tomcat-9.0.117-1.ocs23 | Build Info

Information for build tomcat-9.0.117-1.ocs23

26239

Package Name

tomcat

Version

9.0.117

Release

1.ocs23

Epoch

Source

git+https://gitee.com/opencloudos-stream/tomcat.git?.#5e1934654c5e44031fab3a96fc80713f57308034

Summary

Apache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API

Description

The Apache Tomcat® software is an open source implementation of the Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language, Jakarta WebSocket, Jakarta Annotations and Jakarta Authentication specifications. These specifications are part of the Jakarta EE platform.

Built by

ocs-bot

State

complete

Volume

DEFAULT

Started

Mon, 20 Apr 2026 10:55:50 CST

Completed

Mon, 20 Apr 2026 10:59:24 CST

Task

build (dist-ocs23-base, /opencloudos-stream/tomcat.git:.:origin/master)

Extra

{'source': {'original_url': 'git+https://gitee.com/opencloudos-stream/tomcat.git?.#origin/master'}}

Tags

dist-ocs23-base

RPMs

src
	tomcat-9.0.117-1.ocs23.src.rpm (info) (download)
noarch
	tomcat-9.0.117-1.ocs23.noarch.rpm (info) (download)
	tomcat-admin-webapps-9.0.117-1.ocs23.noarch.rpm (info) (download)
	tomcat-docs-webapp-9.0.117-1.ocs23.noarch.rpm (info) (download)
	tomcat-el-3.0-api-9.0.117-1.ocs23.noarch.rpm (info) (download)
	tomcat-jsp-2.3-api-9.0.117-1.ocs23.noarch.rpm (info) (download)
	tomcat-lib-9.0.117-1.ocs23.noarch.rpm (info) (download)
	tomcat-servlet-4.0-api-9.0.117-1.ocs23.noarch.rpm (info) (download)
	tomcat-webapps-9.0.117-1.ocs23.noarch.rpm (info) (download)

Logs

noarch
	root.log
	state.log
	installed_pkgs.log
	hw_info.log
	build.log
	mock_output.log
	noarch_rpmdiff.json

Changelog

* Fri Apr 17 2026 Doris Chao <doriscchao@tencent.com> - 9.0.117-1 - [Type] security - [DESC] Update to version 9.0.117 to fix multiple CVEs: - Fixed in 9.0.117: CVE-2026-34500 (Moderate), CVE-2026-34487 (Low), - CVE-2026-34486 (Important), CVE-2026-34483 (Low) - Fixed in 9.0.116: CVE-2026-32990 (Moderate), CVE-2026-29146 (Important), - CVE-2026-29145 (Moderate), CVE-2026-29129 (Low), CVE-2026-25854 (Low), - CVE-2026-24880 (Low) - Fixed in 9.0.115: CVE-2026-24734 (Moderate) - Fixed in 9.0.113: CVE-2026-24733 (Low), CVE-2025-66614 (Moderate) - Add conditional BuildRequires and bnd configuration to support both - TS4 (Maven 3.8.6 with aqute-bnd packages) and OCS (Maven 3.9.9 with - built-in bnd). Use .ocs23 macro to distinguish between distributions. * Wed Oct 29 2025 Doris Chao <doriscchao@tencent.com> - 9.0.111-1 - [Type] security - [DESC] Update to version 9.0.111 to fix CVE-2025-55752, CVE-2025-55754 - and CVE-2025-61795. * Mon Aug 18 2025 Doris Chao <doriscchao@tencent.com> - 9.0.108-1 - [Type] security - [DESC] Update to version 9.0.108 to fix CVE-2025-48989. * Fri Jul 25 2025 Doris Chao <doriscchao@tencent.com> - 9.0.107-2 - Adjust spec file for rpm-upgrade. * Mon Jul 14 2025 Doris Chao <doriscchao@tencent.com> - 9.0.107-1 - [Type] security - [DESC] Update to version 9.0.107 to fix CVE-2025-52434, CVE-2025-52520 - and CVE-2025-53506. * Wed Jun 25 2025 Doris Chao <doriscchao@tencent.com> - 9.0.106-1 - [Type] security - [DESC] Update to version 9.0.106 to fix CVE-2025-49125, CVE-2025-48988 - and CVE-2025-48976. * Tue Jun 03 2025 Doris Chao <doriscchao@tencent.com> - 9.0.105-1 - [Type] security - [DESC] Update to version 9.0.105 to fix CVE-2025-46701. * Thu May 08 2025 Doris Chao <doriscchao@tencent.com> - 9.0.104-2 - [Type] need_sync - [DESC] Remove conditional logic for Maven version selection. * Wed May 07 2025 Doris Chao <doriscchao@tencent.com> - 9.0.104-1 - [Type] security - [DESC] Update to version 9.0.104 to fix CVE-2025-31650 and CVE-2025-31651. - Currently restrict Maven >= 3.9.9 requirement to .ocs23 platform only. * Wed Mar 12 2025 Doris Chao <doriscchao@tencent.com> - 9.0.98-2 - [Type] security/bugfix/other - [DESC] Add patch to fix CVE-2025-24813. * Mon Jan 20 2025 Xiaojie Chen <jackxjchen@tencent.com> - 9.0.98-1 - [Type] other - [DESC] Upgrade to upstream version 9.0.98 * Fri Dec 27 2024 Doris Chao <doriscchao@tencent.com> - 9.0.86-7 - [Type] security - [DESC] Add patches to fix CVE-2024-56337,CVE-2024-54677 and CVE-2024-50379 * Tue Dec 03 2024 Doris Chao <doriscchao@tencent.com> - 9.0.86-6 - [Type] security - [DESC] Add patch to fix CVE-2024-52316 * Sat Oct 12 2024 Doris Chao <doriscchao@tencent.com> - 9.0.86-5 - [Type] security - [DESC] Add patch to fix CVE-2024-38286 * Thu Sep 26 2024 OpenCloudOS Release Engineering <releng@opencloudos.tech> - 9.0.86-4 - Rebuilt for clarifying the packages requirement in BaseOS and AppStream * Fri Aug 16 2024 OpenCloudOS Release Engineering <releng@opencloudos.tech> - 9.0.86-3 - Rebuilt for loongarch release * Mon Jul 15 2024 Doris Chao <doriscchao@tencent.com> - 9.0.86-2 - [Type] security - [DESC] Add patch to fix CVE-2024-34750 * Mon Jun 24 2024 Doris Chao <doriscchao@tencent.com> - 9.0.86-1 - [Type] security - [DESC] Update to apache-tomcat-9.0.86 to fix CVEs,include CVE-2024-23672 and CVE-2024-24549 * Wed Nov 08 2023 Doris Chao <doriscchao@tencent.com> - 9.0.82-1 - Update to apache-tomcat-9.0.82 to fix the CVE-2023-45648,CVE-2023-42795,CVE-2023-41080 and CVE-2023-28709 * Fri Sep 08 2023 OpenCloudOS Release Engineering <releng@opencloudos.tech> - 9.0.71-3 - Rebuilt for OpenCloudOS Stream 23.09 * Fri Apr 28 2023 OpenCloudOS Release Engineering <releng@opencloudos.tech> - 9.0.71-2 - Rebuilt for OpenCloudOS Stream 23.05 * Mon Apr 24 2023 Miaojun Dong <zoedong@tencent.com> - 9.0.71-1 - initial build

Main Site Links:

Information for build tomcat-9.0.117-1.ocs23