diff --git a/java-9-start-up-parameters.conf b/java-9-start-up-parameters.conf
new file mode 100644
index 0000000..341e077
--- /dev/null
+++ b/java-9-start-up-parameters.conf
@@ -0,0 +1,7 @@
+# Add the JAVA 9 specific start-up parameters required by Tomcat
+JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS --add-opens=java.base/java.lang=ALL-UNNAMED"
+JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS --add-opens=java.base/java.io=ALL-UNNAMED"
+JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS --add-opens=java.base/java.util=ALL-UNNAMED"
+JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS --add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
+JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
+export JDK_JAVA_OPTIONS
diff --git a/rhbz-1857043.patch b/rhbz-1857043.patch
index 7d68c42..dd74c3b 100644
--- a/rhbz-1857043.patch
+++ b/rhbz-1857043.patch
@@ -1,7 +1,7 @@
 diff -up ./build.xml.orig ./build.xml
 --- build.xml.orig	2021-07-07 10:53:55.493742841 +0800
 +++ build.xml	2021-07-07 11:09:43.107968515 +0800
-@@ -1030,7 +1030,7 @@
+@@ -1020,7 +1020,7 @@
        filesDir="${tomcat.classes}"
        filesId="files.annotations-api"
        manifest="${tomcat.manifests}/annotations-api.jar.manifest"
@@ -10,7 +10,7 @@ diff -up ./build.xml.orig ./build.xml
  
      <!-- Servlet Implementation JAR File -->
      <jarIt jarfile="${servlet-api.jar}"
-@@ -1039,41 +1039,41 @@
+@@ -1029,41 +1029,41 @@
        manifest="${tomcat.manifests}/servlet-api.jar.manifest"
        notice="${tomcat.manifests}/servlet-api.jar.notice"
        license="${tomcat.manifests}/servlet-api.jar.license"
@@ -58,7 +58,7 @@ diff -up ./build.xml.orig ./build.xml
  
      <!-- Bootstrap JAR File -->
      <jarIt jarfile="${bootstrap.jar}"
-@@ -1085,61 +1085,61 @@
+@@ -1075,61 +1075,61 @@
      <jarIt jarfile="${tomcat-util.jar}"
        filesDir="${tomcat.classes}"
        filesId="files.tomcat-util"
@@ -130,7 +130,7 @@ diff -up ./build.xml.orig ./build.xml
  
      <!-- Catalina Ant Tasks JAR File -->
      <jarIt jarfile="${catalina-ant.jar}"
-@@ -1150,27 +1150,27 @@
+@@ -1140,27 +1140,27 @@
      <jarIt jarfile="${catalina-storeconfig.jar}"
        filesDir="${tomcat.classes}"
        filesId="files.catalina-storeconfig"
@@ -162,7 +162,7 @@ diff -up ./build.xml.orig ./build.xml
  
