Stay Connected:

ELSA-2024-3307

ELSA-2024-3307 - tomcat security and bug fix update

Type:SECURITY
Severity:IMPORTANT
Release Date:2024-05-23

Description


[1:9.0.87-1.el9_4.1]
- Resolves: RHEL-34815 - Rebase tomcat to version 9.0.87
- Resolves: RHEL-31048
tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)
- Resolves: RHEL-31032
tomcat: : Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)
- Resolves: RHEL-35328 - Amend tomcat's changelog
(CVE-2023-46589, CVE-2023-45648, CVE-2023-42795, CVE-2023-42794, CVE-2023-44487, CVE-2023-41080)


Related CVEs


CVE-2024-23672
CVE-2024-24549

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) tomcat-9.0.87-1.el9_4.1.src.rpm586161c4fa523f0377c2bf023ac890f8-ol9_aarch64_appstream
tomcat-9.0.87-1.el9_4.1.noarch.rpm19cfe249c7cd49963b9376846f6fc7c9-ol9_aarch64_appstream
tomcat-admin-webapps-9.0.87-1.el9_4.1.noarch.rpma1e475d351eea14fb38b24ed40c36ff8-ol9_aarch64_appstream
tomcat-docs-webapp-9.0.87-1.el9_4.1.noarch.rpmdc3ee5e52982a14ea90f054df83e775c-ol9_aarch64_appstream
tomcat-el-3.0-api-9.0.87-1.el9_4.1.noarch.rpm68818438405f4cfe7308715b7788daf3-ol9_aarch64_appstream
tomcat-jsp-2.3-api-9.0.87-1.el9_4.1.noarch.rpm3596e4087418f747f612fa510f9149c1-ol9_aarch64_appstream
tomcat-lib-9.0.87-1.el9_4.1.noarch.rpmb4797199fcd7a9e0e31378a0a5d61777-ol9_aarch64_appstream
tomcat-servlet-4.0-api-9.0.87-1.el9_4.1.noarch.rpmb11f2e6dc95fdeaf8bc9346fefb66917-ol9_aarch64_appstream
tomcat-webapps-9.0.87-1.el9_4.1.noarch.rpmf1dd68777a51313a397741ef065e2c15-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) tomcat-9.0.87-1.el9_4.1.src.rpm586161c4fa523f0377c2bf023ac890f8-ol9_x86_64_appstream
tomcat-9.0.87-1.el9_4.1.noarch.rpm19cfe249c7cd49963b9376846f6fc7c9-ol9_x86_64_appstream
tomcat-admin-webapps-9.0.87-1.el9_4.1.noarch.rpma1e475d351eea14fb38b24ed40c36ff8-ol9_x86_64_appstream
tomcat-docs-webapp-9.0.87-1.el9_4.1.noarch.rpmdc3ee5e52982a14ea90f054df83e775c-ol9_x86_64_appstream
tomcat-el-3.0-api-9.0.87-1.el9_4.1.noarch.rpm68818438405f4cfe7308715b7788daf3-ol9_x86_64_appstream
tomcat-jsp-2.3-api-9.0.87-1.el9_4.1.noarch.rpm3596e4087418f747f612fa510f9149c1-ol9_x86_64_appstream
tomcat-lib-9.0.87-1.el9_4.1.noarch.rpmb4797199fcd7a9e0e31378a0a5d61777-ol9_x86_64_appstream
tomcat-servlet-4.0-api-9.0.87-1.el9_4.1.noarch.rpmb11f2e6dc95fdeaf8bc9346fefb66917-ol9_x86_64_appstream
tomcat-webapps-9.0.87-1.el9_4.1.noarch.rpmf1dd68777a51313a397741ef065e2c15-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights