Mageia 9 Tomcat Important Security Fix MGASA-2026-0056 CVE-2025-66614
mageia
March 14, 2026
MGASA-2026-0056 - Updated tomcat packages fix security vulnerabilities
Summary
Description:
Client certificate verification bypass due to virtual host mapping.
(CVE-2025-66614)
Security constraint bypass with HTTP/0.9. (CVE-2026-24733)
OCSP revocation bypass. (CVE-2026-24734)
References
- https://bugs.mageia.org/show_bug.cgi?id=35192
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/G27HXAIMRCGPRM6GBYQX7NUKNQS4RLJ4/
- https://www.cve.org/CVERecord?id=CVE-2025-66614
- https://www.cve.org/CVERecord?id=CVE-2026-24733
- https://www.cve.org/CVERecord?id=CVE-2026-24734
Topics Covered
Resolution
SRPMS
- 9/core/tomcat-9.0.115-1.mga9
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 14 Mar 2026
URL: https://advisories.mageia.org/MGASA-2026-0056.html
Type: security
CVE: CVE-2025-66614,
CVE-2026-24733,
CVE-2026-24734
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!