tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sunil chandran <>
Subject Re: avoiding ssl vulnerabilities in tomcat
Date Mon, 07 Sep 2009 14:18:02 GMT
Hello all,
As per the suggestion from tomcat forum users,I went ahead and installed tomcat4.1.40
Then i copied the original webapps file from the back up tomcat (old version).
I tried to start the server. It shows this error
Sep 7, 2009 10:13:11 PM org.apache.coyote.http11.Http11BaseProtocol initINFO: Initializing
Coyote HTTP/1.1 on http-8080Sep 7, 2009 10:13:12 PM org.apache.coyote.http11.Http11BaseProtocol
initINFO: Initializing Coyote HTTP/1.1 on http-8443Starting service Tomcat-StandaloneApache
Tomcat/4.1.40Catalina.start: LifecycleException:  Context startup failed due to previous
errorsStopping service Tomcat-StandaloneCatalina.stop: LifecycleException:  Coyote connector
has not been startedLifecycleException:  Coyote connector has not been started
Please help me 
regardsSunil C

--- On Fri, 14/8/09, Christopher Schultz <> wrote:

From: Christopher Schultz <>
Subject: Re: avoiding ssl vulnerabilities in tomcat
To: "Tomcat Users List" <>
Date: Friday, 14 August, 2009, 7:55 PM

Hash: SHA1


On 8/13/2009 1:11 AM, sunil chandran wrote:
> Now installing tomcat 4.1.40 what all changes will be required in my sevice..
> no change in application?

You are very unlikely to require any webapp changes.

> maybe installation and configuration changes will be needed?

You are very unlikely to require any configuration changes. That's what
moving from patch level (4.1.x to 4.1.y) means: very little should be
required of you.

That being said, it is up to you to read the change log to find out of
any breaking changes have been introduced. This often happens when a
security bug is fixed which requires, say, URLs to be interpreted
differently. If your webapp relies on that old behavior, you'll need to
make arrangements for that (often using a configuration parameter).

The ChangeLog for Tomcat 4.1 can be found here:

It's not in the most easily-read format (changes are described by
component, then by version, rather than the other way around, which is
how I would have done it), but you still have to read it: look for every
change between 4.1.24 (that's your current version, right?) and 4.1.40.
You may have to read relevant bug reports, too.

- -chris
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla -


To unsubscribe, e-mail:
For additional commands, e-mail:

      See the Web&#39;s breaking stories, chosen by people like you. Check out Yahoo!
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message