Описание
ELSA-2025-14177: tomcat security update (IMPORTANT)
[1:9.0.87-1.el8_10.6]
- Resolves: RHEL-102193 tomcat: http/2 'MadeYouReset' DoS attack through HTTP/2 control frames (CVE-2025-48989)
[1:9.0.87-1.el8_10.5]
- Resolves: RHEL-108486 tomcat: Apache Commons FileUpload DOS via part headers (CVE-2025-48976)
- Resolves: RHEL-108494 tomcat: Dos in multipart upload (CVE-2025-48988)
- Resolves: RHEL-108502 tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125)
- Resolves: RHEL-108510 tomcat: Denial of service (CVE-2025-52434)
- Resolves: RHEL-108524 tomcat: Denial of service (CVE-2025-52520)
- Resolves: RHEL-108518 tomcat: Denial of service (CVE-2025-53506)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
tomcat
9.0.87-1.el8_10.6
tomcat-admin-webapps
9.0.87-1.el8_10.6
tomcat-docs-webapp
9.0.87-1.el8_10.6
tomcat-el-3.0-api
9.0.87-1.el8_10.6
tomcat-jsp-2.3-api
9.0.87-1.el8_10.6
tomcat-lib
9.0.87-1.el8_10.6
tomcat-servlet-4.0-api
9.0.87-1.el8_10.6
tomcat-webapps
9.0.87-1.el8_10.6
Oracle Linux x86_64
tomcat
9.0.87-1.el8_10.6
tomcat-admin-webapps
9.0.87-1.el8_10.6
tomcat-docs-webapp
9.0.87-1.el8_10.6
tomcat-el-3.0-api
9.0.87-1.el8_10.6
tomcat-jsp-2.3-api
9.0.87-1.el8_10.6
tomcat-lib
9.0.87-1.el8_10.6
tomcat-servlet-4.0-api
9.0.87-1.el8_10.6
tomcat-webapps
9.0.87-1.el8_10.6
