| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: tomcat | Distribution: CentOS |
| Version: 10.1.49 | Vendor: CentOS |
| Release: 2.el10 | Build date: Thu Jun 18 19:12:54 2026 |
| Group: Unspecified | Build host: aarch64-04.stream.rdu2.redhat.com |
| Size: 333344 | Source RPM: tomcat-10.1.49-2.el10.src.rpm |
| Packager: builder@centos.org | |
| Url: http://tomcat.apache.org/ | |
| Summary: Apache Servlet/JSP Engine, RI for Servlet 6.0/JSP 3.1 API | |
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world.
Apache-2.0
* Thu Jun 04 2026 Pietro Meloni <pmeloni@redhat.com> - 1:10.1.49-2
- Resolves: RHEL-168577 Remove tomcat clustering JAR from RPM builds
Resolves: CVE-2026-29146
tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor
Resolves: CVE-2026-34486
tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass
* Wed Apr 22 2026 Pietro Meloni <pmeloni@redhat.com> - 1:10.1.36-3.el10_1.1
- Resolves: RHEL-150719
Certificate revocation bypass due to improper OCSP response validation (CVE-2026-24734)
* Mon Feb 16 2026 Coty Sutherland <csutherl@redhat.com> - 1:10.1.49-1
- Resolves: RHEL-150099 Rebase tomcat package to enable PQC features
* Fri Jan 23 2026 Pietro Meloni <pmeloni@redhat.com> - 1:10.1.36-4
- Resolves: RHEL-124493
tomcat: Directory traversal via rewrite with possible RCE (CVE-2025-55752)
- Resolves: RHEL-132560
tomcat: Bypass of rules in Rewrite Valve (CVE-2025-31651)
- Resolves: RHEL-132526
tomcat: Denial of service (CVE-2025-61795)
* Mon Dec 15 2025 Eduard Abdullin <eabdullin@almalinux.org> - 1:10.1.36-4
- Exclude i686 architecture from build
* Thu Aug 14 2025 Adam Krajcik <akrajcik@redhat.com> - 1:10.1.36-3
- Resolves: RHEL-102184
tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989)
- Resolves: RHEL-108906
tomcat: Denial of service (CVE-2025-52520)
* Wed Aug 13 2025 Adam Krajcik <akrajcik@redhat.com> - 1:10.1.36-2
- Resolves: RHEL-108900
tomcat: Apache FileUpload DOS via part headers (CVE-2025-48976)
- Resolves: RHEL-108902
tomcat: Dos in multipart upload (CVE-2025-48988)
- Resolves: RHEL-108904
tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125)
- Resolves: RHEL-108908
tomcat: Denial of service (CVE-2025-53506)
* Mon Apr 14 2025 Adam Krajcik <akrajcik@redhat.com> - 1:10.1.36-1
- Rebase tomcat to 10.1.36
- Resolves: RHEL-82925
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
- Resolves: RHEL-87272
tomcat: DoS in examples web application (CVE-2024-54677)
- Resolves: RHEL-87273
tomcat: Authentication bypass when using Jakarta Authentication API (CVE-2024-52316)
- Resolves: RHEL-85343 - NoClassDefFoundError when using migration tool
* Tue Feb 11 2025 Adam Krajcik <akrajcik@redhat.com> - 1:10.1.8-2
- Resolves: RHEL-78899 Add missing Obsoletes
* Wed Feb 05 2025 Adam Krajcik <akrajcik@redhat.com> - 1:10.1.8-1
- Resolves: RHEL-51222 Upgrade tomcat to 10.1.8
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1:9.0.87-3
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
* Mon Aug 12 2024 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2
- Resolves: RHEL-50166 - Rebase tomcat to version 9.0.87
- Resolves: RHEL-12274 - Use src.zip file as a Source0 instead of tar.gz
- Resolves: RHEL-51277 - Prune changelog to remove non-relevant history
- Resolves: RHEL-52906 - tomcat: Switch to using Java 21 as the default JDK
- Resolves: RHEL-55194 - Fix changelog version
- Resolves: RHEL-46156
tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1:9.0.83-3
- Bump release for June 2024 mass rebuild
/etc/logrotate.d/tomcat.disabled /etc/sysconfig/tomcat /etc/tomcat /etc/tomcat/Catalina /etc/tomcat/Catalina/localhost /etc/tomcat/catalina.policy /etc/tomcat/catalina.properties /etc/tomcat/conf.d /etc/tomcat/conf.d/README /etc/tomcat/conf.d/module-start-up-parameters.conf /etc/tomcat/context.xml /etc/tomcat/jaspic-providers.xml /etc/tomcat/jaspic-providers.xsd /etc/tomcat/logging.properties /etc/tomcat/server.xml /etc/tomcat/tomcat-users.xml /etc/tomcat/tomcat-users.xsd /etc/tomcat/tomcat.conf /etc/tomcat/web.xml /usr/bin/tomcat-digest /usr/bin/tomcat-tool-wrapper /usr/lib/systemd/system/tomcat.service /usr/lib/systemd/system/tomcat@.service /usr/libexec/tomcat /usr/libexec/tomcat/functions /usr/libexec/tomcat/preamble /usr/libexec/tomcat/server /usr/sbin/tomcat /usr/share/doc/tomcat /usr/share/doc/tomcat/LICENSE /usr/share/doc/tomcat/NOTICE /usr/share/doc/tomcat/RELEASE-NOTES /usr/share/tomcat /usr/share/tomcat/bin/bootstrap.jar /usr/share/tomcat/bin/catalina-tasks.xml /usr/share/tomcat/conf /usr/share/tomcat/lib /usr/share/tomcat/logs /usr/share/tomcat/temp /usr/share/tomcat/webapps /usr/share/tomcat/webapps-javaee /usr/share/tomcat/work /var/cache/tomcat /var/cache/tomcat/temp /var/cache/tomcat/work /var/lib/tomcat /var/lib/tomcat/webapps /var/lib/tomcat/webapps-javaee /var/lib/tomcats /var/log/tomcat
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Jul 9 04:10:28 2026