update trusty to newest release due to security vulnerabilities
I would like to be able to install tomcat 7.0.58 or greater on trusty without doing a manual installation to address some security vulnerabilities:
https:/
https:/
https:/
https:/
https:/
https:/
https:/
What is the best way to request that?
Question information
- Language:
- English Edit question
- Status:
- Answered
- For:
- Ubuntu tomcat7 Edit question
- Assignee:
- No assignee Edit question
- Last query:
- 2015-06-22
- Last reply:
- 2016-02-19
I suggest you report a bug. Mark it as a security bug with those links and the package will be updated sooner rather than later
Manfred Hampl (m-hampl) said : | #2 |
The problem seems to be already known, see
https:/
and
http://
http://
http://
Dylan Bijnagte (dylanbijnagte) said : | #3 |
Thanks, I missed the bug report in my search
DougPendergras (dpendergras) said : | #4 |
I have a similar issue. I've been asked by managment to upgrade to latest tomcat security after my company hired a security audit.
Is there a procedure for manually applying only security updates for ubuntu 14.04 tomcat7 package?
I would like to automate security patching for Tomcat7. However my new SLA only allows for 30 day delay after security patches are made available.
actionparsnip (andrew-
Thank you,
Doug
Manfred Hampl (m-hampl) said : | #5 |
@DougPenergras:
What vulnerability are you talking about?
https:/
This has been fixed in tomcat7 for Ubuntu 14.04 (7.0.52-1ubuntu0.3)
http://
You have to be aware, that Ubuntu's strategy is not to upgrade the whole package (e.g. to 7.0.59), but to backport the bug fix to the older version (making it from 7.0.52-1 into 7.0.52-1ubuntu0.3)
DougPendergras (dpendergras) said : | #6 |
@Manfred Hampl (m-hampl)
Thank you for explaining that the Ubuntu Tomcat package name (7.0.52-1ubuntu0.3) will not reflect the same version format as the Tomcat packages (Apache Tomcat 7.0.59). I did not understand that.
Can you help with this problem?
Provide an answer of your own, or ask Dylan Bijnagte for more information if necessary.