Fedora Linux 8814 Published by

Fedora Linux has received security updates, including the latest versions of Tomcat and Sympa:

Fedora 41 Update: tomcat-9.0.98-1.fc41
Fedora 40 Update: sympa-6.2.74-1.fc40
Fedora 40 Update: tomcat-9.0.98-1.fc40




[SECURITY] Fedora 41 Update: tomcat-9.0.98-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-2cb3145f8d
2024-12-25 01:50:07.031361+00:00
--------------------------------------------------------------------------------

Name : tomcat
Product : Fedora 41
Version : 9.0.98
Release : 1.fc41
URL : http://tomcat.apache.org/
Summary : Apache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API
Description :
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is intended
to be a collaboration of the best-of-breed developers from around the world.

--------------------------------------------------------------------------------
Update Information:

Automatic update for tomcat-9.0.98-1.fc41.
Changelog for tomcat
* Mon Dec 09 2024 Packit [hello@packit.dev] - 1:9.0.98-1
- Update to version 9.0.98
- Resolves: rhbz#2331168
* Mon Dec 02 2024 Dimitris Soumis [dsoumis@redhat.com] - 1:9.0.97-1
- Update to version 9.0.97
- Resolves: rhbz#2327090
Automatic update for tomcat-9.0.97-1.fc41.
Changelog for tomcat
* Mon Dec 02 2024 Dimitris Soumis [dsoumis@redhat.com] - 1:9.0.97-1
- Update to version 9.0.97
- Resolves: rhbz#2327090
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 9 2024 Packit [hello@packit.dev] - 1:9.0.98-1
- Update to version 9.0.98
- Resolves: rhbz#2331168
* Mon Dec 2 2024 Dimitris Soumis [dsoumis@redhat.com] - 1:9.0.97-1
- Update to version 9.0.97
- Resolves: rhbz#2327090
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2327090 - CVE-2024-52318 tomcat: incorrect JSP tag recycling leads to XSS [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2327090
[ 2 ] Bug #2331168 - tomcat-9.0.98 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2331168
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-2cb3145f8d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: sympa-6.2.74-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-14c006b8bb
2024-12-25 01:38:03.924476+00:00
--------------------------------------------------------------------------------

Name : sympa
Product : Fedora 40
Version : 6.2.74
Release : 1.fc40
URL : http://www.sympa.org
Summary : Powerful multilingual List Manager
Description :
Sympa is scalable and highly customizable mailing list manager. It
can cope with big lists (200,000 subscribers) and comes with a
complete (user and admin) Web interface. It is internationalized,
and supports the us, fr, de, es, it, fi, and chinese locales. A
scripting language allows you to extend the behavior of commands.
Sympa can be linked to an LDAP directory or an RDBMS to create
dynamic mailing lists. Sympa provides S/MIME-based authentication
and encryption.

--------------------------------------------------------------------------------
Update Information:

Update to 6.2.74, fix for CVE-2024-55919
Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 16 2024 Xavier Bachelot [xavier@bachelot.org] - 6.2.74-1
- Update to 6.2.74, fix for CVE-2024-55919
- Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-14c006b8bb' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: tomcat-9.0.98-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-2a31fce8eb
2024-12-25 01:38:03.924433+00:00
--------------------------------------------------------------------------------

Name : tomcat
Product : Fedora 40
Version : 9.0.98
Release : 1.fc40
URL : http://tomcat.apache.org/
Summary : Apache Servlet/JSP Engine, RI for Servlet 4.0/JSP 2.3 API
Description :
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is intended
to be a collaboration of the best-of-breed developers from around the world.

--------------------------------------------------------------------------------
Update Information:

Automatic update for tomcat-9.0.98-1.fc40.
Changelog for tomcat
* Mon Dec 09 2024 Packit [hello@packit.dev] - 1:9.0.98-1
- Update to version 9.0.98
- Resolves: rhbz#2331168
* Mon Dec 02 2024 Dimitris Soumis [dsoumis@redhat.com] - 1:9.0.97-1
- Update to version 9.0.97
- Resolves: rhbz#2327089
Automatic update for tomcat-9.0.97-1.fc40.
Changelog for tomcat
* Mon Dec 02 2024 Dimitris Soumis [dsoumis@redhat.com] - 1:9.0.97-1
- Update to version 9.0.97
- Resolves: rhbz#2327089
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 9 2024 Packit [hello@packit.dev] - 1:9.0.98-1
- Update to version 9.0.98
- Resolves: rhbz#2331168
* Mon Dec 2 2024 Dimitris Soumis [dsoumis@redhat.com] - 1:9.0.97-1
- Update to version 9.0.97
- Resolves: rhbz#2327089
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2327089 - CVE-2024-52318 tomcat: incorrect JSP tag recycling leads to XSS [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2327089
[ 2 ] Bug #2331168 - tomcat-9.0.98 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2331168
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-2a31fce8eb' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--