[ALSA-2026:19054] Important: tomcat security update
Type:
security
Severity:
important
Release date:
2026-05-26
Description:
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * tomcat: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation (CVE-2026-24734) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
noarch tomcat-jsp-3.1-api-10.1.49-1.el10_2.1.alma.1.noarch.rpm 032f9dfd26c60d1d72b363ff2061d11662e957528f62a47531f5bbf5f865b387
noarch tomcat-10.1.49-1.el10_2.1.alma.1.noarch.rpm 30074a00cdb2fd116e1a86d0dd4fde4c0ee1ad6c1d76871cede1af36c10ad784
noarch tomcat-servlet-6.0-api-10.1.49-1.el10_2.1.alma.1.noarch.rpm 910908c4cbeb19192b15b52ff7bcb553a79de45a9fd931d50fa458956364dc8c
noarch tomcat-el-5.0-api-10.1.49-1.el10_2.1.alma.1.noarch.rpm a4ea29cfcc7dc0b39309a55f0cb9f6825d1b6965da13f87f41af81d7293301e1
noarch tomcat-lib-10.1.49-1.el10_2.1.alma.1.noarch.rpm bf8d00201d00c1d371bcb29fde0b79354efbec1bdd757baaebc03477a5d83d5c
noarch tomcat-docs-webapp-10.1.49-1.el10_2.1.alma.1.noarch.rpm cd1899698b4ef517e177bafdcbdb1e1542a1f0c867d8b7fefb87b3e46b4b54bf
noarch tomcat-admin-webapps-10.1.49-1.el10_2.1.alma.1.noarch.rpm d5a2b5453e34039aa491637abe23194a845e0a52cb69be855ed09fbc360ed9f7
noarch tomcat-webapps-10.1.49-1.el10_2.1.alma.1.noarch.rpm fdbfa914a61bc11297a055cca8ba8bb8c9d37d90b771583e8b8b87d3a7a388c7
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.