On 3/2/26 20:09, Short, William J. wrote:
The Apache Tomcat version we are on (9.0.16) shows as having Critical
CVE's. Back when our vendor was communicating with us, I notified him
and he said that we could go to Tomcat 10. He sent me instructions to
download and install Tomcat 10.1.8, Java 11, Firebird 3, and the
latest version of his program. He was going to do all of the conversion.
So I have no need to be on Tomcat 10 if 9.0.115 will work.
I will try your suggestions below of installing to match the existing
server, test it, then install Tomcat 9.0.115.
Thanks and I will reply back once I am at that point.
Bill
Bill,
as others already pointed out, Tomcat 9.0.16 is over 6 years old. See
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html
Tomcat 9.0.115 has been released about 1 month ago, so you should be
good here for now. Tomcat 9 will be under active development (i.e.
security fixes!) until roughly one year from now. Shortly before that
you can think about moving to another major Tomcat version, if this app
of yours is still in use.
Oh, and once you have everything running, you can try to improve your
installation by separating CATALINA_HOME and CATALINA_BASE. This way,
you don't need to touch webapps and copy or merge any config files
(usually) when updating Tomcat. But yeah, first try to get your system
running again.
Sebastian
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