      <!-- i18n JARs -->
      <jar jarfile="${tomcat.build}/lib/tomcat-i18n-cs.jar"
-@@ -1644,7 +1644,7 @@
+@@ -1620,7 +1620,7 @@
             filesId="files.tomcat-embed-core"
             notice="${tomcat.manifests}/servlet-api.jar.notice"
             license="${tomcat.manifests}/servlet-api.jar.license"
@@ -171,7 +171,7 @@ diff -up ./build.xml.orig ./build.xml
             addGraal="true"
             graalPrefix="org.apache.tomcat.embed/tomcat-embed-core"
             graalFiles="res/graal/tomcat-embed-core/native-image"
-@@ -1652,7 +1652,7 @@
+@@ -1628,7 +1628,7 @@
      <jarIt jarfile="${tomcat-embed-el.jar}"
             filesDir="${tomcat.classes}"
             filesId="files.tomcat-embed-el"
@@ -180,7 +180,7 @@ diff -up ./build.xml.orig ./build.xml
             addGraal="true"
             graalPrefix="org.apache.tomcat.embed/tomcat-embed-el"
             graalFiles="res/graal/tomcat-embed-el/native-image"
-@@ -1661,7 +1661,7 @@
+@@ -1637,7 +1637,7 @@
             filesDir="${tomcat.classes}"
             filesId="files.tomcat-embed-jasper"
             meta-inf="${tomcat.manifests}/jasper.jar"
@@ -189,7 +189,7 @@ diff -up ./build.xml.orig ./build.xml
             addGraal="true"
             graalPrefix="org.apache.tomcat.embed/tomcat-embed-jasper"
             graalFiles="res/graal/tomcat-embed-jasper/native-image"
-@@ -1670,7 +1670,7 @@
+@@ -1646,7 +1646,7 @@
             filesDir="${tomcat.classes}"
             filesId="files.tomcat-embed-websocket"
             meta-inf="${tomcat.manifests}/tomcat-websocket.jar"
diff --git a/sources b/sources
index 259252b..fa93e4d 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (apache-tomcat-9.0.56-src.tar.gz) = 43332241fda149f9da107496cc6b812e38544c9043c567e3fe11ee01b5abfbd02b6a377c3f6090902048bd9dc67746cdc65d59f03bd0de68c05e0955bfe018c5
+SHA512 (apache-tomcat-9.0.71-src.tar.gz) = 0c62a5e526178e39c68717223ce2cb4a31096e5765b718639e4ba4bbf3d70ba28238cd1bb5cf74747f718b35baf98de32c7ee8a7ebd445c6191700070c1ca930
diff --git a/tomcat-9.0-JDTCompiler.patch b/tomcat-9.0-JDTCompiler.patch
index 20605ce..edf156a 100644
--- a/tomcat-9.0-JDTCompiler.patch
+++ b/tomcat-9.0-JDTCompiler.patch
@@ -1,16 +1,17 @@
-diff -up ./java/org/apache/jasper/compiler/JDTCompiler.java.orig ./java/org/apache/jasper/compiler/JDTCompiler.java
---- java/org/apache/jasper/compiler/JDTCompiler.java.orig	2021-07-07 11:31:21.583507995 +0800
-+++ java/org/apache/jasper/compiler/JDTCompiler.java	2021-07-07 11:35:13.009251246 +0800
-@@ -310,7 +310,7 @@ public class JDTCompiler extends org.apa
+diff -up ./java/org/apache/jasper/compiler/JDTCompiler.java ./java/org/apache/jasper/compiler/JDTCompiler.java
+index 2e361f2..277d8f4 100644
+--- java/org/apache/jasper/compiler/JDTCompiler.java
++++ java/org/apache/jasper/compiler/JDTCompiler.java
+@@ -310,7 +310,7 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler {
              } else if(opt.equals("15")) {
                  settings.put(CompilerOptions.OPTION_Source, CompilerOptions.VERSION_15);
              } else if(opt.equals("16")) {
 -                settings.put(CompilerOptions.OPTION_Source, CompilerOptions.VERSION_16);
 +                settings.put(CompilerOptions.OPTION_Source, "16");
              } else if(opt.equals("17")) {
-                 // Constant not available in latest ECJ version shipped with
-                 // Tomcat. May be supported in a snapshot build.
-@@ -372,8 +372,8 @@ public class JDTCompiler extends org.apa
+                 // Constant not available in latest ECJ version that runs on
+                 // Java 8.
+@@ -377,8 +377,8 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler {
                  settings.put(CompilerOptions.OPTION_TargetPlatform, CompilerOptions.VERSION_15);
                  settings.put(CompilerOptions.OPTION_Compliance, CompilerOptions.VERSION_15);
              } else if(opt.equals("16")) {
@@ -19,5 +20,5 @@ diff -up ./java/org/apache/jasper/compiler/JDTCompiler.java.orig ./java/org/apac
 +                settings.put(CompilerOptions.OPTION_TargetPlatform, "16");
 +                settings.put(CompilerOptions.OPTION_Compliance, "16");
              } else if(opt.equals("17")) {
-                 // Constant not available in latest ECJ version shipped with
-                 // Tomcat. May be supported in a snapshot build.
+                 // Constant not available in latest ECJ version that runs on
+                 // Java 8.
diff --git a/tomcat-9.0-bnd-annotation.patch b/tomcat-9.0-bnd-annotation.patch
new file mode 100644
index 0000000..9d57c81
--- /dev/null
+++ b/tomcat-9.0-bnd-annotation.patch
@@ -0,0 +1,10 @@
+--- build.xml.orig	2023-01-29 17:38:29.477052402 +0800
++++ build.xml	2023-01-29 17:42:03.369583841 +0800
+@@ -216,6 +216,7 @@
+   <!-- Classpaths -->
+   <path id="compile.classpath">
+     <pathelement location="${bnd.jar}"/>
++    <pathelement location="${bnd-annotation.jar}"/>
+     <pathelement location="${jdt.jar}"/>
+     <pathelement location="${jaxrpc-lib.jar}"/>
+     <pathelement location="${wsdl4j-lib.jar}"/>
diff --git a/tomcat-9.0-catalina-policy.patch b/tomcat-9.0-catalina-policy.patch
index 6614609..dd6a47d 100644
--- a/tomcat-9.0-catalina-policy.patch
+++ b/tomcat-9.0-catalina-policy.patch
@@ -1,6 +1,6 @@
---- conf/catalina.policy.orig	2021-07-07 10:25:53.461393329 +0800
-+++ conf/catalina.policy	2021-07-07 10:27:47.688682404 +0800
-@@ -56,6 +56,16 @@ grant codeBase "file:${java.home}/lib/ex
+--- conf/catalina.policy.orig	2022-11-04 16:17:41.227506990 +0800
++++ conf/catalina.policy	2022-11-04 16:21:51.393351415 +0800
+@@ -56,6 +56,15 @@ grant codeBase "file:${java.home}/lib/ex
  //        permission java.security.AllPermission;
  //};
  
