From: ftpmaster@ftp-master.debian.org   
      
   -----BEGIN PGP SIGNED MESSAGE-----   
   Hash: SHA512   
      
   Format: 1.8   
   Date: Wed,  4 Feb 2026 07:56:25 CET   
   Source: tomcat10   
   Architecture: source   
   Version: 10.1.52-1~deb12u1   
   Distribution: bookworm-security   
   Urgency: medium   
   Maintainer: Debian Java Maintainers    
   Changed-By: Markus Koschany    
   Checksums-Sha1:   
    ca9ec63173d949caeca7ef844830806ef65d2f39 3014 tomcat10_10.1.52-1~deb12u1.dsc   
    2e1309f9ae2114ff28293bc0f7a877360d529984 4952520 tomcat10_10.1.52.orig.tar.xz   
    95495442ee63d4acb5ce4e581b732ed13df0ef5e 52660 tomcat10_10.1.52   
   1~deb12u1.debian.tar.xz   
    6d1b0373c92ef28629deff40588b4a796ba83120 17098 tomcat10_10.1.52   
   1~deb12u1_amd64.buildinfo   
   Checksums-Sha256:   
    95ee499658340ff5fd7bf013d52ccb2d92c42d6726d9852fc164e907cffc51ac 3014   
   tomcat10_10.1.52-1~deb12u1.dsc   
    34218636f749ab70d6074dc7ba7b1b7128b6ab8626b28a76f5a034f975689ac2 4952520   
   tomcat10_10.1.52.orig.tar.xz   
    e9d4091795e9dfa21a040eb5a4e7efe11635eded75cf92997170b80553d47346 52660   
   tomcat10_10.1.52-1~deb12u1.debian.tar.xz   
    6eae91ca2dcd42526351a0aaf9ce48f934b785e82863d242d0a6ac5dcc3de2aa 17098   
   tomcat10_10.1.52-1~deb12u1_amd64.buildinfo   
   Changes:   
    tomcat10 (10.1.52-1~deb12u1) bookworm-security; urgency=medium   
    .   
      * Backport 10.1.52. to bookworm.   
      * Fix CVE-2025-46701, CVE-2025-48976, CVE-2025-48988, CVE-2025-48989,   
        CVE-2025-49125, CVE-2025-52520, CVE-2025-53506, CVE-2025-55668,   
        CVE-2025-55752, CVE-2025-55754, CVE-2025-61795, CVE-2025-31650 and   
        CVE-2025-31651.   
        Several security vulnerabilities have been found in Tomcat 10, a Java web   
        server and servlet engine. This update improves the handling of   
        HTTP/2 connections and corrects various flaws which can lead to   
        uncontrolled resource consumption and a denial of service.   
   Files:   
    f95b05b44bf40ff620a2cef809af6296 3014 java optional tomcat10_10   
   1.52-1~deb12u1.dsc   
    7cd90ce5ac465d0819471b7ce6295ec0 4952520 java optional tomcat10   
   10.1.52.orig.tar.xz   
    edd94f6d4572c990b2e74dd3d9883153 52660 java optional tomcat10_1   
   .1.52-1~deb12u1.debian.tar.xz   
    3ec04e902eb4d8bfd11e29c69c113e2e 17098 java optional tomcat10_1   
   .1.52-1~deb12u1_amd64.buildinfo   
      
   -----BEGIN PGP SIGNATURE-----   
      
   iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmmC7dJfFIAAAAAALgAo   
   aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD   
   RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp   
   YW4ub3JnAAoJENmtFLlRO1HkjkAP/RZ/tqBIgRcMkp2qvT7kkBAr0nTcdggOKXLC   
   gG4iu3tjlGmWV8bFm2uZCOii8w93VFj7/W6qQPd35hC2HFCMsRiGWVPUulAytfxw   
   Ltl/MzLZsOSOSUX4mwMIp9KY3TajNXDgTUoCawkjxDqBksaV4QZuOcfSLLZfOvF7   
   SXeudSJx2iG64BuJq/OPPky2s8PSN+yJFGO8acu/GqwprB0OkvQveqfTI4WlYb+6   
   XxGepBMGv2rEbbEsCHTvr8vJdDOSHYqPiMO1QGoa/bfdMsgyrFz+zd9bQfHuZt/n   
   /IexkDlXfk+oQ73fDNX1WGrPt+mW3lNwOgzSmArAW5Y+z6c+l31YXdooaC3rQGiq   
   i8ifHBuOf4hZP7C4htbCZYTF/vHf9yDL+LCiJdOvG7Rfw4ruTRWGQ+ALM0ZL90Ft   
   WhPuqfpnYTnkmgJvDdB4bL0gL3cR4QKhGCC4h2LsKMQJY3JM+4XbrNEJxlN43G+G   
   XB0yerKZSRbdnhytmJ6YUbgeLX48RJeel6FQd2FJsZ+S7azBtnFeu8aMB4+1bmwp   
   Nd4qyEZR+YL1I36ToraOezulmwn/JUVk2jYLWDWRGEkayPct/z2sVDoXtF3oxKSU   
   3As3JZxImJJucZo2S7xyHamuOCWMw/kR1U2wExiwRC9cpNKfT4SeJ3nTNrNG1jSb   
   NN0ruZNe   
   =IRR/   
   -----END PGP SIGNATURE-----   
      
      
   --==============82594041648531448=Content-Type: application/pgp-signature   
      
   -----BEGIN PGP SIGNATURE-----   
      
   iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaYiGBgAKCRCb9qggYcy5   
   IX6mAQDpxefZ6/pnp4wQvmH37AGQ7P4jp3hPzQSVan5+NrGnLgEAobl5CfYg+ESD   
   ydiURvOsJkadjXPvrMr/itovKxx8rAAÜmh   
   -----END PGP SIGNATURE-----   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)