[CLSA-2026:1776163133] tomcat: Fix of 3 CVEs
Type:
security
Severity:
Important
Release date:
2026-04-14 10:39:00 UTC
Description:
- CVE-2024-52316: fix unchecked error condition in Jakarta Authentication (JASPIC) ServerAuthContext - CVE-2025-46701: fix case sensitivity bypass in CGI servlet pathInfo - CVE-2025-55754: add escaping to logging output for ANSI sequences
Updated packages:
  • tomcat-9.0.62-11.el9_2.3.tuxcare.els17.noarch.rpm
    sha:4ed5f7a00c56dc6f272e41342868fc7b9c66836b5b57302195fa4d70779fe09a
  • tomcat-admin-webapps-9.0.62-11.el9_2.3.tuxcare.els17.noarch.rpm
    sha:d9cb5a34a7dadfdb19c39d6a4561a346090a6f3c12c311295246fb3ffe503cfd
  • tomcat-docs-webapp-9.0.62-11.el9_2.3.tuxcare.els17.noarch.rpm
    sha:92639c9c6fd1da29bf58452ce342b09deba29047d2afc2c62dba0f007804a801
  • tomcat-el-3.0-api-9.0.62-11.el9_2.3.tuxcare.els17.noarch.rpm
    sha:20c93e3c71f5fb70ea02eeaf1fbadb212f53346bf38d7819b39473c4a0609dbf
  • tomcat-jsp-2.3-api-9.0.62-11.el9_2.3.tuxcare.els17.noarch.rpm
    sha:d130b0ad08552528ad91f84e23a65dc9b96a84dd8a3f8ea66a3e7a722bb77429
  • tomcat-lib-9.0.62-11.el9_2.3.tuxcare.els17.noarch.rpm
    sha:9e751b4b903f797412f135066a641078fcb180dd6e2b778304f9db1c4db1c546
  • tomcat-servlet-4.0-api-9.0.62-11.el9_2.3.tuxcare.els17.noarch.rpm
    sha:1f00edce2e3c874759a6a6037be49b02293178a354b2813cad90e70fdf2357a5
  • tomcat-webapps-9.0.62-11.el9_2.3.tuxcare.els17.noarch.rpm
    sha:72f36215695c42f5eb0fe7b87b770447f3756e23d47411c59c9fb340d246737a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.