795)- Resolves: RHEL-12952 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794)- Resolves: RHEL-12552 tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)- Resolves: RHEL-2388 tomcat: Open Redirect vulnerability in FORM authentication (CVE-2023-41080)
* Fri Oct 13 2023 Hui Wang - 1:9.0.62-37- Resolves: RHEL-12551 tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)- Remove JDK subpackges which are unused
* Fri Aug 25 2023 Coty Sutherland - 1:9.0.62-16- Related: #2184133 Declare file conflicts
* Fri Aug 25 2023 Coty Sutherland - 1:9.0.62-15- Resolves: #2184133 Fix bug in Obsoletes
* Tue Aug 01 2023 Hui Wang - 1:9.0.62-14- Resolves: #2210632 CVE-2023-28709 tomcat
* Wed Jul 26 2023 Hui Wang - 1:9.0.62-13- Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3
* Wed Jun 21 2023 Hui Wang - 1:9.0.62-12- Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3- Resolves: #2173872 Remove java-11-openjdk-headles as a tomcat dependency- Resolves: #2181461 CVE-2023-28708 tomcat: not including the secure attribute causes information- Resolves: #2210632 CVE-2023-28709- Resolves: #2184133 Add Obsoletes to tomcat package- Update patch command- Update source to include the CVE fixes
* Thu Feb 23 2023 Hui Wang - 1:9.0.62-11- Bump release so that the NVR on RHEL-9 is higher than RHEL-8
* Wed Feb 15 2023 Hui Wang - 1:9.0.62-4- Bump release to run the tier1 test
* Tue Feb 07 2023 Coty Sutherland - 1:9.0.62-3- Add conflicts declaration to the appropriate subpackages- Fix malformed DTD file that caused problems with rpminspect
* Fri Feb 03 2023 Hui Wang - 1:9.0.62-2- Add conflicts with the pki-servlet-engine package
* Mon Jan 16 2023 Hui Wang - 1:9.0.62-1- Update to 9.0.62. Related: rhbz#2160511- Remove examples webapps from subpackage- Remove maven artifacts from build as they aren\'t very useful- Drop JSVC support as it\'s not very useful these days- Drop geronimo-saaj as it\'s no longer required- Drop geronimo-jaxrpc, which provided the webservices naming factory resources that are generally unused- Cleaning up some unused deps and system properties- Add Java 9 start-up parameters to allow reflection- Add bnd-annotation which is in bndlib- Add fixes for memory leak which have been fixed in 9.0.64
  
ICM