[ol8_appstream] tomcat-webapps-1:9.0.87-1.el8_10.2.noarch

Name:	tomcat-webapps
Epoch:	1
Version:	9.0.87
Release:	1.el8_10.2
Architecture:	noarch
Group:	Unspecified
Size:	149498
License:	ASL 2.0
RPM:	tomcat-webapps-9.0.87-1.el8_10.2.noarch.rpm
Source RPM:	tomcat-9.0.87-1.el8_10.2.src.rpm
Build Date:	Wed Aug 21 2024
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://tomcat.apache.org/
Summary:	The ROOT web application for Apache Tomcat
Description:	The ROOT web application for Apache Tomcat.

Changelog (Show File list) (Show related packages)

Thu Aug 08 2024 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-1.el8_10.2

- Resolves: RHEL-46167
  tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)

Mon Jun 03 2024 Sokratis Zappis <szappis@redhat.com> - 1:9.0.87-1.el8_10.1

- Resolves: RHEL-38548 - Amend tomcat package's changelog so that fixed CVEs are mentioned explicitly
- Resolves: RHEL-35813 - Rebase tomcat to version 9.0.87
- Resolves: RHEL-29255
  tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)
- Resolves: RHEL-29250
  tomcat: Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)

Fri Jan 19 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-30
```
- Resolves: RHEL-6971
```

Thu Jan 18 2024 Hui Wang <huwang@redhat.com> - 1:9.0.62-29

- Resolves: RHEL-17602
  tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589)
- tomcat: Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)

Thu Nov 23 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-28

- Resolves: RHEL-13907
  tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648)
- Resolves: RHEL-13904
  tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795)
- Resolves: RHEL-12951
  tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794)
- Resolves: RHEL-12544
  tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
- Resolves: RHEL-2386
  tomcat: Open Redirect vulnerability in FORM authentication (CVE-2023-41080)

Fri Oct 13 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-27

- Related: RHEL-12543
  tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
- Bump release number

Thu Oct 12 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-16

- Resolves: RHEL-12543
  tomcat: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
- Remove JDK subpackges which are unused

Fri Sep 08 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-14
```
- Related: RHEL-2330 Bump release number
```

Thu Sep 07 2023 Hui Wang <huwang@redhat.com> - 1:9.0.62-13

- Resolves: RHEL-2330 Revert the fix for pki-servlet-engine

Fri Aug 25 2023 Coty Sutherland <csutherl@redhat.com> - 1:9.0.62-12
```
- Related: #2184135 Declare file conflicts
```