Systemd service and wrapper scripts to start tomcat with jsvc, which allows tomcat to perform some privileged operations
(e.g. bind to a port < 1024) and then switch identity to a non-privileged user.
(e.g. bind to a port < 1024) and then switch identity to a non-privileged user.
Homepage | http://tomcat.apache.org/ |
---|
9.0.31




9.0.30

9.0.26

9.0.21


9.0.20

9.0.14

9.0.13

9.0.12

9.0.10


9.0.5

8.5.29

8.0.53

8.0.50

8.0.43

7.0.76

Distribution | Version | Since | Package | Installed | Packager | |
---|---|---|---|---|---|---|
![]() | rpm | 7.0.76-9.el7_6 | 2020-01-07 | 15.3 kiB | 647 B | CentOS BuildSystem |
![]() | rpm | 7.0.76-11.el7_7 | 2020-03-18 | 16.3 kiB | 647 B | CentOS BuildSystem |
![]() | rpm | 1:8.5.29-1.fc28 | 2019-01-14 | 21.5 kiB | 779 B | Fedora Project |
![]() | rpm | 1:9.0.10-1.fc29 | 2019-01-14 | 11.5 kiB | 779 B | Fedora Project |
![]() | rpm | 1:9.0.10-1.fc29 | 2019-01-14 | 11.5 kiB | 779 B | Fedora Project |
![]() | rpm | 1:9.0.13-2.fc30 | 2019-06-17 | 10.6 kiB | 779 B | Fedora Project |
![]() | rpm | 1:9.0.26-1.fc31 | 2020-01-07 | 10.6 kiB | 779 B | Fedora Project |
![]() | rpm | 1:9.0.31-1.fc33 | 2020-03-08 | 10.6 kiB | 779 B | Fedora Project |
![]() | rpm | 9.0.5-lp150.1.6 | 2019-01-17 | 25.6 kiB | 600 B | https://bugs.opensuse.org |
![]() | rpm | 9.0.21-lp150.2.22.1 | 2019-07-19 | 21.7 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.20-lp150.2.19.1 | 2019-06-30 | 21.4 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.12-lp150.2.9.1 | 2019-02-06 | 27.2 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.12-lp150.2.6.1 | 2019-01-18 | 27.1 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.12-lp150.2.16.1 | 2019-04-06 | 27.5 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.12-lp150.2.12.1 | 2019-03-02 | 27.3 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.10-lp150.2.3.2 | 2019-01-18 | 26.2 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.14-lp151.2.1 | 2019-03-25 | 27.9 kiB | 600 B | https://bugs.opensuse.org |
![]() | rpm | 9.0.31-lp151.3.12.1 | 2020-03-15 | 23.9 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.30-lp151.3.9.1 | 2020-01-31 | 23.3 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.30-lp151.3.6.1 | 2020-01-13 | 22.9 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.21-lp151.3.3.1 | 2019-07-25 | 22.7 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.31-lp152.2.1 | 2020-03-19 | 24.3 kiB | 600 B | https://bugs.opensuse.org |
![]() | rpm | 8.0.43-7.1 | 2019-01-17 | 19.4 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 8.0.53-21.1 | 2019-03-01 | 21.5 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 8.0.53-18.1 | 2019-01-21 | 21.2 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 8.0.53-15.1 | 2019-01-21 | 21.1 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 8.0.50-12.1 | 2019-01-21 | 20.3 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 8.0.43-9.1 | 2019-01-21 | 19.8 kiB | 600 B | http://bugs.opensuse.org |
![]() | rpm | 9.0.31-3.1 | 2020-02-29 | 30.7 kiB | 600 B | https://bugs.opensuse.org |
Latest updates

OpenSUSE Leap 15.2 oss: Updated from 9.0.30-lp152.2.1 to 9.0.31-lp152.2.1
2020-03-19
- Change default value of AJP connector secretRequired to false
- Added patch:
- tomcat-9.0.31-secretRequired-default.patch

CentOS 7.7.1908 updates: Version 7.0.76-11.el7_7 introduced
2020-03-18
- Resolves: rhbz#1806801 CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

OpenSUSE Leap 15.1 update/oss: Updated from 9.0.30-lp151.3.9.1 to 9.0.31-lp151.3.12.1
2020-03-15
- Change default value of AJP connector secretRequired to false
- Added patch:
- tomcat-9.0.31-secretRequired-default.patch

Fedora rawhide development/Everything-os: Updated from 1:9.0.30-2.fc32 to 1:9.0.31-1.fc33
2020-03-08
- Update to 9.0.31
- Resolves: rhbz#1806398 - CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

OpenSUSE Tumbleweed oss: Updated from 9.0.31-2.1 to 9.0.31-3.1
2020-02-29
- Change default value of AJP connector secretRequired to false
- Added patch:
- tomcat-9.0.31-secretRequired-default.patch

