ELSA-2023-6570

ULN >
Oracle Linux Errata repository >
ELSA-2023-6570

ELSA-2023-6570 - tomcat security and bug fix update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2023-11-11

Description

[1:9.0.62-37]
- Resolves: RHEL-12551
- Remove JDK subpackges which are unused

[1:9.0.62-16]
- Related: #2184133 Declare file conflicts

[1:9.0.62-15]
- Resolves: #2184133 Fix bug in Obsoletes

[1:9.0.62-14]
- Resolves: #2210632 CVE-2023-28709 tomcat

[1:9.0.62-13]
- Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3

[1:9.0.62-12]
- Resolves: #2189675 Missing Tomcat POM files in RHEL 9.3
- Resolves: #2173872 Remove java-11-openjdk-headles as a tomcat dependency
- Resolves: #2181461 CVE-2023-28708 tomcat: not including the secure attribute causes information
- Resolves: #2210632 CVE-2023-28709
- Resolves: #2184133 Add Obsoletes to tomcat package
- Update patch command
- Update source to include the CVE fixes

Related CVEs

CVE-2023-28708

CVE-2023-28709

CVE-2023-24998

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	tomcat-9.0.62-37.el9_3.src.rpm	912aedcd8743f172034fcf09fe9af7af	-	ol9_aarch64_appstream
	tomcat-9.0.62-37.el9_3.noarch.rpm	c79b587869af4a4efd14c420d3d7e321	-	ol9_aarch64_appstream
	tomcat-admin-webapps-9.0.62-37.el9_3.noarch.rpm	2e0791650c748f2eb392b0d9eaf8055f	-	ol9_aarch64_appstream
	tomcat-docs-webapp-9.0.62-37.el9_3.noarch.rpm	1f6cac9261c1586f5589c6f7326b5e8a	-	ol9_aarch64_appstream
	tomcat-el-3.0-api-9.0.62-37.el9_3.noarch.rpm	2f83805af14e84404d30d73b1fd5a6d2	-	ol9_aarch64_appstream
	tomcat-jsp-2.3-api-9.0.62-37.el9_3.noarch.rpm	f7305b0d25bf2717f7a603df11246751	-	ol9_aarch64_appstream
	tomcat-lib-9.0.62-37.el9_3.noarch.rpm	02954037c1c9ddeca667e7d74d1c3c1f	-	ol9_aarch64_appstream
	tomcat-servlet-4.0-api-9.0.62-37.el9_3.noarch.rpm	689bb5698dcc3098d9ccb47236eb0b0c	-	ol9_aarch64_appstream
	tomcat-webapps-9.0.62-37.el9_3.noarch.rpm	e19ffea22b0c9718ea0b9d901497d8ed	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	tomcat-9.0.62-37.el9_3.src.rpm	912aedcd8743f172034fcf09fe9af7af	-	ol9_x86_64_appstream
	tomcat-9.0.62-37.el9_3.noarch.rpm	c79b587869af4a4efd14c420d3d7e321	-	ol9_x86_64_appstream
	tomcat-admin-webapps-9.0.62-37.el9_3.noarch.rpm	2e0791650c748f2eb392b0d9eaf8055f	-	ol9_x86_64_appstream
	tomcat-docs-webapp-9.0.62-37.el9_3.noarch.rpm	1f6cac9261c1586f5589c6f7326b5e8a	-	ol9_x86_64_appstream
	tomcat-el-3.0-api-9.0.62-37.el9_3.noarch.rpm	2f83805af14e84404d30d73b1fd5a6d2	-	ol9_x86_64_appstream
	tomcat-jsp-2.3-api-9.0.62-37.el9_3.noarch.rpm	f7305b0d25bf2717f7a603df11246751	-	ol9_x86_64_appstream
	tomcat-lib-9.0.62-37.el9_3.noarch.rpm	02954037c1c9ddeca667e7d74d1c3c1f	-	ol9_x86_64_appstream
	tomcat-servlet-4.0-api-9.0.62-37.el9_3.noarch.rpm	689bb5698dcc3098d9ccb47236eb0b0c	-	ol9_x86_64_appstream
	tomcat-webapps-9.0.62-37.el9_3.noarch.rpm	e19ffea22b0c9718ea0b9d901497d8ed	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691