diff --git a/bugfix-for-cve-2025-24813.patch b/bugfix-for-cve-2025-24813.patch
new file mode 100644
index 0000000000000000000000000000000000000000..a35527b0d15481ccf9f1d636374fb3d0b177c051
--- /dev/null
+++ b/bugfix-for-cve-2025-24813.patch
@@ -0,0 +1,75 @@
+From eb61aade8f8daccaecabf07d428b877975622f72 Mon Sep 17 00:00:00 2001
+From: remm <remm@apache.org>
+Date: Fri, 24 Jan 2025 15:06:02 +0100
+Subject: [PATCH] Enhance lifecycle of temporary files used by partial PUT
+
+Delete temporary file right after finishing request processing.
+Simplify using createTempFile.
+---
+ .../catalina/servlets/DefaultServlet.java       | 17 +++++++----------
+ webapps/docs/changelog.xml                      |  3 +++
+ 2 files changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/java/org/apache/catalina/servlets/DefaultServlet.java b/java/org/apache/catalina/servlets/DefaultServlet.java
+index 34b6f4379ecf..0886155e3a41 100644
+--- a/java/org/apache/catalina/servlets/DefaultServlet.java
++++ b/java/org/apache/catalina/servlets/DefaultServlet.java
+@@ -625,7 +625,7 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws Se
+         }
+ 
+         InputStream resourceInputStream = null;
+-
++        File tempContentFile = null;
+         try {
+             // Append data specified in ranges to existing content for this
+             // resource - create a temp. file on the local filesystem to
+@@ -634,8 +634,8 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws Se
+             if (range == IGNORE) {
+                 resourceInputStream = req.getInputStream();
+             } else {
+-                File contentFile = executePartialPut(req, range, path);
+-                resourceInputStream = new FileInputStream(contentFile);
++                tempContentFile = executePartialPut(req, range, path);
++                resourceInputStream = new FileInputStream(tempContentFile);
+             }
+ 
+             if (resources.write(path, resourceInputStream, true)) {
+@@ -659,6 +659,9 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws Se
+                     // Ignore
+                 }
+             }
++            if (tempContentFile != null) {
++                tempContentFile.delete();
++            }
+         }
+     }
+ 
+@@ -681,13 +684,7 @@ protected File executePartialPut(HttpServletRequest req, Range range, String pat
+         // resource - create a temp. file on the local filesystem to
+         // perform this operation
+         File tempDir = (File) getServletContext().getAttribute(ServletContext.TEMPDIR);
+-        // Convert all '/' characters to '.' in resourcePath
+-        String convertedResourcePath = path.replace('/', '.');
+-        File contentFile = new File(tempDir, convertedResourcePath);
+-        if (contentFile.createNewFile()) {
+-            // Clean up contentFile when Tomcat is terminated
+-            contentFile.deleteOnExit();
+-        }
++        File contentFile = File.createTempFile("put-part-", null, tempDir);
+ 
+         try (RandomAccessFile randAccessContentFile = new RandomAccessFile(contentFile, "rw")) {
+ 
+diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
+index cf2fa86bfcfa..84fbc23e0136 100644
+--- a/webapps/docs/changelog.xml
++++ b/webapps/docs/changelog.xml
+@@ -222,6 +222,9 @@
+         Add <code>DataSource</code> based property storage for the
+         <code>WebdavServlet</code>. (remm)
+       </add>
++      <fix>
++        Enhance lifecycle of temporary files used by partial PUT. (remm)
++      </fix>
+     </changelog>
+   </subsection>
+   <subsection name="Coyote">
diff --git a/rhbz-1857043.patch b/rhbz-1857043.patch
index d6185aa7d662ebd024ccbdcb1eb2a209dfd3e136..c9c9bd0a8f7eb509d6d43b8cfd433610baad864a 100644
--- a/rhbz-1857043.patch
+++ b/rhbz-1857043.patch
@@ -1,5 +1,5 @@
---- build.xml.orig	2024-08-03 00:24:59.000000000 +0300
