tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: avoiding ssl vulnerabilities in tomcat
Date Tue, 11 Aug 2009 11:25:13 GMT
sunil chandran wrote:
> Hello all,
>  
> OK i will upgrade.
> But what all changes required to update to tomcat 5.
> what all changes reuired to upgrade to tomcat 4.1.40

You may as well do the job properly and upgrade to 6.0.20.

For you app? No changes should be required.

For your Tomcat configuration? Start with the clean configuration
provided with 6.0.20 and add any modifications you need. Be aware that
the config has changed in particular:
- the <Logger> element is no longer used
- Resource configuration has changed

See the docs for the details.

Mark



>  
>  
> 
> --- On Mon, 10/8/09, Caldarale, Charles R <Chuck.Caldarale@unisys.com> wrote:
> 
> 
> From: Caldarale, Charles R <Chuck.Caldarale@unisys.com>
> Subject: RE: avoiding ssl vulnerabilities in tomcat
> To: "Tomcat Users List" <users@tomcat.apache.org>
> Date: Monday, 10 August, 2009, 7:10 PM
> 
> 
>> From: sunil chandran [mailto:sunilonweb2002@yahoo.co.in]
>> Subject: Re: avoiding ssl vulnerabilities in tomcat
>>
>> Is there any patch provided so that i can still use the same version
>> 4.1.24 itself.
> 
> No, you *must* upgrade.  Your reluctance to do so borders on the ridiculous.
> 
> - Chuck
> 
> 
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and
is thus for use only by the intended recipient. If you received this in error, please contact
the sender and delete the e-mail and its attachments from all computers.
> 
> 
> 
> Send free SMS to your Friends on Mobile from your Yahoo! Messenger. Download Now! http://messenger.yahoo.com/download.php




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message