Description:
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* tomcat: Open Redirect vulnerability in FORM authentication (CVE-2023-41080)
* tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794)
* tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795)
* tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture |
Package |
Checksum |
noarch |
tomcat-jsp-2.3-api-9.0.62-37.el9_3.1.noarch.rpm |
0740bf8f9f669285ab9f32acbd00c60ffdac9f643ec7ca257797f3878748a606 |
noarch |
tomcat-docs-webapp-9.0.62-37.el9_3.1.noarch.rpm |
0f6fcc41fecfff1c5e74ab45f73d3c93f3b1b8e15f08198de22581f7ea5de756 |
noarch |
tomcat-webapps-9.0.62-37.el9_3.1.noarch.rpm |
1054d85fbdd1f970e62f81799df523b5dd9fb5e86bff51f2601a8f227150082d |
noarch |
tomcat-el-3.0-api-9.0.62-37.el9_3.1.noarch.rpm |
1883c285bd8f86d8e5937477b56d687bc781b12c01195108be1b7586b4a2e786 |
noarch |
tomcat-servlet-4.0-api-9.0.62-37.el9_3.1.noarch.rpm |
2629dc7851140c221fa3f6c19cb521e5b4ae5e17120c92a84370d043d45395c7 |
noarch |
tomcat-lib-9.0.62-37.el9_3.1.noarch.rpm |
bb84943939e62408a8f8c11586a47d1d715b85c5b38eeb8227b6f8eabd3ff37b |
noarch |
tomcat-9.0.62-37.el9_3.1.noarch.rpm |
fb4fad075c4f5f58f1840ba3f384c5716ed00ca0bc5e64780f0502acdd08e1a6 |
noarch |
tomcat-admin-webapps-9.0.62-37.el9_3.1.noarch.rpm |
fb6cdc5d8a141074745d75390ee119a99b6f7727246c901d2128b8f6ecd0271f |