ELSA-2024-3666

ULN >
Oracle Linux Errata repository >
ELSA-2024-3666

ELSA-2024-3666 - tomcat security and bug fix update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-06-06

Description

[1:9.0.87-1.el8_10.1]
- Resolves: RHEL-38548 - Amend tomcat package's changelog so that fixed CVEs are mentioned explicitly
- Resolves: RHEL-35813 - Rebase tomcat to version 9.0.87
- Resolves: RHEL-29255
tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)
- Resolves: RHEL-29250
tomcat: Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)

Related CVEs

CVE-2024-23672

CVE-2024-24549

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	tomcat-9.0.87-1.el8_10.1.src.rpm	8d42c9c745173253ab1e2e7c2568d466	-	ol8_aarch64_appstream
	tomcat-9.0.87-1.el8_10.1.noarch.rpm	d8b70267b05151bc7d7da865078fb805	-	ol8_aarch64_appstream
	tomcat-admin-webapps-9.0.87-1.el8_10.1.noarch.rpm	fcb5d70f1a83928d19b2e0a8c6e34560	-	ol8_aarch64_appstream
	tomcat-docs-webapp-9.0.87-1.el8_10.1.noarch.rpm	566572e0f8d1eabf6db76c1b0f97ba9d	-	ol8_aarch64_appstream
	tomcat-el-3.0-api-9.0.87-1.el8_10.1.noarch.rpm	63b45b9a06b32b50e7408787132e8c77	-	ol8_aarch64_appstream
	tomcat-jsp-2.3-api-9.0.87-1.el8_10.1.noarch.rpm	7b879fb1f5846a6ee10acd70f8418ebe	-	ol8_aarch64_appstream
	tomcat-lib-9.0.87-1.el8_10.1.noarch.rpm	cbfe265ba502ea11c97618d0f55ec941	-	ol8_aarch64_appstream
	tomcat-servlet-4.0-api-9.0.87-1.el8_10.1.noarch.rpm	034477030abc41676e513a26d097bc8d	-	ol8_aarch64_appstream
	tomcat-webapps-9.0.87-1.el8_10.1.noarch.rpm	9e5c0d785937f90ceb6f96a6d4d5fe1e	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	tomcat-9.0.87-1.el8_10.1.src.rpm	8d42c9c745173253ab1e2e7c2568d466	-	ol8_x86_64_appstream
	tomcat-9.0.87-1.el8_10.1.noarch.rpm	d8b70267b05151bc7d7da865078fb805	-	ol8_x86_64_appstream
	tomcat-admin-webapps-9.0.87-1.el8_10.1.noarch.rpm	fcb5d70f1a83928d19b2e0a8c6e34560	-	ol8_x86_64_appstream
	tomcat-docs-webapp-9.0.87-1.el8_10.1.noarch.rpm	566572e0f8d1eabf6db76c1b0f97ba9d	-	ol8_x86_64_appstream
	tomcat-el-3.0-api-9.0.87-1.el8_10.1.noarch.rpm	63b45b9a06b32b50e7408787132e8c77	-	ol8_x86_64_appstream
	tomcat-jsp-2.3-api-9.0.87-1.el8_10.1.noarch.rpm	7b879fb1f5846a6ee10acd70f8418ebe	-	ol8_x86_64_appstream
	tomcat-lib-9.0.87-1.el8_10.1.noarch.rpm	cbfe265ba502ea11c97618d0f55ec941	-	ol8_x86_64_appstream
	tomcat-servlet-4.0-api-9.0.87-1.el8_10.1.noarch.rpm	034477030abc41676e513a26d097bc8d	-	ol8_x86_64_appstream
	tomcat-webapps-9.0.87-1.el8_10.1.noarch.rpm	9e5c0d785937f90ceb6f96a6d4d5fe1e	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691