ELSA-2023-6570

ELSA-2023-6570 - tomcat security and bug fix update

Type:SECURITY
Impact:MODERATE
Release Date:2023-11-11

Description


[1:9.0.62-37]
- Resolves: RHEL-12551
- Remove JDK subpackges which are unused

[1:9.0.62-16]
- Related: #2184133 Declare file conflicts

[1:9.0.62-15]
- Resolves: #2184133 Fix bug in Obsoletes

[1:9.0.62-14]
- Resolves: #2210632 CVE-2023-28709 tomcat

[1:9.0.62-13]
- Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3

[1:9.0.62-12]
- Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3
- Resolves: #2173872 Remove java-11-openjdk-headles as a tomcat dependency
- Resolves: #2181461 CVE-2023-28708 tomcat: not including the secure attribute causes information
- Resolves: #2210632 CVE-2023-28709
- Resolves: #2184133 Add Obsoletes to tomcat package
- Update patch command
- Update source to include the CVE fixes


Related CVEs


CVE-2023-28708
CVE-2023-28709
CVE-2023-24998

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) tomcat-9.0.62-37.el9_3.src.rpm003ac74693c4a2ac9c77830295d7b7fa2285af2081f0057a96c0a76fdb2c8e2b-ol9_aarch64_appstream
tomcat-9.0.62-37.el9_3.noarch.rpmb5fd7c70ee29d98770a51ab1e527e7b1fef77bef0fd1f532daf430aed8cb2e4a-ol9_aarch64_appstream
tomcat-admin-webapps-9.0.62-37.el9_3.noarch.rpm583367ee24360385feeb9d068a815d20c99cf9903a44b7d206f25a804f040e17-ol9_aarch64_appstream
tomcat-docs-webapp-9.0.62-37.el9_3.noarch.rpm04f653b7da668f6bcc05b66a402e6f3875c25b23a2aadb13c18b87adbc2b3c2f-ol9_aarch64_appstream
tomcat-el-3.0-api-9.0.62-37.el9_3.noarch.rpm3600f3c6dad25f6648b1a2a3fbe16c2115699082ff54a3cb47a5a71f860e3d45-ol9_aarch64_appstream
tomcat-jsp-2.3-api-9.0.62-37.el9_3.noarch.rpm9eb1369f957c4d0fc6ca7fd9e3a8bc6c81cd0566ca6c90bf39e8786595494bcc-ol9_aarch64_appstream
tomcat-lib-9.0.62-37.el9_3.noarch.rpm809f3e474658ec2911cd348361177708818d435de3d7ad1f9ae65be7d3e7474f-ol9_aarch64_appstream
tomcat-servlet-4.0-api-9.0.62-37.el9_3.noarch.rpm785343054af02b201e61755e321a4aa900980451c2aea5b4828f88c58c5906ff-ol9_aarch64_appstream
tomcat-webapps-9.0.62-37.el9_3.noarch.rpm3402acb740809d66ec0190609dfabcca1893617750fb2ec62c77275015916ae4-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) tomcat-9.0.62-37.el9_3.src.rpm003ac74693c4a2ac9c77830295d7b7fa2285af2081f0057a96c0a76fdb2c8e2b-ol9_x86_64_appstream
tomcat-9.0.62-37.el9_3.noarch.rpmb5fd7c70ee29d98770a51ab1e527e7b1fef77bef0fd1f532daf430aed8cb2e4a-ol9_x86_64_appstream
tomcat-admin-webapps-9.0.62-37.el9_3.noarch.rpm583367ee24360385feeb9d068a815d20c99cf9903a44b7d206f25a804f040e17-ol9_x86_64_appstream
tomcat-docs-webapp-9.0.62-37.el9_3.noarch.rpm04f653b7da668f6bcc05b66a402e6f3875c25b23a2aadb13c18b87adbc2b3c2f-ol9_x86_64_appstream
tomcat-el-3.0-api-9.0.62-37.el9_3.noarch.rpm3600f3c6dad25f6648b1a2a3fbe16c2115699082ff54a3cb47a5a71f860e3d45-ol9_x86_64_appstream
tomcat-jsp-2.3-api-9.0.62-37.el9_3.noarch.rpm9eb1369f957c4d0fc6ca7fd9e3a8bc6c81cd0566ca6c90bf39e8786595494bcc-ol9_x86_64_appstream
tomcat-lib-9.0.62-37.el9_3.noarch.rpm809f3e474658ec2911cd348361177708818d435de3d7ad1f9ae65be7d3e7474f-ol9_x86_64_appstream
tomcat-servlet-4.0-api-9.0.62-37.el9_3.noarch.rpm785343054af02b201e61755e321a4aa900980451c2aea5b4828f88c58c5906ff-ol9_x86_64_appstream
tomcat-webapps-9.0.62-37.el9_3.noarch.rpm3402acb740809d66ec0190609dfabcca1893617750fb2ec62c77275015916ae4-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete