-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 4 Feb 2026 07:56:25 CET Source: tomcat10 Architecture: source Version: 10.1.52-1~deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Checksums-Sha1: ca9ec63173d949caeca7ef844830806ef65d2f39 3014 tomcat10_10.1.52-1~deb12u1.dsc 2e1309f9ae2114ff28293bc0f7a877360d529984 4952520 tomcat10_10.1.52.orig.tar.xz 95495442ee63d4acb5ce4e581b732ed13df0ef5e 52660 tomcat10_10.1.52-1~deb12u1.debian.tar.xz 6d1b0373c92ef28629deff40588b4a796ba83120 17098 tomcat10_10.1.52-1~deb12u1_amd64.buildinfo Checksums-Sha256: 95ee499658340ff5fd7bf013d52ccb2d92c42d6726d9852fc164e907cffc51ac 3014 tomcat10_10.1.52-1~deb12u1.dsc 34218636f749ab70d6074dc7ba7b1b7128b6ab8626b28a76f5a034f975689ac2 4952520 tomcat10_10.1.52.orig.tar.xz e9d4091795e9dfa21a040eb5a4e7efe11635eded75cf92997170b80553d47346 52660 tomcat10_10.1.52-1~deb12u1.debian.tar.xz 6eae91ca2dcd42526351a0aaf9ce48f934b785e82863d242d0a6ac5dcc3de2aa 17098 tomcat10_10.1.52-1~deb12u1_amd64.buildinfo Changes: tomcat10 (10.1.52-1~deb12u1) bookworm-security; urgency=medium . * Backport 10.1.52. to bookworm. * Fix CVE-2025-46701, CVE-2025-48976, CVE-2025-48988, CVE-2025-48989, CVE-2025-49125, CVE-2025-52520, CVE-2025-53506, CVE-2025-55668, CVE-2025-55752, CVE-2025-55754, CVE-2025-61795, CVE-2025-31650 and CVE-2025-31651. Several security vulnerabilities have been found in Tomcat 10, a Java web server and servlet engine. This update improves the handling of HTTP/2 connections and corrects various flaws which can lead to uncontrolled resource consumption and a denial of service. Files: f95b05b44bf40ff620a2cef809af6296 3014 java optional tomcat10_10.1.52-1~deb12u1.dsc 7cd90ce5ac465d0819471b7ce6295ec0 4952520 java optional tomcat10_10.1.52.orig.tar.xz edd94f6d4572c990b2e74dd3d9883153 52660 java optional tomcat10_10.1.52-1~deb12u1.debian.tar.xz 3ec04e902eb4d8bfd11e29c69c113e2e 17098 java optional tomcat10_10.1.52-1~deb12u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmmC7dJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkjkAP/RZ/tqBIgRcMkp2qvT7kkBAr0nTcdggOKXLC gG4iu3tjlGmWV8bFm2uZCOii8w93VFj7/W6qQPd35hC2HFCMsRiGWVPUulAytfxw Ltl/MzLZsOSOSUX4mwMIp9KY3TajNXDgTUoCawkjxDqBksaV4QZuOcfSLLZfOvF7 SXeudSJx2iG64BuJq/OPPky2s8PSN+yJFGO8acu/GqwprB0OkvQveqfTI4WlYb+6 XxGepBMGv2rEbbEsCHTvr8vJdDOSHYqPiMO1QGoa/bfdMsgyrFz+zd9bQfHuZt/n /IexkDlXfk+oQ73fDNX1WGrPt+mW3lNwOgzSmArAW5Y+z6c+l31YXdooaC3rQGiq i8ifHBuOf4hZP7C4htbCZYTF/vHf9yDL+LCiJdOvG7Rfw4ruTRWGQ+ALM0ZL90Ft WhPuqfpnYTnkmgJvDdB4bL0gL3cR4QKhGCC4h2LsKMQJY3JM+4XbrNEJxlN43G+G XB0yerKZSRbdnhytmJ6YUbgeLX48RJeel6FQd2FJsZ+S7azBtnFeu8aMB4+1bmwp Nd4qyEZR+YL1I36ToraOezulmwn/JUVk2jYLWDWRGEkayPct/z2sVDoXtF3oxKSU 3As3JZxImJJucZo2S7xyHamuOCWMw/kR1U2wExiwRC9cpNKfT4SeJ3nTNrNG1jSb NN0ruZNe =IRR/ -----END PGP SIGNATURE-----
