Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Oracle Linux 10: ELSA-2025-14178: tomcat9 Important DoS Issues

oracle
Calendar Grey August 22, 2025
Oracle Linux Logo Esm H88
Newly released rpms for Oracle Linux 10 have been issued, fixing various security vulnerabilities concerning tomcat9.
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

Summary

[1:9.0.87-5.3] - Resolves: tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames (CVE-2025-48989) - Resolves: tomcat: Apache Commons FileUpload DOS via part headers (CVE-2025-48976) - Resolves: tomcat: Dos in multipart upload (CVE-2025-48988) - Resolves: tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125) - Resolves: tomcat: Denial of service (CVE-2025-52434) - Resolves: tomcat: Denial of service (CVE-2025-52520) - Resolves: tomcat: Denial of service (CVE-2025-53506)

SRPMs

http://oss.oracle.com/ol10/SRPMS-updates/tomcat9-9.0.87-5.el10_0.3.src.rpm

x86_64

tomcat9-9.0.87-5.el10_0.3.noarch.rpm tomcat9-admin-webapps-9.0.87-5.el10_0.3.noarch.rpm tomcat9-docs-webapp-9.0.87-5.el10_0.3.noarch.rpm tomcat9-el-3.0-api-9.0.87-5.el10_0.3.noarch.rpm tomcat9-jsp-2.3-api-9.0.87-5.el10_0.3.noarch.rpm tomcat9-lib-9.0.87-5.el10_0.3.noarch.rpm tomcat9-servlet-4.0-api-9.0.87-5.el10_0.3.noarch.rpm tomcat9-webapps-9.0.87-5.el10_0.3.noarch.rpm

aarch64

tomcat9-9.0.87-5.el10_0.3.noarch.rpm tomcat9-admin-webapps-9.0.87-5.el10_0.3.noarch.rpm tomcat9-docs-webapp-9.0.87-5.el10_0.3.noarch.rpm tomcat9-el-3.0-api-9.0.87-5.el10_0.3.noarch.rpm tomcat9-jsp-2.3-api-9.0.87-5.el10_0.3.noarch.rpm tomcat9-lib-9.0.87-5.el10_0.3.noarch.rpm tomcat9-servlet-4.0-api-9.0.87-5.el10_0.3.noarch.rpm tomcat9-webapps-9.0.87-5.el10_0.3.noarch.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2025-48976 CVE-2025-48988 CVE-2025-48989 CVE-2025-49125 CVE-2025-52434 CVE-2025-52520 CVE-2025-53506

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here