This update for tomcat fixes the following issues: Security issues fixed: - CVE-2017-5664: A problem in handling error pages was fixed, to avoid potential file overwrites during error page handling. - CVE-2017-7674: A CORS Filter issue could lead to client and server side cache poisoning - CVE-2017-12617: A remote code execution possibility via JSP Upload was fixed Non security bugs fixed: - Fix tomcat-digest classpath error - Fix packaged /etc/alternatives symlinks for api libs that caused rpm -V to report link mismatch