[ALSA-2026:26323] Important: tomcat security update
Type:
security
Severity:
important
Release date:
2026-06-25
Description:
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * tomcat: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation (CVE-2026-24734) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
noarch tomcat-9.0.117-1.el9_8.noarch.rpm 0eaf642ae4d9b596cae38404933890210da1f9df790f8e9048a0cd1da7462feb
noarch tomcat-webapps-9.0.117-1.el9_8.noarch.rpm 239add45ed7dd4f81c8cca324d5025907a07c6f8154f263608d6a8bb1851aee6
noarch tomcat-admin-webapps-9.0.117-1.el9_8.noarch.rpm 5db74dfbab55a95108ec95867e68efae6ace0041bd70e34f0c7c9e543e175248
noarch tomcat-servlet-4.0-api-9.0.117-1.el9_8.noarch.rpm 6b940066457482981ae06d10bf4546889a9c3977799f1beb065abc122a0f2cd9
noarch tomcat-jsp-2.3-api-9.0.117-1.el9_8.noarch.rpm 8aef4525d23bdc46eef0a553d8380a1bf95c895e8199e5ac4fbaa8e38dbfe7d1
noarch tomcat-el-3.0-api-9.0.117-1.el9_8.noarch.rpm da3e298483b203f2aea7165716ca26b73a6727b31b13e4403c9a18753680a302
noarch tomcat-docs-webapp-9.0.117-1.el9_8.noarch.rpm e389e1e320afb9af3019d8d47769716b24d72708042c378490416de9bb7a0a64
noarch tomcat-lib-9.0.117-1.el9_8.noarch.rpm f36e5317418dbb0ed928719cdfcb5ea2d81f2b8e3263c119a7deed73cd000863
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.