openSUSE has issued an advisory on March 16: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WQRQ6JSFISH4LSDOH7IDJHNYPKMGUF5X/
Source RPM: (none) => tomcat-9.0.98-1.mga10.src.rpm, tomcat-9.0.98-1.mga9.src.rpmWhiteboard: (none) => MGA9TOOCVE: (none) => CVE-2004-56337, CVE-2025-24813Status comment: (none) => Fixed upstream in 9.0.99
Fixed both Cauldron and mga9!
Whiteboard: MGA9TOO => (none)CC: (none) => geiger.david68210Version: Cauldron => 9
Assigning to QA, Packages in 9/Core/Updates_testing: ====================== tomcat-9.0.102-1.mga9.noarch.rpm tomcat-admin-webapps-9.0.102-1.mga9.noarch.rpm tomcat-docs-webapp-9.0.102-1.mga9.noarch.rpm tomcat-el-3.0-api-9.0.102-1.mga9.noarch.rpm tomcat-jsp-2.3-api-9.0.102-1.mga9.noarch.rpm tomcat-lib-9.0.102-1.mga9.noarch.rpm tomcat-servlet-4.0-api-9.0.102-1.mga9.noarch.rpm tomcat-webapps-9.0.102-1.mga9.noarch.rpm From SRPMS: tomcat-9.0.102-1.mga9.src.rpm
Assignee: bugsquad => qa-bugs
MGA9-64 Plasma Wayland on Compaq H000SB No installation issues. Following bug 33863: Added following lines to /etc/tomcat/tomcat-users.xml before the end line: <role rolename="manager-gui"/> <user name="tester9" password="tester" roles="manager-gui" /> Download http://tomcat.apache.org/tomcat-6.0-doc/appdev/sample/sample.war and cpoy to /var/lib/tomcat/webapps. Then at CLI: # systemctl start httpd # systemctl -l status httpd ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; preset: disabled) Active: active (running) since Wed 2025-03-19 15:22:09 CET; 19s ago Main PID: 19527 (/usr/sbin/httpd) Status: "Total requests: 0; Idle/Busy workers 100/0;Requests/sec: 0; Bytes served/sec: 0 B/sec" Tasks: 6 (limit: 8806) Memory: 18.7M CPU: 480ms CGroup: /system.slice/httpd.service ├─19527 /usr/sbin/httpd -DFOREGROUND ├─19531 /usr/sbin/httpd -DFOREGROUND ├─19532 /usr/sbin/httpd -DFOREGROUND ├─19533 /usr/sbin/httpd -DFOREGROUND ├─19534 /usr/sbin/httpd -DFOREGROUND └─19535 /usr/sbin/httpd -DFOREGROUND Mar 19 15:22:08 mach3.hviaene.thuis systemd[1]: Starting httpd.service... Mar 19 15:22:09 mach3.hviaene.thuis systemd[1]: Started httpd.service. # systemctl restart tomcat.service # systemctl -l status tomcat.service ● tomcat.service - Apache Tomcat Web Application Container Loaded: loaded (/usr/lib/systemd/system/tomcat.service; disabled; preset: disabled) Active: active (running) since Wed 2025-03-19 15:22:48 CET; 19s ago Main PID: 19630 (java) Tasks: 37 (limit: 8806) Memory: 144.8M CPU: 27.052s CGroup: /system.slice/tomcat.service └─19630 /usr/lib/jvm/jre/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -classpath /usr/share/tomcat/bi> Mar 19 15:23:05 mach3.hviaene.thuis server[19630]: 19-Mar-2025 15:23:05.460 INFO [main] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was s> Mar 19 15:23:05 mach3.hviaene.thuis server[19630]: 19-Mar-2025 15:23:05.498 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of> Mar 19 15:23:05 mach3.hviaene.thuis server[19630]: 19-Mar-2025 15:23:05.505 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web> Mar 19 15:23:06 mach3.hviaene.thuis server[19630]: 19-Mar-2025 15:23:06.569 INFO [main] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was s> Mar 19 15:23:06 mach3.hviaene.thuis server[19630]: 19-Mar-2025 15:23:06.579 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of> Mar 19 15:23:06 mach3.hviaene.thuis server[19630]: 19-Mar-2025 15:23:06.581 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web> Mar 19 15:23:07 mach3.hviaene.thuis server[19630]: 19-Mar-2025 15:23:07.384 INFO [main] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was s> Mar 19 15:23:07 mach3.hviaene.thuis server[19630]: 19-Mar-2025 15:23:07.394 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of> Mar 19 15:23:07 mach3.hviaene.thuis server[19630]: 19-Mar-2025 15:23:07.417 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["> Mar 19 15:23:07 mach3.hviaene.thuis server[19630]: 19-Mar-2025 15:23:07.512 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [10974]> Them I could connect to http://localhost:8080 to exercise the the manager app and http://localhost:8080/sample to display the samples. OK for me
CC: (none) => herman.viaeneWhiteboard: (none) => MGA9-64-OK
Keywords: (none) => advisory
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2025-0105.html
Status: NEW => RESOLVEDResolution: (none) => FIXED