Apache Tomcat upgrade from 9.0.14 to 9.0.31 - virtual-machine

I have a virtual machine with Ubuntu 18.04, Apache Tomcat 9.0.14 installed, and a web app developed with Java 8.
Recently I received an alert from the company where I work, with the following description from Nessus:
Severity CVSS v2.0 Plugin Name
HIGH 7.5 133845 Apache Tomcat 7.0.x < 7.0.100 / 8.5.x < 8.5.51 / 9.0.x < 9.0.31 Multiple Vulnerabilities
HIGH 7.5 161159 Apache Tomcat 9.0.0.M1 < 9.0.21 vulnerability
Assuming I have to upgrade Tomcat to at least 9.0.31 version, here comes my difficulty.
Tomcat 9.0.31 is not compatible with Ubuntu 18.04, so I snapshotted the virtual machine and upgraded the os to Ubuntu 20.04.
Now, typing apt list I get the Tomcat package as follows:
tomcat9-admin/focal-updates,focal-updates 9.0.31-1ubuntu0.3 all
tomcat9-common/focal-updates,focal-updates 9.0.31-1ubuntu0.3 all
tomcat9-docs/focal-updates,focal-updates 9.0.31-1ubuntu0.3 all
tomcat9-examples/focal-updates,focal-updates 9.0.31-1ubuntu0.3 all
tomcat9-user/focal-updates,focal-updates 9.0.31-1ubuntu0.3 all
tomcat9/focal-updates,focal-updates 9.0.31-1ubuntu0.3 all
But when I run the /opt/tomcat/bin/version.sh I get the following:
Using CATALINA_BASE: /opt/tomcat
Using CATALINA_HOME: /opt/tomcat
Using CATALINA_TMPDIR: /opt/tomcat/temp
Using JRE_HOME: /usr/jdk1.8.0_211
Using CLASSPATH: /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar
Using CATALINA_PID: /opt/tomcat/temp/tomcat.pid
Server version: Apache Tomcat/9.0.14
Server built: Dec 6 2018 21:13:53 UTC
Server number: 9.0.14.0
OS Name: Linux
OS Version: 5.4.0-131-generic
Architecture: amd64
JVM Version: 1.8.0_211-b12
JVM Vendor: Oracle Corporation
I do not understand how to update Tomcat to 9.0.31.

Related

Apache upgrade in CentOS 7

This is my current version of Apache:
httpd -V
Server version: Apache/2.4.6 (CentOS)
Server built: Apr 24 2019 13:45:48
Server's Module Magic Number: 20120211:24
Server loaded: APR 1.4.8, APR-UTIL 1.5.2
Compiled using: APR 1.4.8, APR-UTIL 1.5.2
Architecture: 64-bit
Server MPM: prefork
threaded: no
forked: yes (variable process count)
I am using CentOS 7; when I try to update Apache, it says there are no upgrades. I know the latest version is 2.4.39: mine is 2.4.6.
I would recommend looking at RHEL's security backports page. It explains the process RH uses to update version numbers. Basically, even though your httpd -V says 2.4.6, RH may have updated the features and fixed issues from the CVE without updating the version number. Run rpm -q --changelog httpd | grep CVE-yyyy-nnnn, filling in yyyy-nnnn with a recent timestamp from the CVE list, and see if your version has received those updates.
Alternatively, you may not have the latest CentOS version, which may not have the updated list of software. Run yum update to be sure you have the latest version.

Trying to install apache on CentOS7 using Chef

I'm trying to use Chef on CentOS7 and I'm at the beginning ... following the tutorial I0m trying to install apache using this recipe.
package 'apache2' do
action :install
end
service 'apache2' do
action [:enable, :start]
end
file '/var/www/index.html' do
content '<html>
<body>
<h1>Hello world!!</h1>
</body>
</html>'
end
When I try to execute I obtain this error ...
[osboxes#osboxes chef-repo]$ sudo chef-apply hello.rb
Recipe: (chef-apply cookbook)::(chef-apply recipe)
* yum_package[apache2] action install
* No candidate version available for apache2
================================================================================
Error executing action `install` on resource 'yum_package[apache2]'
================================================================================
Chef::Exceptions::Package
-------------------------
No candidate version available for apache2
The same if I use a simpler recipe like this
package 'apache2'
My Chef client workstation installation is the following
[osboxes#osboxes chef-repo]$ chef --version
Chef Development Kit Version: 3.0.36
chef-client version: 14.1.12
delivery version: master (7206afaf4cf29a17d2144bb39c55b7212cfafcc7)
berks version: 7.0.2
kitchen version: 1.21.2
inspec version: 2.1.72
On CentOS / RHEL etc (and on Fedora) the package name for Apache is "httpd".
Alternatively, there is a standard cookbook for installing and configuring Apache2:
https://supermarket.chef.io/cookbooks/apache2
It is fairly sophisticated, and includes recipes for configuring a number of common Apache modules.