@@ -13,11 +13,10 @@
 +grant codeBase "file:/usr/share/java/ecj/ecj.jar" {
 +        permission java.security.AllPermission;
 +};
-+
  
  // ========== CATALINA CODE PERMISSIONS =======================================
  
-@@ -262,4 +272,4 @@ grant codeBase "file:${catalina.home}/we
+@@ -261,4 +270,4 @@ grant codeBase "file:${catalina.home}/we
  //
  // The permissions granted to a specific JAR
  // grant codeBase "war:file:${catalina.base}/webapps/examples.war*/WEB-INF/lib/foo.jar" {
diff --git a/tomcat-9.0-tomcat-users-webapp.patch b/tomcat-9.0-tomcat-users-webapp.patch
index 860c4cf..85b8b9b 100644
--- a/tomcat-9.0-tomcat-users-webapp.patch
+++ b/tomcat-9.0-tomcat-users-webapp.patch
@@ -1,6 +1,6 @@
 --- conf/tomcat-users.xml~	2008-01-28 17:41:06.000000000 -0500
 +++ conf/tomcat-users.xml	2008-03-07 19:40:07.000000000 -0500
-@@ -23,4 +23,14 @@
+@@ -53,4 +53,14 @@
    <user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
    <user username="role1" password="<must-be-changed>" roles="role1"/>
  -->
diff --git a/tomcat-build.patch b/tomcat-build.patch
index 97440f1..49c63ff 100644
--- a/tomcat-build.patch
+++ b/tomcat-build.patch
@@ -1,18 +1,3 @@
-diff -up ./build.xml.orig ./build.xml
---- ./build.xml.orig	2020-07-13 12:59:09.555368724 -0400
-+++ ./build.xml	2020-07-13 13:06:51.246135917 -0400
-@@ -3307,6 +3307,11 @@ Read the Building page on the Apache Tom
-     <!-- Add bnd tasks to project -->
-     <path id="bnd.classpath">
-       <fileset file="${bnd.jar}" />
-+      <fileset file="${bndlib.jar}" />
-+      <fileset file="${bndlibg.jar}" />
-+      <fileset file="${bndannotation.jar}" />
-+      <fileset file="${slf4j-api.jar}" />
-+      <fileset file="${osgi-cmpn.jar}" />
-     </path>
- 
-     <taskdef resource="aQute/bnd/ant/taskdef.properties" classpathref="bnd.classpath" />
 diff -up ./res/bnd/build-defaults.bnd.orig ./res/bnd/build-defaults.bnd
 --- ./res/bnd/build-defaults.bnd.orig	2020-07-13 13:47:01.229077747 -0400
 +++ ./res/bnd/build-defaults.bnd	2020-07-13 13:47:12.923095618 -0400
diff --git a/tomcat.spec b/tomcat.spec
index 31a5258..707e59c 100644
--- a/tomcat.spec
+++ b/tomcat.spec
@@ -31,7 +31,7 @@
 %global jspspec 2.3
 %global major_version 9
 %global minor_version 0
-%global micro_version 56
+%global micro_version 71
 %global packdname apache-tomcat-%{version}-src
 %global servletspec 4.0
 %global elspec 3.0
@@ -56,7 +56,7 @@
 Name:          tomcat
 Epoch:         1
 Version:       %{major_version}.%{minor_version}.%{micro_version}
-Release:       3%{?dist}
+Release:       1%{?dist}
 Summary:       Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
 
 License:       ASL 2.0
@@ -73,6 +73,7 @@ Source21:      tomcat-functions
 Source30:      tomcat-preamble
 Source31:      tomcat-server
 Source32:      tomcat-named.service
+Source33:      java-9-start-up-parameters.conf
 
 Patch0:        %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch
 Patch1:        %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch
@@ -80,6 +81,7 @@ Patch2:        %{name}-build.patch
 Patch3:        %{name}-%{major_version}.%{minor_version}-catalina-policy.patch
 Patch4:        rhbz-1857043.patch
 Patch5:        %{name}-%{major_version}.%{minor_version}-JDTCompiler.patch
+Patch6:        %{name}-%{major_version}.%{minor_version}-bnd-annotation.patch
 
 BuildArch:     noarch
 
@@ -90,12 +92,10 @@ BuildRequires: java-devel >= 1:1.8.0
 BuildRequires: javapackages-local
 BuildRequires: aqute-bnd
 BuildRequires: aqute-bndlib
-BuildRequires: wsdl4j
 BuildRequires: systemd
 
