diff --git a/download b/download
deleted file mode 100644
index 76b5b5a07f9dacf9e0bf19a6aa3530fd61a93630..0000000000000000000000000000000000000000
--- a/download
+++ /dev/null
@@ -1 +0,0 @@
-18a2957ed318b2c569d38376dbc893c8  tomcat-9.0.87.redhat-00008-src.zip
diff --git a/tomcat-9.0.87.redhat-00010-src.zip b/tomcat-9.0.87.redhat-00010-src.zip
new file mode 100644
index 0000000000000000000000000000000000000000..dfb0c31cb14ddec8a9478ceb8dfa6f481e7ac8ad
Binary files /dev/null and b/tomcat-9.0.87.redhat-00010-src.zip differ
diff --git a/tomcat-server b/tomcat-server
index 17ae3852707ec0777d42152493169e46b448cfeb..25ef221acea703ce759ed37d2ad139325543f651 100644
--- a/tomcat-server
+++ b/tomcat-server
@@ -10,7 +10,8 @@ OPTIONS="-Dcatalina.base=$CATALINA_BASE \
 -Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS \
 -Djava.io.tmpdir=$CATALINA_TMPDIR \
 -Djava.util.logging.config.file=${LOGGING_PROPERTIES} \
--Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager"
+-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager \
+-Dsun.io.useCanonCaches=false"
 
 if [ "$1" = "start" ] ; then
   FLAGS="${FLAGS} $CATALINA_OPTS"
diff --git a/tomcat.spec b/tomcat.spec
index 7e9ee92efbdc19dbe3e5f8dad60f7e1c67e6830d..ca0ef59b849798df9c7c2b5f0c0307691f612443 100644
--- a/tomcat.spec
+++ b/tomcat.spec
@@ -32,7 +32,7 @@
 %global major_version 9
 %global minor_version 0
 %global micro_version 87
-%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00008-src
+%global packdname %{name}-%{major_version}.%{minor_version}.%{micro_version}.redhat-00010-src
 %global servletspec 4.0
 %global elspec 3.0
 %global tcuid 53
@@ -56,7 +56,7 @@
 Name:          tomcat
 Epoch:         1
 Version:       %{major_version}.%{minor_version}.%{micro_version}
-Release:       1%{?dist}.3
+Release:       1%{?dist}.4
 Summary:       Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
 
 License:       ASL 2.0
@@ -556,6 +556,12 @@ fi
 
 
 %changelog
+* Mon May 26 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-1.el8_10.4
+- Resolves: RHEL-91761
+  tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame (CVE-2025-31650)
+- Resolves: RHEL-71971
+  tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation (CVE-2024-56337)
+
 * Wed Apr 02 2025 Adam Krajcik <akrajcik@redhat.com> - 1:9.0.87-1.el8_10.3
 - Resolves: RHEL-82934
   tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)