Accepted tomcat9 9.0.107-0+deb11u1 (source) into oldstable-security

To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
Subject: Accepted tomcat9 9.0.107-0+deb11u1 (source) into oldstable-security
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Mon, 21 Jul 2025 19:20:24 +0000
Message-id: <[🔎] E1udw3k-001h8o-18@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 21 Jul 2025 20:49:41 CEST
Source: tomcat9
Architecture: source
Version: 9.0.107-0+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
 d4a7aa3b3b6efa33464b9eeb91a54cdf04dd59dc 2913 tomcat9_9.0.107-0+deb11u1.dsc
 30a7d77379f3fd944bccda5066021c03e5286327 5028940 tomcat9_9.0.107.orig.tar.xz
 53e24b8a73a9ed95598dcc3eac8fdc7fa7f010f3 92112 tomcat9_9.0.107-0+deb11u1.debian.tar.xz
 6b33b0b7f9d54113163ab38af5c35de30a43d333 14775 tomcat9_9.0.107-0+deb11u1_amd64.buildinfo
Checksums-Sha256:
 a57c1c2fc2c6de6264ce758c489f8faab58c248d3fd894fd6a897bda4e8cd446 2913 tomcat9_9.0.107-0+deb11u1.dsc
 6b46d20347b728c1b86175a4482dfd2e46d98a08eb9a6881935feeb06b15b7cc 5028940 tomcat9_9.0.107.orig.tar.xz
 29b8e8f3728f6d52d258fcf3f6e51abfc9b84a006b9a1ef049ab6e73bfc2165b 92112 tomcat9_9.0.107-0+deb11u1.debian.tar.xz
 28db67da18d7b6158f7c3af89e8c908a22fb8934e8318df1d5e1af5caa1b2f3d 14775 tomcat9_9.0.107-0+deb11u1_amd64.buildinfo
Changes:
 tomcat9 (9.0.107-0+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * New upstream version 9.0.107.
   * Fix CVE-2024-34750, CVE-2024-54677, CVE-2025-31650, CVE-2025-31651,
     CVE-2025-46701, CVE-2025-48976, CVE-2025-48988, CVE-2025-49125,
     CVE-2025-52434, CVE-2025-52520, CVE-2025-53506.
     Several security vulnerabilities have been found in Tomcat 9, a Java
     web server and servlet engine. Most notably the update improves the
     handling of HTTP/2 connections and corrects various flaws which can lead to
     uncontrolled resource consumption and a denial of service.
Files:
 16b676bac712bb0209f735b696f1a6ad 2913 java optional tomcat9_9.0.107-0+deb11u1.dsc
 fa431cd1265863a9275a3837b1eb2823 5028940 java optional tomcat9_9.0.107.orig.tar.xz
 af7080e7bb490aeff68cbbd03af59f58 92112 java optional tomcat9_9.0.107-0+deb11u1.debian.tar.xz
 50a7ccc41a65086fe8730b27c2d48427 14775 java optional tomcat9_9.0.107-0+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmh+jttfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk9TYP/jX9NCHdb+tW4M4IrEYpBRyQ8wLUux9PdKdY
8iO82VASoVLM3troYo45DV47OlNzpnvEkqmT3MPfe48ZNw5i2jnMupRriatJ28u6
HupAY3HwkjPBzxYSHgycoHdOAuR0yNkrsLiWd24NRIneeorgRoY/NsS1Rwc6B41P
ZJfsepMd5oK40N7r9IiTiZqAnXxombN8jkluKXbRDONu612uN7MjEABLI3IlxJwL
q0ymqLUinN8ACp5B+AXEt96fRXHGJk+tqcT/5Mhho7fLOucAHt0/5uylNgQaMLAb
k/MAVEq4gEzzpGkXJOcafq651iZ70un2LRv9N9tNRLpFDo/1WxGSpH01cc4cuRDP
FYNoAoE8llE8OtqaOS/JFCJG6NBAentaO/usyfiohcAcRFGFNVKU/yiFSrtZwYHr
muAJWmsAD1XkgJJzSMVKcvKEMnd9Wki14enKImKgUCrCWR1y8VnMAkfMOm2bsWGS
d2k4MgUKuLN16BKYWo60P1elY6cnzlPIOigRZRZVKqfk7kCqyPKDgRxxNqaxBA1R
aS2Nn7d0XxZcTQlcOFGobOHTu44DhXFF1VZfp5nzP/fEHXhm6r+IRY2AQreqtcMI
LCVMfVq/X92UaKW+jRvgAwvot4XVTKjhgnx+HZWcuMnKfu9dyZdOS/e/vOStxE4l
7BwD3brk
=zpF4
-----END PGP SIGNATURE-----

Attachment: pgpShMQA91cbF.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted djvulibre 3.5.28-2.2~deb11u1 (source) into oldstable-security
Next by Date: Accepted libcommons-fileupload-java 1.4-1+deb11u1 (source) into oldstable-security
Previous by thread: Accepted djvulibre 3.5.28-2.2~deb11u1 (source) into oldstable-security
Next by thread: Accepted libcommons-fileupload-java 1.4-1+deb11u1 (source) into oldstable-security
Index(es):
- Date
- Thread