Описание
ELSA-2025-14181: tomcat security update (IMPORTANT)
[1:9.0.87-3.el9_6.3]
- Resolves: RHEL-102200 tomcat: http/2 'MadeYouReset' DoS attack through HTTP/2 control frames (CVE-2025-48989)
[1:9.0.87-3.el9_6.2]
- Resolves: RHEL-108491 tomcat: Apache Commons FileUpload DOS via part headers (CVE-2025-48976)
- Resolves: RHEL-108499 tomcat: Dos in multipart upload (CVE-2025-48988)
- Resolves: RHEL-108507 tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125)
- Resolves: RHEL-108515 tomcat: Denial of service (CVE-2025-52434)
- Resolves: RHEL-108531 tomcat: Denial of service (CVE-2025-52520)
- Resolves: RHEL-108527 tomcat: Denial of service (CVE-2025-53506)
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
tomcat
9.0.87-3.el9_6.3
tomcat-admin-webapps
9.0.87-3.el9_6.3
tomcat-docs-webapp
9.0.87-3.el9_6.3
tomcat-el-3.0-api
9.0.87-3.el9_6.3
tomcat-jsp-2.3-api
9.0.87-3.el9_6.3
tomcat-lib
9.0.87-3.el9_6.3
tomcat-servlet-4.0-api
9.0.87-3.el9_6.3
tomcat-webapps
9.0.87-3.el9_6.3
Oracle Linux x86_64
tomcat
9.0.87-3.el9_6.3
tomcat-admin-webapps
9.0.87-3.el9_6.3
tomcat-docs-webapp
9.0.87-3.el9_6.3
tomcat-el-3.0-api
9.0.87-3.el9_6.3
tomcat-jsp-2.3-api
9.0.87-3.el9_6.3
tomcat-lib
9.0.87-3.el9_6.3
tomcat-servlet-4.0-api
9.0.87-3.el9_6.3
tomcat-webapps
9.0.87-3.el9_6.3