 Requires:      java-headless >= 1:1.8.0
 Requires:      javapackages-tools
-Requires:      procps
 Requires:      %{name}-lib = %{epoch}:%{version}-%{release}
 %if 0%{?fedora} || 0%{?rhel} > 7
 Recommends:    tomcat-native >= %{native_version}
@@ -190,6 +190,7 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name "
 %patch3 -p0
 %patch4 -p0
 %patch5 -p0
+%patch6 -p0
 
 # Remove webservices naming resources as it's generally unused
 %{__rm} -rf java/org/apache/naming/factory/webservices
@@ -220,14 +221,9 @@ touch HACK
   -Dcommons-daemon.native.win.mgr.exe="HACK" \
   -Dnsis.exe="HACK" \
   -Djaxrpc-lib.jar="HACK" \
-  -Dwsdl4j-lib.jar="$(build-classpath wsdl4j)" \
+  -Dwsdl4j-lib.jar="HACK" \
   -Dbnd.jar="$(build-classpath aqute-bnd/biz.aQute.bnd)" \
-  -Dbndlib.jar="$(build-classpath aqute-bnd/biz.aQute.bndlib)" \
-  -Dbndlibg.jar="$(build-classpath aqute-bnd/aQute.libg)" \
-  -Dbndannotation.jar="$(build-classpath aqute-bnd/biz.aQute.bnd.annotation)" \
-  -Dosgi-annotations.jar="$(build-classpath aqute-bnd/biz.aQute.bnd.annotation)" \
-  -Dslf4j-api.jar="$(build-classpath slf4j/slf4j-api)" \
-  -Dosgi-cmpn.jar="$(build-classpath osgi-compendium/osgi.cmpn)" \
+  -Dbnd-annotation.jar="$(build-classpath aqute-bnd/biz.aQute.bnd.annotation)" \
   -Dversion="%{version}" \
   -Dversion.build="%{micro_version}" \
   deploy
@@ -302,6 +298,8 @@ popd
 %{__install} -m 0644 %{SOURCE32} \
     ${RPM_BUILD_ROOT}%{_unitdir}/%{name}@.service
 
+%{__install} -m 0644 %{SOURCE33} ${RPM_BUILD_ROOT}%{confdir}/conf.d/
+
 # Substitute libnames in catalina-tasks.xml
 sed -i \
    "s,el-api.jar,%{name}-el-%{elspec}-api.jar,;
@@ -441,6 +439,7 @@ fi
 %attr(0775,root,tomcat) %dir %{confdir}/Catalina/localhost
 %attr(0755,root,tomcat) %dir %{confdir}/conf.d
 %{confdir}/conf.d/README
+%{confdir}/conf.d/java-9-start-up-parameters.conf
 %config(noreplace) %{confdir}/%{name}.conf
 %config(noreplace) %{confdir}/*.policy
 %config(noreplace) %{confdir}/*.properties
@@ -496,6 +495,34 @@ fi
 %{appdir}/ROOT
 
 %changelog
+* Sun Jan 29 2023 Hui Wang <huwang@redhat.com> - 1:9.0.71-1
+- Update to 9.0.71
+- Remove osgi-annotations patch
+- Add bnd-annotation dependency which is in bndlib package
+
+* Fri Jan 13 2023 Hui Wang <huwang@redhat.com> - 1:9.0.70-1
+- Update to 9.0.70
+
+* Thu Nov 03 2022 Hui Wang <huwang@redhat.com> - 1:9.0.68-1
+- Update to 9.0.68
+
+* Thu Jul 21 2022 Hui Wang <huwang@redhat.com> - 1:9.0.65-1
+- Update to 9.0.65
+
+* Tue Jun 21 2022 Hui Wang <huwang@redhat.com> - 1:9.0.64-1
+- Update to 9.0.64
+- Add osgi-annotations dependency back
+
+* Thu Mar 10 2022 Coty Sutherland <csutherl@redhat.com> - 1:9.0.59-3
+- Related: rhbz#2061424 Adjust fix so that it uses the proper env var
+
+* Tue Mar 08 2022 Coty Sutherland <csutherl@redhat.com> - 1:9.0.59-2
+- Resolves: rhbz#2061424 Add Java 9 start-up parameters to allow reflection
+
+* Wed Mar 02 2022 Sonia Xu <sonix@amazon.com> - 1:9.0.59-1
+- Update to 9.0.59
+- Resolves: rhbz#2047419 - CVE-2022-23181 tomcat: local privilege escalation vulnerability
+
 * Sat Feb 05 2022 Jiri Vanek <jvanek@redhat.com> - 1:9.0.56-3
 - Rebuilt for java-17-openjdk as system jdk