diff --git a/sources b/sources
index a01c193..6a8aabc 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (apache-tomcat-8.0.46-src.tar.gz) = 9adbea9faf61f782ede1c657e833dea55ad1b4a874a1eb9801eab82ac9999de847e7f08ff7a49b3389b9d0683d185c6d4981f9f8d2f607f68c077a682af508d5
+SHA512 (apache-tomcat-8.0.47-src.tar.gz) = 135de73b8ca7d4003fcecc19a17a8a86ab85fc1054e89638d26e57263249438d8e8aebfca0a2791eaec2bc835baa57e6a05b60e11595aa373fdc03e278b31702
diff --git a/tomcat.spec b/tomcat.spec
index 9ff886e..d15494a 100644
--- a/tomcat.spec
+++ b/tomcat.spec
@@ -31,7 +31,7 @@
 %global jspspec 2.3
 %global major_version 8
 %global minor_version 0
-%global micro_version 46
+%global micro_version 47
 %global packdname apache-tomcat-%{version}-src
 %global servletspec 3.1
 %global elspec 3.0
@@ -690,6 +690,10 @@ fi
 %attr(0660,tomcat,tomcat) %verify(not size md5 mtime) %{logdir}/catalina.out
 
 %changelog
+* Wed Oct 04 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.47-1
+- Update to 8.0.47
+- Resolves: rhbz#1497682 CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615
+
 * Mon Aug 21 2017 Coty Sutherland <csutherl@redhat.com> - 1:8.0.46-1
 - Update to 8.0.46
 - Resolves: rhbz#1480620 CVE-2017-7674 tomcat: Cache Poisoning