.gitattributes

@@ -21,3 +21,4 @@
 *.xz filter=lfs diff=lfs merge=lfs -text
 *.zip filter=lfs diff=lfs merge=lfs -text
 *.zst filter=lfs diff=lfs merge=lfs -text
+*.changes merge=merge-changes

.gitignore

@@ -1 +1,5 @@
 .osc
+*.obscpio
+*.osc
+_build.*
+.pbuild

apache-tomcat-9.0.107-src.tar.gz.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEESPjmn2OQyfJc/tzSaCSJWTWecisFAmhk2Z0ACgkQaCSJWTWe
-citEfg/9FbNoAFAP0ui2XT9+AdE/i8SuZEPenAqxY4vxupjtx4mtMCXMlrZaddkQ
-+AofszUn0Q2zLIPCpf79Tp4FB0AgH+z6X2SXPBIqBY9bauC7ZEqpxpuiP3WIehRV
-oGHKv4PucGNndbm96gK+qu3BhwhbJzyXxqpf12+CAJ+uPBw1ywgX2MmqVwfkBeYb
-vIB85Io1BOtZPmp2v0XGXX4/uCqgTRXKE28mrleIghxOrd+Dezn0OQOcT112gejF
-FVk5j3+W64ZaRj3YAU5rkv7f+IeDAj1sc+JxytaGWyTuGlc0rCf7H++c7P9RltyM
-y0/LNKyECTIJW/0lZaaFHrLDZGgBXOzEwGki1xL+NiJSjWJimnqGM8wYGsydjEpi
-t4Z88q+C5hQH95cMxbBbKxy5nME63iVOXWrRAJF8Q0jmmNjoOpKv1J44v5fqOqro
-WqGu6i38mj/EFE9DjjOk86QCRoF4sVVG/QdeNdOzQ1wBmT+1SsYCDXAnE2sYEXBx
-MaVG6buEWJyVhi1Bz5nncm4sRPeq/m7WJDi+0sdHb6Fnut9FKKIKtAOQ6hj4OBNu
-FL3DLIjs8QamxDXfwGY/Vo3NZebt7KKH7nvPdY4QHJQCgqspOCQtz8XjOaseb1ct
-Qn6+QbcABPcCJ4tVco1Yu+5afz97r9x4CeyZlR3lo91o8B+7gfY=
-=5ujs
------END PGP SIGNATURE-----

apache-tomcat-9.0.108-src.tar.gz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEESPjmn2OQyfJc/tzSaCSJWTWecisFAmiLtGUACgkQaCSJWTWe
+cisxtw/9GE6uGWEg+TuPsovJRhNgFV825S0v+Q4EiWO5/c71yxTQBSXZbB7pgSmR
+qACT7Aw6ILeHA93UfQMMlxVZaPxJLwehdcnwQB15zuZvVv9h7xrvPfBTqKZKk6Dn
+uE1KKUkuUK7L+kN0XJ0v3YMNyeSl3luCSP1CIA54c4mssj/xSMAkpJpnafOGJCtq
+I7wsQWA1G1j/HITrIw0pkvhYppTG8Qv2imQGLT9QTRHPYYYgmKkoisprCG/IDmJx
+raFssMXiizIfwoNGXEelQkEyGqPJtiCBIfEqWbSMRCH3EDnNRpjGegXNGpeYHDET
+1FDdKv4B+ajJNOUShk1fvD3/UW3MAkJg+XXUv713ybPjaMhQVAdBRg5vtEgUkl5T
+FHe+TnxsysRtVeBLbUm6Ed4ATx0ocp9UmZ5qMW3pqVrT4J0eFMNR8APUlHlXrcGs
+MWtaeydL3+tYC0yzmx+XpMq2uKwmSPhA/DNzc6POlXQOe0j8fIYi11TDMjgRa7kQ
+ciyInfc0NkRjIsaVbTfUFBNkeW6cBN6QPxN0UYsQUqh2xZbCSv3KxXWpzs0jed0C
+A22+PJv8QK6TttOi6vt9FNCZ9ncISZTZp0p1HH9JDXxlz0k96NpfJ/aoNfD7eXW0
+K9T1lPbkmLraPqaiVpMp91gtWLDEbNPqvFqyECtkZO8H312jUJk=
+=qfxg
+-----END PGP SIGNATURE-----

tomcat.changes

@@ -1,3 +1,35 @@
+-------------------------------------------------------------------
+Mon Aug 25 12:58:40 UTC 2025 - Michele Bussolotto <michele.bussolotto@suse.com>
+
+- Update to Tomcat 9.0.108
+  * Fixed CVEs:
+    + CVE-2025-48989: Update the HTTP/2 overhead documentation (bsc#1243895)
+  * Catalina
+    + Fix: Fix bloom filter population for archive indexing when using a packed
+      WAR containing one or more JAR files. (markt)
+  * Coyote
+    + Fix: 69748: Add missing call to set keep-alive timeout when using
+      HTTP/1.1 following an async request, which was present for AJP.
+      (remm/markt)
+    + Fix: 69762: Fix possible overflow during HPACK decoding of integers. Note
+      that the maximum permitted value of an HPACK decoded integer is
+      Integer.MAX_VALUE. (markt)
+    + Fix: Update the HTTP/2 overhead documentation - particularly the code
+      comments - to reflect the deprecation of the PRIORITY frame and clarify
+      that a stream reset always triggers an overhead increase. (markt)
+  * Cluster
+    + Update: Add enableStatistics configuration attribute for the DeltaManager,
+      defaulting to true. (remm)
+  * Web applications
+    + Fix: Manager and Host Manager. Provide the Manager and Host Manager web
+      applications with a dedicated favicon file rather than using the one from
+      the ROOT web application which might not be present or may represent
+      something entirely different. Pull requests #876 and #878 by Simon Arame.
+  * Other
+    + Update: Update Checkstyle to 10.26.1. (markt)
+    + Add: Improvements to French translations. (remm)
+    + Add: Improvements to Japanese translations by tak7iji. (markt)
+
 -------------------------------------------------------------------
 Wed Aug  6 09:41:41 UTC 2025 - Michele Bussolotto <michele.bussolotto@suse.com>
 

tomcat.spec

@@ -22,7 +22,7 @@
 %define elspec 3.0
 %define major_version 9
 %define minor_version 0
-%define micro_version 107
+%define micro_version 108
 %define packdname apache-tomcat-%{version}-src
 # FHS 2.3 compliant tree structure - http://www.pathname.com/fhs/2.3/
 %global basedir /srv/%{name}