View Source

{toc}

h1. Problem

GroundWork 7.1.1 includes Tomcat 6.0.32 which has been noted as having vulnerabilities. This patch upgrades Tomcat to 6.0.53. Customers running 7.1.1 that need to be compliant with PCI Net regulations, among others, need to upgrade.

h1. Solution

Apply the attached patch to upgrade the Tomcat embedded in Josso to 6.0.53.

{note}You must have applied TB7.1.1-11 before you may apply TB7.1.1-12.{note}

h2. Installation

# Download the patch file tar archive
{attachments:patterns=TB7.1.1-12.tomcat-6.0.53.tgz}
# Decompress the install script and files and run the install script. They will appear in subdirectory {{TB7.1.1-12.tomcat-6.0.53}}.
{noformat}
tar xvf TB7.1.1-12.tomcat-6.0.53.tgz
cd TB7.1.1-12.tomcat-6.0.53
./TB7.1.1-12_install.sh
{noformat}

You can see a list of patches and installation logs at:
{noformat}
/usr/local/groundwork/common/var/patches/
{noformat}


In the event that you had not previously installed TB7.1.1-11 this patch will exit. As noted above you are required to apply that patch first.

h2. Uninstallation

# Run the uninstall script, and respond to the prompts.

{noformat}
./TB7.1.1-12_uninstall.sh
{noformat}

The patch directory will be updated to reflect the restoration of the files and uninstall steps. Note that uninstall will revert to the prepatched state. If you have applied LDAP or HTTPS subsequent to installing this patch you will need to reimplement those configurations after uninstalling.