Refresh RPM lockfiles for images/tomcat/rpms [SECURITY]

This MR contains the following updates:

Update	Change
lockFileMaintenance	All locks refreshed

---

krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

CVE-2025-3576

More information

Details

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2025-3576
• https://bugzilla.redhat.com/show_bug.cgi?id=2359465
• https://www.cve.org/CVERecord?id=CVE-2025-3576
• https://nvd.nist.gov/vuln/detail/CVE-2025-3576
• https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html

🔧 This Merge Request updates lock files to use the latest dependency versions.

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻️ Rebasing: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This MR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this MR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

This MR has been generated by MintMaker (powered by Renovate Bot).