Apache MINA - stuck on SSL connection

I am having troubles with Apache MINA core library.
When I deploy my application to a remote server some of the requests are not processed (around 2%). It looks like there might be a problem with SSL.
Log tail: http://pastebin.com/48bwWsjs
When request is not being processed, it is always stuck on the:
org.apache.mina.filter.ssl.SslFilter - Session Server[40](ssl...): Processing the SSL Data
Did something similar happened to any of you?
I tried Apache-mina 2.0.7 and 2.0.16
Env:
bash-4.2$ java -version
java version "1.8.0_111"
Java(TM) SE Runtime Environment (build 1.8.0_111-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.111-b14, mixed mode)
bash-4.2$ uname -a
Linux 8d9ad913fa03 4.4.39-34.54.amzn1.x86_64 #1 SMP Fri Dec 30 19:11:28 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
Thanks any help!

PHP Warning: PHP Startup: Unable to load dynamic library

I am installing the ElastiCache Cluster Client for PHP on Red Hat 7.2 and centos 6.5 Amazon AMI , but issue still same on all.
cat /etc/os-release
NAME="Red Hat Enterprise Linux Server"
VERSION="7.2 (Maipo)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="7.2"
PRETTY_NAME="Red Hat Enterprise Linux Server 7.2 (Maipo)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:7.2:GA:server"
HOME_URL="https://www.redhat.com/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7"
REDHAT_BUGZILLA_PRODUCT_VERSION=7.2
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="7.2"
after install elastcache cluster cleint for php i got this error
php -v
PHP Warning: PHP Startup: Unable to load dynamic library '/etc/php/lib/php/extensions/no-debug-non-zts-20131226/amazon-elasticache-cluster- client.so' - libsasl2.so.2: cannot open shared object file: No such file or directory in Unknown on line 0
PHP 5.6.15 (cli)
i have installed php by compiling/configure.
please let me know how to get out from this error, i tried everything but issue still same.
On some systems, notably CentOS7 and Red Hat Enterprise Linux (RHEL) 7.1, libsasl2.so.3 has replaced libsasl2.so.2. On those systems, when you load the ElastiCache cluster client, it attempts and fails to find and load libsasl2.so.2. To resolve this issue, create a symbolic link to libsasl2.so.3 so that when the client attempts to load libsasl2.so.2, it is redirected to libsasl2.so.3. The following code creates this symbolic link.
cd /usr/lib64
sudo ln libsasl2.so.3 libsasl2.so.2
Source: From AWS documentation http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/Appendix.PHPAutoDiscoverySetup.Installing.html

Can't compile 64bit redis-server

I'm trying to compile the latest stable (2.8.19) version of Redis. Build is successfull as well as all tests, but unexpectedly server runs on 32bit arch.
Log entries:
# Warning: 32 bit instance detected but no memory limit set. Setting 3 GB maxmemory limit with 'noeviction' policy now.
Redis 2.8.19 (00000000/0) 32 bit
Running in stand alone mode
Port: 6582
PID: 2381
Redis-cli INFO display arch_bits:32. Previous instance (version 2.4.6) works well on arch_bits 64, but I don't know which way it was installed.
OS version info:
root:~# uname -a
Linux localhost 2.6.32-5-amd64 #1 SMP Tue Mar 8 22:49:26 UTC 2011 x86_64 GNU/Linux
root:~# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 6.0.1 (squeeze)
Release: 6.0.1
Codename: squeeze
root:~# arch
x86_64
What are the ways to fix this issue and run latest redis as 64bit?
UPD
Despite above commands output, dpkg --print-architecture returns i386 and all packages in system are all or i386. Only redis-server 2.4.*, installed as a package, is strangely ia64.
What can I do in this situation? The server was setup long time ago by another person, and I is still too newbie in Unix.
It seems, my server needs a full migration from 32 to 64-bit architeture.
Current task solved by downloading compiled 64-bit DEB-package and installing it manually.