tomcat-9.0.87-7.el9 RPM for noarch

From CentOS Stream 9 AppStream for ppc64le

Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is intended
to be a collaboration of the best-of-breed developers from around the world.

Provides

• tomcat
• config(tomcat)
• pki-servlet-engine
• tomcat-log4j

Requires

• /bin/sh
• /bin/sh
• /bin/sh
• /bin/sh
• /usr/bin/bash
• config(tomcat) = 1:9.0.87-7.el9
• javapackages-tools
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rpmlib(RichDependencies) <= 4.12.0-1
• shadow-utils
• systemd
• systemd
• systemd
• tomcat-lib = 1:9.0.87-7.el9

License

ASL 2.0

Changelog

* Wed Jan 21 2026 Pietro Meloni <pmeloni@redhat.com> - 1:9.0.87-7
  - Resolves: RHEL-124516
    tomcat: Directory traversal via rewrite with possible RCE (CVE-2025-55752)
  - Resolves: RHEL-132561
    tomcat: Bypass of rules in Rewrite Valve (CVE-2025-31651)
* Thu Aug 14 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-6
  - Resolves: RHEL-102201
    tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989)
* Tue Aug 12 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-5
  - Resolves: RHEL-108489
    tomcat: Apache Commons FileUpload DOS via part headers (CVE-2025-48976)
  - Resolves: RHEL-108497
    tomcat: Dos in multipart upload (CVE-2025-48988)
  - Resolves: RHEL-108505
    tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125)
  - Resolves: RHEL-108513
    tomcat: Denial of service (CVE-2025-52434)
  - Resolves: RHEL-108529
    tomcat: Denial of service (CVE-2025-52520)
  - Resolves: RHEL-108523
    tomcat: Denial of service (CVE-2025-53506)
* Mon Jul 21 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-4
  - Resolves: RHEL-91763
    tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650)
  - Resolves: RHEL-71985
    tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337)
* Tue Apr 08 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-3
  - Resolves: RHEL-82945
    tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
  - Resolves: RHEL-71723
    tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379)
* Thu Aug 08 2024 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-2
  - Resolves: RHEL-46163
    tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)
  - Resolves: RHEL-18245 - OpenJDK 21 support for RHEL Tomcat
* Fri May 03 2024 Sokratis Zappis <szappis@redhat.com> - 1:9.0.87-1
  - Resolves: RHEL-35812 - Rebase tomcat to version 9.0.87
  - Resolves: RHEL-29257
    tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)
  - Resolves: RHEL-29252
    tomcat: : Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)
  - Resolves: RHEL-53001 - Amend tomcat's changelog
    (CVE-2023-46589, CVE-2023-45648, CVE-2023-42795, CVE-2023-42794, CVE-2023-44487, CVE-2023-41080)

Files

/etc/logrotate.d/tomcat.disabled
/etc/sysconfig/tomcat
/etc/tomcat
/etc/tomcat/Catalina
/etc/tomcat/Catalina/localhost
/etc/tomcat/catalina.policy
/etc/tomcat/catalina.properties
/etc/tomcat/conf.d
/etc/tomcat/conf.d/README
/etc/tomcat/conf.d/java-9-start-up-parameters.conf
/etc/tomcat/context.xml
/etc/tomcat/jaspic-providers.xml
/etc/tomcat/jaspic-providers.xsd
/etc/tomcat/logging.properties
/etc/tomcat/server.xml
/etc/tomcat/tomcat-users.xml
/etc/tomcat/tomcat-users.xsd
/etc/tomcat/tomcat.conf
/etc/tomcat/web.xml
/usr/bin/tomcat-digest
/usr/bin/tomcat-tool-wrapper
/usr/lib/systemd/system/tomcat.service
/usr/lib/systemd/system/tomcat@.service
/usr/libexec/tomcat
/usr/libexec/tomcat/functions
/usr/libexec/tomcat/preamble
/usr/libexec/tomcat/server
/usr/sbin/tomcat
/usr/share/doc/tomcat
/usr/share/doc/tomcat/LICENSE
/usr/share/doc/tomcat/NOTICE
/usr/share/doc/tomcat/RELEASE-NOTES
/usr/share/tomcat
/usr/share/tomcat/bin/bootstrap.jar
/usr/share/tomcat/bin/catalina-tasks.xml
/usr/share/tomcat/conf
/usr/share/tomcat/lib
/usr/share/tomcat/logs
/usr/share/tomcat/temp
/usr/share/tomcat/webapps
/usr/share/tomcat/work
/var/cache/tomcat
/var/cache/tomcat/temp
/var/cache/tomcat/work
/var/lib/tomcat
/var/lib/tomcat/webapps
/var/lib/tomcats
/var/log/tomcat

Generated by rpm2html 1.8.1

Fabrice Bellet, Fri May 8 03:14:09 2026