-+++ build.xml	2024-08-06 13:42:04.710875124 +0300
+--- a/build.xml.orig	2024-08-03 00:24:59.000000000 +0300
++++ b/build.xml	2024-08-06 13:42:04.710875124 +0300
 @@ -1110,7 +1110,7 @@
        filesDir="${tomcat.classes}"
        filesId="files.annotations-api"
diff --git a/tomcat-9.0-bnd-annotation.patch b/tomcat-9.0-bnd-annotation.patch
index 9d57c81382348eac9055ed7a9debe15104f1f781..f0d3edcc7cebdec4ec50d5c26f16f018e42e3034 100644
--- a/tomcat-9.0-bnd-annotation.patch
+++ b/tomcat-9.0-bnd-annotation.patch
@@ -1,5 +1,5 @@
---- build.xml.orig	2023-01-29 17:38:29.477052402 +0800
-+++ build.xml	2023-01-29 17:42:03.369583841 +0800
+--- a/build.xml.orig	2023-01-29 17:38:29.477052402 +0800
++++ b/build.xml	2023-01-29 17:42:03.369583841 +0800
 @@ -216,6 +216,7 @@
    <!-- Classpaths -->
    <path id="compile.classpath">
diff --git a/tomcat-9.0-bootstrap-MANIFEST.MF.patch b/tomcat-9.0-bootstrap-MANIFEST.MF.patch
index e2ee93e41eca879db0488a338e93d06d20ce87c7..297718a59be4f0ef9889a59653826f41e2e5e8e4 100644
--- a/tomcat-9.0-bootstrap-MANIFEST.MF.patch
+++ b/tomcat-9.0-bootstrap-MANIFEST.MF.patch
@@ -1,5 +1,5 @@
---- res/META-INF/bootstrap.jar.manifest.orig	2010-04-06 10:11:09.000000000 -0600
-+++ res/META-INF/bootstrap.jar.manifest	2010-04-06 10:45:56.000000000 -0600
+--- a/res/META-INF/bootstrap.jar.manifest.orig	2010-04-06 10:11:09.000000000 -0600
++++ b/res/META-INF/bootstrap.jar.manifest	2010-04-06 10:45:56.000000000 -0600
 @@ -1,6 +1,5 @@
  Manifest-Version: 1.0
  Main-Class: org.apache.catalina.startup.Bootstrap
diff --git a/tomcat-9.0-catalina-policy.patch b/tomcat-9.0-catalina-policy.patch
index dd6a47df66c15d9513eefcb1bc2a1c3e3de03d17..a96d5c8992d2f1a78be871378c5250b69059b974 100644
--- a/tomcat-9.0-catalina-policy.patch
+++ b/tomcat-9.0-catalina-policy.patch
@@ -1,5 +1,5 @@
---- conf/catalina.policy.orig	2022-11-04 16:17:41.227506990 +0800
-+++ conf/catalina.policy	2022-11-04 16:21:51.393351415 +0800
+--- a/conf/catalina.policy.orig	2022-11-04 16:17:41.227506990 +0800
++++ b/conf/catalina.policy	2022-11-04 16:21:51.393351415 +0800
 @@ -56,6 +56,15 @@ grant codeBase "file:${java.home}/lib/ex
  //        permission java.security.AllPermission;
  //};
diff --git a/tomcat-9.0-tomcat-users-webapp.patch b/tomcat-9.0-tomcat-users-webapp.patch
index 85b8b9be970225397824d70b05d0d141c83c0f18..bd20c75c44d1ea6e5729ac290a982cc4dcbf8b07 100644
--- a/tomcat-9.0-tomcat-users-webapp.patch
+++ b/tomcat-9.0-tomcat-users-webapp.patch
@@ -1,5 +1,5 @@
---- conf/tomcat-users.xml~	2008-01-28 17:41:06.000000000 -0500
-+++ conf/tomcat-users.xml	2008-03-07 19:40:07.000000000 -0500
+--- a/conf/tomcat-users.xml~	2008-01-28 17:41:06.000000000 -0500
++++ b/conf/tomcat-users.xml	2008-03-07 19:40:07.000000000 -0500
 @@ -53,4 +53,14 @@
    <user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
    <user username="role1" password="<must-be-changed>" roles="role1"/>
diff --git a/tomcat-build.patch b/tomcat-build.patch
index cdf73ef192a4cead92c17df8c01ed8c59bcd3b65..66df34f51d54c0e408a5b9f1ade42fec6e802890 100644
--- a/tomcat-build.patch
+++ b/tomcat-build.patch
@@ -1,6 +1,6 @@
-diff -up ./res/bnd/build-defaults.bnd.orig ./res/bnd/build-defaults.bnd
---- res/bnd/build-defaults.bnd.orig     2023-10-16 11:23:04.752754202 +0800
-+++ res/bnd/build-defaults.bnd  2023-10-16 11:23:29.931876910 +0800
+diff -up a/res/bnd/build-defaults.bnd.orig b/res/bnd/build-defaults.bnd
+--- a/res/bnd/build-defaults.bnd.orig     2023-10-16 11:23:04.752754202 +0800
++++ b/res/bnd/build-defaults.bnd  2023-10-16 11:23:29.931876910 +0800
 @@ -13,7 +13,7 @@
  # See the License for the specific language governing permissions and
  # limitations under the License.
diff --git a/tomcat.spec b/tomcat.spec
index 0339e9d9581ff9158359a625bebb0f5d0cd457f6..190f79c473ab86e24aabab1560a9456f52607e60 100644
--- a/tomcat.spec
+++ b/tomcat.spec
@@ -1,4 +1,4 @@
-%define anolis_release 1
+%define anolis_release 2
 
