Oracle Linux 9 Tomcat Important OCSP Security Fix ELSA-2026-26323

[1:9.0.117-1] - Resolves: RHEL-150714 Certificate revocation bypass due to improper OCSP response validation - Resolves: Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled (CVE-2026-34500) - Resolves: Tomcat: Cloud membership for clustering component exposed the Kubernetes bearer token (CVE-2026-34487) - Resolves: Tomcat: The fix for CVE-2026-29146 allowed the bypass of the EncryptInterceptor (CVE-2026-34486) - Resolves: Tomcat: Incomplete escaping of JSON access logs (CVE-2026-34483) - Resolves: Tomcat: The fix for CVE-2025-66614 was incomplete (CVE-2026-32990) - Resolves: Tomcat: EncryptInterceptor vulnerable to padding oracle attack by default (CVE-2026-29146) - Resolves: Tomcat: OCSP checks sometimes soft-fail even when soft-fail is disabled (CVE-2026-29145) - Resolves: Tomcat: Configured TLS cipher preference order not preserved (CVE-2026-29129) - Resolves: Tomcat: Occasionally open redirect (CVE-2026-25854) - Resolves: Tomcat:...