-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Anand,
Anand Gundanna wrote: > We have installed and configured an Tomcat web server on windows server > platform for an application called Business Objects XI. Yikes. Patching Microsoft Windows will be more important than patching Tomcat from the vulnerabilities I've seen from both. > 1) What is the best procedure/practice to keep Tomcat up-to-date with > patches? That depends on your existing patching procedures. > 2) How frequently does Tomcat releases patches/updates and how critical > it is for an internal application? Tomcat rarely releases patches per se. New versions are sometimes released to fix non-security-related as well as security-related bugs. These are also relatively rare. > 3) Does Tomcat have any built in tool/feature to download and update > patches automatically? No. You'll have to watch the lists for updates and then test and deploy them yourself. > Please let me know if you know any other easy option/solution for Tomcat > Patch Management. I would ask your NOC what they do for Microsoft Windows updates. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjJULUACgkQ9CaO5/Lv0PBDDgCcCmhu5/tsnOmv4loCbBzmWjpc diwAn18ybgLsKg1ivtJNOfGcJTIcs8wy =0/ND -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
