Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

tomcat-10.1.49-2.el10 RPM for noarch

From CentOS Stream 10 AppStream for ppc64le

Name: tomcat Distribution: CentOS
Version: 10.1.49 Vendor: CentOS
Release: 2.el10 Build date: Thu Jun 18 19:12:54 2026
Group: Unspecified Build host: aarch64-04.stream.rdu2.redhat.com
Size: 333344 Source RPM: tomcat-10.1.49-2.el10.src.rpm
Packager: builder@centos.org
Url: http://tomcat.apache.org/
Summary: Apache Servlet/JSP Engine, RI for Servlet 6.0/JSP 3.1 API
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is intended
to be a collaboration of the best-of-breed developers from around the world.

Provides

Requires

License

Apache-2.0

Changelog

* Thu Jun 04 2026 Pietro Meloni <pmeloni@redhat.com> - 1:10.1.49-2
  - Resolves: RHEL-168577 Remove tomcat clustering JAR from RPM builds
    Resolves: CVE-2026-29146
    tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor
    Resolves: CVE-2026-34486
    tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass
* Wed Apr 22 2026 Pietro Meloni <pmeloni@redhat.com> - 1:10.1.36-3.el10_1.1
  - Resolves: RHEL-150719
    Certificate revocation bypass due to improper OCSP response validation (CVE-2026-24734)
* Mon Feb 16 2026 Coty Sutherland <csutherl@redhat.com> - 1:10.1.49-1
  - Resolves: RHEL-150099 Rebase tomcat package to enable PQC features
* Fri Jan 23 2026 Pietro Meloni <pmeloni@redhat.com> - 1:10.1.36-4
  - Resolves: RHEL-124493
    tomcat: Directory traversal via rewrite with possible RCE (CVE-2025-55752)
  - Resolves: RHEL-132560
    tomcat: Bypass of rules in Rewrite Valve (CVE-2025-31651)
  - Resolves: RHEL-132526
    tomcat: Denial of service (CVE-2025-61795)
* Mon Dec 15 2025 Eduard Abdullin <eabdullin@almalinux.org> - 1:10.1.36-4
  - Exclude i686 architecture from build
* Thu Aug 14 2025 Adam Krajcik <akrajcik@redhat.com> - 1:10.1.36-3
  - Resolves: RHEL-102184
    tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989)
  - Resolves: RHEL-108906
    tomcat: Denial of service (CVE-2025-52520)
* Wed Aug 13 2025 Adam Krajcik <akrajcik@redhat.com> - 1:10.1.36-2
  - Resolves: RHEL-108900
    tomcat: Apache  FileUpload DOS via part headers (CVE-2025-48976)
  - Resolves: RHEL-108902
    tomcat: Dos in multipart upload (CVE-2025-48988)
  - Resolves: RHEL-108904
    tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125)
  - Resolves: RHEL-108908
    tomcat: Denial of service (CVE-2025-53506)
* Mon Apr 14 2025 Adam Krajcik <akrajcik@redhat.com> - 1:10.1.36-1
  - Rebase tomcat to 10.1.36
  - Resolves: RHEL-82925
    tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
  - Resolves: RHEL-87272
    tomcat: DoS in examples web application (CVE-2024-54677)
  - Resolves: RHEL-87273
    tomcat: Authentication bypass when using Jakarta Authentication API (CVE-2024-52316)
  - Resolves: RHEL-85343 - NoClassDefFoundError when using migration tool
* Tue Feb 11 2025 Adam Krajcik <akrajcik@redhat.com> - 1:10.1.8-2
  - Resolves: RHEL-78899 Add missing Obsoletes
* Wed Feb 05 2025 Adam Krajcik <akrajcik@redhat.com> - 1:10.1.8-1
  - Resolves: RHEL-51222 Upgrade tomcat to 10.1.8
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1:9.0.87-3
  - Bump release for October 2024 mass rebuild:
    Resolves: RHEL-64018
* Mon Aug 12 2024 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2
  - Resolves: RHEL-50166 - Rebase tomcat to version 9.0.87
  - Resolves: RHEL-12274 - Use src.zip file as a Source0 instead of tar.gz
  - Resolves: RHEL-51277 - Prune changelog to remove non-relevant history
  - Resolves: RHEL-52906 - tomcat: Switch to using Java 21 as the default JDK
  - Resolves: RHEL-55194 - Fix changelog version
  - Resolves: RHEL-46156
    tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1:9.0.83-3
  - Bump release for June 2024 mass rebuild

Files

/etc/logrotate.d/tomcat.disabled
/etc/sysconfig/tomcat
/etc/tomcat
/etc/tomcat/Catalina
/etc/tomcat/Catalina/localhost
/etc/tomcat/catalina.policy
/etc/tomcat/catalina.properties
/etc/tomcat/conf.d
/etc/tomcat/conf.d/README
/etc/tomcat/conf.d/module-start-up-parameters.conf
/etc/tomcat/context.xml
/etc/tomcat/jaspic-providers.xml
/etc/tomcat/jaspic-providers.xsd
/etc/tomcat/logging.properties
/etc/tomcat/server.xml
/etc/tomcat/tomcat-users.xml
/etc/tomcat/tomcat-users.xsd
/etc/tomcat/tomcat.conf
/etc/tomcat/web.xml
/usr/bin/tomcat-digest
/usr/bin/tomcat-tool-wrapper
/usr/lib/systemd/system/tomcat.service
/usr/lib/systemd/system/tomcat@.service
/usr/libexec/tomcat
/usr/libexec/tomcat/functions
/usr/libexec/tomcat/preamble
/usr/libexec/tomcat/server
/usr/sbin/tomcat
/usr/share/doc/tomcat
/usr/share/doc/tomcat/LICENSE
/usr/share/doc/tomcat/NOTICE
/usr/share/doc/tomcat/RELEASE-NOTES
/usr/share/tomcat
/usr/share/tomcat/bin/bootstrap.jar
/usr/share/tomcat/bin/catalina-tasks.xml
/usr/share/tomcat/conf
/usr/share/tomcat/lib
/usr/share/tomcat/logs
/usr/share/tomcat/temp
/usr/share/tomcat/webapps
/usr/share/tomcat/webapps-javaee
/usr/share/tomcat/work
/var/cache/tomcat
/var/cache/tomcat/temp
/var/cache/tomcat/work
/var/lib/tomcat
/var/lib/tomcat/webapps
/var/lib/tomcat/webapps-javaee
/var/lib/tomcats
/var/log/tomcat


Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Jul 9 04:10:28 2026