[ALSA-2025:7494] Moderate: tomcat9 security update
Type:
security
Severity:
moderate
Release date:
2025-07-02
Description:
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Security Fix(es): * tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
noarch tomcat9-servlet-4.0-api-9.0.87-5.el10_0.noarch.rpm 2377e6cc842bc1ff9129fc6411bf4aee65ec8cc5c809e13ea957073d4e4c051f
noarch tomcat9-jsp-2.3-api-9.0.87-5.el10_0.noarch.rpm 26071999d35a8b0dc450193d4bc32dad2729ccfb90bb8a3d6decd8a0c3084c0e
noarch tomcat9-docs-webapp-9.0.87-5.el10_0.noarch.rpm 68d425ffb119c334cf68ba8a2597ac618489208e7e7354f502d1a3cd1ca7cb81
noarch tomcat9-el-3.0-api-9.0.87-5.el10_0.noarch.rpm 83e1592c6b981c1d636f61e0c50234b053530a053b886ebb998d77bca1af271e
noarch tomcat9-lib-9.0.87-5.el10_0.noarch.rpm d65bb61332eaea32c44a0dc979a9cc5f0eec366a6cf833a8daa8250bf752df73
noarch tomcat9-webapps-9.0.87-5.el10_0.noarch.rpm d9a1c61bc3d4dbb8e0ccb301e640220e54fdf5fff526f86070b33c8ee564afaf
noarch tomcat9-admin-webapps-9.0.87-5.el10_0.noarch.rpm ea41a5b9ba55a6da4f94801bfe023542fca43c4ee7234eaebc710b8aae9a3ae1
noarch tomcat9-9.0.87-5.el10_0.noarch.rpm ff1a194f7f882e1c7133669f04df658dbfc0cbf68580532819619e25e2f38029
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.