We have just installed Jaspersoft 7.2 and the patch level of the Tomcat delivered in the install media is coming up with a security vulnerability in our agency's security scanning software.  We need to patch the tomcat delivered with Jaspersoft.  How to do this?

Release : 17.3

Component : JASPERSOFT REPORTS FOR SERVICE MANAGEMENT

1. install the new Tomcat version you want to use on the server. Do not start services

2. Stop original tomcat

3. Copy jasperserver-pro folder from source tomcat (apache-tomcat\webapps\jasperserver-pro) to \webapps\ of the new tomcat version

4. Copy mariadb-java-client-1.6.3.jar and postgresql-9.4-1210.jdbc41.jar from source tomcat in apache-tomcat\lib to new tomcat. Example: Tomcat 8.5\lib

5. Go to the new tomcat folder\bin (example: \Tomcat 8.5_Tomcat84\bin) > open Tomcat84w.exe > Java tab:

Add the following to Java Options:

-Djs.license.directory=<path to jasperserver.license>

Example:

-Djs.license.directory=C:\Jaspersoft\jasperreports-server-7.2.0

6. Change:

Initial memory pool to 1024

max memory pool to 2048

Thread stack size: 2000

Click Apply

7. Restart database services

8. Start Windows Service for the new tomcat.