ELSA-2024-3307

ULN >
Oracle Linux Errata repository >
ELSA-2024-3307

ELSA-2024-3307 - tomcat security and bug fix update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2024-05-23

Description

[1:9.0.87-1.el9_4.1]
- Resolves: RHEL-34815 - Rebase tomcat to version 9.0.87
- Resolves: RHEL-31048
tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)
- Resolves: RHEL-31032
tomcat: : Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)
- Resolves: RHEL-35328 - Amend tomcat's changelog
(CVE-2023-46589, CVE-2023-45648, CVE-2023-42795, CVE-2023-42794, CVE-2023-44487, CVE-2023-41080)

Related CVEs

CVE-2024-23672

CVE-2024-24549

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	tomcat-9.0.87-1.el9_4.1.src.rpm	095fe4152acf36c9426298bbb7710a9b17f3f6919989f860240a654f7861db73	-	ol9_aarch64_appstream
	tomcat-9.0.87-1.el9_4.1.noarch.rpm	3952dfaa69bae9b3a6046cfe60e647a944532f5b7a56bdf46ff5e54a0290bc67	-	ol9_aarch64_appstream
	tomcat-admin-webapps-9.0.87-1.el9_4.1.noarch.rpm	7cdaf1692989a87c062835e3ae195a86e4842d6f877729ec26603feedf2a60d8	-	ol9_aarch64_appstream
	tomcat-docs-webapp-9.0.87-1.el9_4.1.noarch.rpm	7099ffd7af7807862124357026b477a8651d297d149133bc3c1a40bf50e62b63	-	ol9_aarch64_appstream
	tomcat-el-3.0-api-9.0.87-1.el9_4.1.noarch.rpm	aba79a52b5eea7745d0d71b8b0019372d85d59ac676c0589a3ad80078f1a12cb	-	ol9_aarch64_appstream
	tomcat-jsp-2.3-api-9.0.87-1.el9_4.1.noarch.rpm	bd2afc52d2a7befd193291fc4fa80e2f582736d7c50090450982910967a988e2	-	ol9_aarch64_appstream
	tomcat-lib-9.0.87-1.el9_4.1.noarch.rpm	56fe466c45cd8f4da2125d4db38ba3780a601cd32038dd67a2459758be61d79a	-	ol9_aarch64_appstream
	tomcat-servlet-4.0-api-9.0.87-1.el9_4.1.noarch.rpm	8b9fe3630528e4834db15647a7d3128cce0195230ed8f4674c403496401903f1	-	ol9_aarch64_appstream
	tomcat-webapps-9.0.87-1.el9_4.1.noarch.rpm	8d4b33d4d26af85bcf780980625c7d1ce255459658b773f816400c489e29d36f	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	tomcat-9.0.87-1.el9_4.1.src.rpm	095fe4152acf36c9426298bbb7710a9b17f3f6919989f860240a654f7861db73	-	ol9_x86_64_appstream
	tomcat-9.0.87-1.el9_4.1.noarch.rpm	3952dfaa69bae9b3a6046cfe60e647a944532f5b7a56bdf46ff5e54a0290bc67	-	ol9_x86_64_appstream
	tomcat-admin-webapps-9.0.87-1.el9_4.1.noarch.rpm	7cdaf1692989a87c062835e3ae195a86e4842d6f877729ec26603feedf2a60d8	-	ol9_x86_64_appstream
	tomcat-docs-webapp-9.0.87-1.el9_4.1.noarch.rpm	7099ffd7af7807862124357026b477a8651d297d149133bc3c1a40bf50e62b63	-	ol9_x86_64_appstream
	tomcat-el-3.0-api-9.0.87-1.el9_4.1.noarch.rpm	aba79a52b5eea7745d0d71b8b0019372d85d59ac676c0589a3ad80078f1a12cb	-	ol9_x86_64_appstream
	tomcat-jsp-2.3-api-9.0.87-1.el9_4.1.noarch.rpm	bd2afc52d2a7befd193291fc4fa80e2f582736d7c50090450982910967a988e2	-	ol9_x86_64_appstream
	tomcat-lib-9.0.87-1.el9_4.1.noarch.rpm	56fe466c45cd8f4da2125d4db38ba3780a601cd32038dd67a2459758be61d79a	-	ol9_x86_64_appstream
	tomcat-servlet-4.0-api-9.0.87-1.el9_4.1.noarch.rpm	8b9fe3630528e4834db15647a7d3128cce0195230ed8f4674c403496401903f1	-	ol9_x86_64_appstream
	tomcat-webapps-9.0.87-1.el9_4.1.noarch.rpm	8d4b33d4d26af85bcf780980625c7d1ce255459658b773f816400c489e29d36f	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691