GWME-7.1.1-12 - Tomcat 6.0.53

Version 3 by Hans Kriel
on Nov 21, 2017 01:29.

compared with
Key
This line was removed.
This word was removed. This word was added.
This line was added.

Changes (15)

View Page History
h1. Problem

7.1.1 includes Tomcat 6.0.32 which has been noted as having vulnerabilities. Version 6.0.53 was included in GroundWork 7.2.0 for this reason. Customers running 7.1.1 that need to be compliant with PCI Net regulations, among others, need a patch.
GroundWork 7.1.1 includes Tomcat 6.0.32 which has been noted as having vulnerabilities. This patch upgrades Tomcat to 6.0.53. Customers running 7.1.1 that need to be compliant with PCI Net regulations, among others, need to upgrade.

h1. Solution

Apply the attached update to receive the upgraded Tomcat 6.0.53. The new version is embedded in the Josso-1.8.4 subsystem.
Apply the attached patch to upgrade the Tomcat embedded in Josso to 6.0.53.

{info}You {note}You must have applied TB7.1.1-11 before you may apply TB7.1.1-12.{info} TB7.1.1-12.{note}

h2. Installation

# Download the patch file tar archive to, for example the /tmp directory
{attachments:patterns= TB7.1.1-12.tomcat6053.tgz}
# Decompress the install script and files and run the install script. They will appear in subdirectory TB7.1.1-12.tomcat6053. Go there and make sure to set ownership and permission. {{TB7.1.1-12.tomcat-6.0.53}}.
{noformat}
tar xvf TB7.1.1-12.tomcat6053.tgz TB7.1.1-12.tomcat-6.0.53.tgz
cd TB7.1.1-12.tomcat6053 TB7.1.1-12.tomcat-6.0.53
./TB7.1.1-12_install.sh
{noformat}

The patch directory will be noted *(in the production version of the updater)* with the facts of this update, along with backup files to be used in the uninstall phase if necessary.
You can see a list of patches and installation logs at:
{noformat}
/usr/local/groundwork/common/var/patches/
{noformat}

In the event that you had not previously installed TB7.1.1-11 this patch will detect the condition. It will require that you apply that patch first.

In the event that you had not previously installed TB7.1.1-11 this patch will exit. As noted above you are required to apply that patch first.

h2. Uninstallation

{noformat}

The patch directory will be processed to reflect the restoration of the files and uninstall steps. Note that uninstall will only be successful if you have not made configuration changes for LDAP and or SSL subsequent to applying the -12 patch, since the backup will have the default versions of the files in josso that control some of these capabilities.
The patch directory will be updated to reflect the restoration of the files and uninstall steps. Note that uninstall will revert to the prepatched state. If you have applied LDAP or HTTPS subsequent to installing this patch you will need to reimplement those configurations after uninstalling.