ELSA-2025-3645

ULN >
Oracle Linux Errata repository >
ELSA-2025-3645

ELSA-2025-3645 - tomcat security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2025-04-07

Description

[1:9.0.87-2.el9_5.1]
- Resolves: RHEL-82946
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
- Resolves: RHEL-71719
tomcat: RCE due to TOCTOU issue in JSP compilation (CVE-2024-50379)

Related CVEs

CVE-2024-50379

CVE-2025-24813

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	tomcat-9.0.87-2.el9_5.1.src.rpm	2a520e388b36c410552d7b12cf5d26cd7f8d3faba6e44c53dbe04535ad16c080	-	ol9_aarch64_appstream
	tomcat-9.0.87-2.el9_5.1.noarch.rpm	cf14fbdda870a669c06209751b91e4a2c4d27ecaedb6b339fdb544705137a386	-	ol9_aarch64_appstream
	tomcat-admin-webapps-9.0.87-2.el9_5.1.noarch.rpm	5f02eae2d4c893aa27745d22c2e3d53984c0421b744536dcc7ae1f26c0b9ee8f	-	ol9_aarch64_appstream
	tomcat-docs-webapp-9.0.87-2.el9_5.1.noarch.rpm	c526be3e5cff7e3e5cbe6384ed6a0e36e1100a0df53ce09bf31c2cd12e9a2613	-	ol9_aarch64_appstream
	tomcat-el-3.0-api-9.0.87-2.el9_5.1.noarch.rpm	debb1aed840274c9e0797c813b0a86db1b8ee9fa6f306766862e96a9bfecd2c9	-	ol9_aarch64_appstream
	tomcat-jsp-2.3-api-9.0.87-2.el9_5.1.noarch.rpm	2c5b12be9b2136a7d22498bd8aa67e151a812ae73cc1d8c95ae1cd1fd26b3cdf	-	ol9_aarch64_appstream
	tomcat-lib-9.0.87-2.el9_5.1.noarch.rpm	b54bb70af567bfa9d184065ec26a44624d4d1ad473de29b78326932f2eb266f7	-	ol9_aarch64_appstream
	tomcat-servlet-4.0-api-9.0.87-2.el9_5.1.noarch.rpm	6140f8c149c45813f1448de1085780f4aee0c173900764f6584c3d0f9b7348c8	-	ol9_aarch64_appstream
	tomcat-webapps-9.0.87-2.el9_5.1.noarch.rpm	0a4bb757502376770ed7864cf755c9bdda97aa2bd71ea2162f7f9fed8a0cc275	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	tomcat-9.0.87-2.el9_5.1.src.rpm	2a520e388b36c410552d7b12cf5d26cd7f8d3faba6e44c53dbe04535ad16c080	-	ol9_x86_64_appstream
	tomcat-9.0.87-2.el9_5.1.noarch.rpm	cf14fbdda870a669c06209751b91e4a2c4d27ecaedb6b339fdb544705137a386	-	ol9_x86_64_appstream
	tomcat-admin-webapps-9.0.87-2.el9_5.1.noarch.rpm	5f02eae2d4c893aa27745d22c2e3d53984c0421b744536dcc7ae1f26c0b9ee8f	-	ol9_x86_64_appstream
	tomcat-docs-webapp-9.0.87-2.el9_5.1.noarch.rpm	c526be3e5cff7e3e5cbe6384ed6a0e36e1100a0df53ce09bf31c2cd12e9a2613	-	ol9_x86_64_appstream
	tomcat-el-3.0-api-9.0.87-2.el9_5.1.noarch.rpm	debb1aed840274c9e0797c813b0a86db1b8ee9fa6f306766862e96a9bfecd2c9	-	ol9_x86_64_appstream
	tomcat-jsp-2.3-api-9.0.87-2.el9_5.1.noarch.rpm	2c5b12be9b2136a7d22498bd8aa67e151a812ae73cc1d8c95ae1cd1fd26b3cdf	-	ol9_x86_64_appstream
	tomcat-lib-9.0.87-2.el9_5.1.noarch.rpm	b54bb70af567bfa9d184065ec26a44624d4d1ad473de29b78326932f2eb266f7	-	ol9_x86_64_appstream
	tomcat-servlet-4.0-api-9.0.87-2.el9_5.1.noarch.rpm	6140f8c149c45813f1448de1085780f4aee0c173900764f6584c3d0f9b7348c8	-	ol9_x86_64_appstream
	tomcat-webapps-9.0.87-2.el9_5.1.noarch.rpm	0a4bb757502376770ed7864cf755c9bdda97aa2bd71ea2162f7f9fed8a0cc275	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691