This update for tomcat fixes the following issues: Updated to Tomcat 9.0.85: * CVE-2023-45648: Improve trailer header parsing . * CVE-2023-42794: FileUpload: remove tmp files to avoid DoS on Windows . * CVE-2023-42795: Improve handling of failures during recycle methods . * CVE-2023-46589: Fixed HTTP request smuggling due to incorrect headers parsing * CVE-2024-22029: Fixed escalation to root from tomcat user via %post script. The following non-security issues were fixed: * Fixed the file permissions for server.xml . Find the full release notes at: https://tomcat.apache.org/tomcat-9.0-doc/changelog.html