 %global jspspec 2.3
 %global major_version 9
@@ -54,6 +54,9 @@ Patch3:        %{name}-%{major_version}.%{minor_version}-catalina-policy.patch
 Patch4:        rhbz-1857043.patch
 Patch6:        %{name}-%{major_version}.%{minor_version}-bnd-annotation.patch
 
+# https://github.com/apache/tomcat/commit/eb61aade8f8daccaecabf07d428b877975622f72
+Patch7:        bugfix-for-cve-2025-24813.patch
+
 BuildArch:     noarch
 
 BuildRequires: ant
@@ -104,7 +107,7 @@ The docs web application for Apache Tomcat.
 %package jsp-%{jspspec}-api
 Summary: Apache Tomcat JavaServer Pages v%{jspspec} API Implementation Classes
 Provides: jsp = %{jspspec}
-Obsoletes: %{name}-jsp-2.2-api
+Obsoletes: %{name}-jsp-2.2-api < 2.3
 Requires: %{name}-servlet-%{servletspec}-api = %{EVR}
 Requires: %{name}-el-%{elspec}-api = %{EVR}
 
@@ -127,7 +130,7 @@ Summary: Apache Tomcat Java Servlet v%{servletspec} API Implementation Classes
 Provides: servlet = %{servletspec}
 Provides: servlet6
 Provides: servlet3
-Obsoletes: %{name}-servlet-3.1-api
+Obsoletes: %{name}-servlet-3.1-api < 4.0
 
 %description servlet-%{servletspec}-api
 Apache Tomcat Servlet API Implementation Classes.
@@ -135,7 +138,7 @@ Apache Tomcat Servlet API Implementation Classes.
 %package el-%{elspec}-api
 Summary: Apache Tomcat Expression Language v%{elspec} API Implementation Classes
 Provides: el_api = %{elspec}
-Obsoletes: %{name}-el-2.2-api
+Obsoletes: %{name}-el-2.2-api < 3.0
 
 %description el-%{elspec}-api
 Apache Tomcat EL API Implementation Classes.
@@ -156,7 +159,7 @@ BuildArch:     noarch
 The %{name}-doc package contains documentation files for %{name}.
 
 %prep
-%autosetup -p0 -n %{packdname}
+%autosetup -p1 -n %{packdname}
 # remove pre-built binaries and windows files
 find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name "*.gz" -o \
    -name "*.jar" -o -name "*.war" -o -name "*.zip" \) -delete
@@ -520,6 +523,9 @@ fi
 %doc {NOTICE,RELEASE*}
 
 %changelog
+* Tue Apr 15 2025 tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> - 1:9.0.98-2
+- Fix CVE-2025-24813
+
 * Thu Jan 09 2025 mgb01105731 <mgb01105731@alibaba-inc.com> - 1:9.0.98-1
 - to #IBGRS9 , #IBGRSC , #IBGRSI
 - Update to version 9.0.98 for CVE-2024-56337,CVE-2024-50379,CVE-2024-54677