André Warnier wrote:
kanishk.se...@accenture.com wrote:
Hi All,
We are using Apache tomcat version 6.0.26 bundled with Jasper soft 5.0
server and we need to install below patches on our servers to fix some
Vulnerabilities.
http://svn.apache.org/viewvc?view=revision&revision=958911
http://svn.apache.org/viewvc?view=revision&revision=958977
http://svn.apache.org/viewvc?view=revision&revision=959428
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151
http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2012-05-584&actionBtn=Search
I am not sure how to install these patches can anyone help us here.
Note: We cannot upgrade to new version. So we need the steps to
install the above patches.
Let's maybe first rectify the above statement : technically, you
certainly /can/ install new versions. Whether the internal rules of
your organisation allow this, is another question altogether, which has
to be answered by your organisation.
As far as I know, Tomcat does not distribute "patches".
It publishes new versions, which include a number of enhancements and
fixes, such as the ones from SVN which you mention above. And it highly
recommends to keep your Tomcat version current and use the latest
published version, which would include the above changes and probably
also fix other issues which you haven't yet noticed.
The latest 6.x version of Tomcat is here :
https://tomcat.apache.org/download-60.cgi
Addendum :
The last link which you mention (juniper) leads to a page which clearly indicates that
these issues have been resolved by a new release of this vendor's product, which includes
a new major version of Tomcat. Did you even read it ?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