OpenSUSE Tumbleweed oss: Updated from 9.0.30-4.1 to 9.0.31-2.1
2020-02-29
- Update to Tomcat 9.0.31. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs:
- CVE-2019-17569 (bsc#1164825)
- CVE-2020-1935 (bsc#1164860)
- CVE-2020-1938 (bsc#1164692)
- Modified patch
- tomcat-9.0.30-java8compat.patch
- > tomcat-9.0.31-java8compat.patch
- Adapt to changed context

OpenSUSE Leap 15.2 oss: Updated from 9.0.21-lp152.1.5 to 9.0.30-lp152.2.1
2020-02-19
- Modified patch:
- tomcat-9.0.30-java8compat.patch
- add missing casts (bsc#1162081)
- tomcat-9.0.30-java8compat.patch

Fedora rawhide development/Everything-os: Updated from 1:9.0.30-1.fc32 to 1:9.0.30-2.fc32
2020-02-08

OpenSUSE Leap 15.2 oss: Updated from 9.0.21-lp152.1.3 to 9.0.21-lp152.1.5
2020-02-04
- Update to Tomcat 9.0.21. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.21_(markt)- Additional fix for CVE-2019-0199 addressing HTTP/2 connection window exhaustion on write (bsc#1139924)
- Rebased patches:
- tomcat-9.0-disable-osgi-build.patch
- tomcat-9.0-javadoc.patch

OpenSUSE Tumbleweed oss: Updated from 9.0.30-3.1 to 9.0.30-4.1
2020-02-04
- Modified patch:
- tomcat-9.0.30-java8compat.patch
- add missing casts (bsc#1162081)
- tomcat-9.0.30-java8compat.patch

OpenSUSE Leap 15.1 update/oss: Updated from 9.0.30-lp151.3.6.1 to 9.0.30-lp151.3.9.1
2020-01-31
- Modified patch:
- tomcat-9.0.30-java8compat.patch
- add missing casts (bsc#1162081)
- tomcat-9.0.30-java8compat.patch

OpenSUSE Tumbleweed oss: Updated from 9.0.30-2.1 to 9.0.30-3.1
2020-01-24
- Change back the build to build with any Java >= 1.8
- Added patch:
- tomcat-9.0.30-java8compat.patch
- Cast java.nio.ByteBuffer and java.nio.CharBuffer to
(functions with co-variant return types)
- tomcat-9.0.30-java8compat.patch
- Renamed patch:
- tomcat-9.0-disable-osgi-build.patch
- > tomcat-9.0-osgi-build.patch
- Do not disable, but fix OSGi build since we have now

OpenSUSE Tumbleweed oss: Updated from 9.0.30-1.1 to 9.0.30-2.1
2020-01-20
- Change build to always use Java 1.8 (bsc#1161025).

OpenSUSE Leap 15.1 update/oss: Updated from 9.0.21-lp151.3.3.1 to 9.0.30-lp151.3.6.1
2020-01-13
- Update to Tomcat 9.0.30. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs:
- CVE-2019-12418 (bsc#1159723)
- CVE-2019-17563 (bsc#1159729)
- Rebased patch:
- tomcat-9.0-JDTCompiler-java.patch
- tomcat-9.0-javadoc.patch

OpenSUSE Tumbleweed oss: Updated from 9.0.27-1.1 to 9.0.30-1.1
2020-01-10
- Update to Tomcat 9.0.30. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs:
- CVE-2019-0221 (bsc#1136085)
- CVE-2019-10072 (bsc#1139924)
- CVE-2019-12418 (bsc#1159723)
- CVE-2019-17563 (bsc#1159729)
- Removed patch:
- tomcat-9.0-JDTCompiler-java.patch
- It was not applied
- tomcat-9.0-JDTCompiler-java.patch

Fedora 31 releases/Everything-os: Version 1:9.0.26-1.fc31 introduced
2020-01-07
- Update to 9.0.26
- Resolves: rhbz#1523112 tomcat systemd does not cope with - in service names
- Resolves: rhbz#1510896 Problem to start tomcat with a user whose group has a name different to the user

OpenSUSE Leap 15.2 oss: Version 9.0.21-lp152.1.3 introduced
2020-01-07
- Update to Tomcat 9.0.21. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.21_(markt)- Additional fix for CVE-2019-0199 addressing HTTP/2 connection window exhaustion on write (bsc#1139924)
- Rebased patches:
- tomcat-9.0-disable-osgi-build.patch
- tomcat-9.0-javadoc.patch

CentOS 7.7.1908 os: Version 7.0.76-9.el7_6 introduced
2020-01-07
- Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet

Fedora rawhide development/Everything-os: Updated from 1:9.0.26-1.fc32 to 1:9.0.30-1.fc32
2019-12-21
- Update to 9.0.30

OpenSUSE Tumbleweed oss: Updated from 9.0.20-5.1 to 9.0.27-1.1
2019-11-20
- Update to Tomcat 9.0.27. See changelog at
http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.27_(markt) - Uset aqute-bnd to generate OSGi manifest, since we have that package now in openSUSE:Factory
- Removed patch:
- tomcat-9.0-disable-osgi-build.patch
- not needed
- tomcat-9.0-disable-osgi-build.patch