How you update Apache Tomcat from 7.0.23 to 7.0.42 to address Apache Tomcat vulnerabilities.

Article Id: 48670
Status: Published
Updated On: 14-02-2018 07:42
Legacy Id: TEC598391
Products:
CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER SUPPORT AUTOMATION- SERVER CA Service Desk Manager - Unified Self Service KNOWLEDGE TOOLS CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager
Issue/Introduction:

Description:

RO58346for Service Desk Manger r12.5 and RO58349 for Service Desk Manager r12.6 provide support for Tomcat 7.0.23. After updating Tomcat to 7.0.23, some security vulnerabilities might be detected during a security scan. Updating to the latest Tomcat 7.0.42 release addresses these security vulnerabilities.

Solution:

Follow these steps to update Apache Tomcat from 7.0.23 to 7.0.42 to address Apache Tomcat vulnerabilities.

  1. Shut down the Service Desk Manager Daemon Service and/or Service Desk Manager Proctor Service on the relevant Service Desk Manager Server (primary and/or secondary).

  2. Download the latest 7.042 Tomcat version from the below location:

    http://archive.apache.org/dist/tomcat/tomcat-7/v7.0.42/bin/apache-tomcat-7.0.42.zip

  3. Unzip apache-tomcat-7.0.42.zip and place files into <drive>:\<install_directory>\CA\SC\tomcat\7.0.42 on Service Desk Manager server.

  4. Make a backup copy of the NX.ENV file located at NX_ROOT Service Desk Manager server.

  5. Using a text editor, modify NX.ENV located in directory NX_ROOT as follows:

    @NX_TOMCAT_INSTALL_DIR=C:\Program Files\CA\SC\tomcat\7.0.42

  6. Backup directory NX_ROOT\bopcfg\www\CATALINA_BASE\conf on Service Desk Manager server.

  7. If CA Advanced Workflow is installed, backup directory NX_ROOT\bopcfg\www\CATALINA_BASE_WF\conf on Service Desk Manager server.

  8. If CA Visualizer is installed, backup directory NX_ROOT\bopcfg\www\CATALINA_BASE_VIZ on Service Desk Manager server.

  9. If CA Support Automation is installed, backup directory NX_ROOT\bopcfg\www\CATALINA_BASE_SA\conf on Service Desk Manager server.

  10. Copy all files in directory <drive>:\<install_directory>\CA\SC\tomcat\7.0.42 to NX_ROOT\bopcfg\www\CATALINA_BASE\conf on Service Desk Manager server.

  11. If CA Advanced Workflow is installed, copy all files in directory <drive>:\<install_directory>\CA\SC\tomcat\7.0.42\conf to NX_ROOT\bopcfg\www\CATALINA_BASE_WF\conf on Service Desk Manager server.

  12. If CA Visualizer is installed, copy all files in directory <drive>:\<install_directory>\CA\SC\tomcat\7.0.42\conf to NX_ROOT\bopcfg\www\CATALINA_BASE_VIZ\conf on Service Desk Manager server.

  13. If CA Support Automation is installed, copy all files in directory <drive>:\<install_directory>\CA\SC\tomcat\7.0.42\conf to NX_ROOT\bopcfg\www\CATALINA_BASE_SA\conf on Service Desk Manager server.

  14. Verify that the SERVER.XML file located in directory NX_ROOT\bopcfg\www\CATALINA_BASE\conf has the same startup (connector)and shutdown ports as defined in the original SERVER.XML file.

    Note: There have been changes to Tomcat 7 that may not allow you to copy the values directly into the new server.xml from the old Tomcat version of the SERVER.XML file. It is recommended that any changes be made manually to the new SERVER.XML file to prevent any possible problem.

  15. Verify that the CATALINA.PROPERTIES file located in directory NX_ROOT\bopcfg\www\CATALINA_BASE\conf has the same shared.loader as defined in the original CATALINA.PROPERTIES file.

  16. If CA Advanced Workflow is installed, verify that the SERVER.XML file located in directory NX_ROOT\bopcfg\www\CATALINA_BASE_WF\conf has the same startup (connector) and shutdown ports as defined in the original SERVER.XML file.

    Note: There have been changes to Tomcat 7 that may not allow you to copy the values directly into the new server.xml from the old Tomcat version of the server.xml file. It is recommended that any changes be made manually to the new server.xml file to prevent any possible problem.

  17. If CA Advanced Workflow is installed, verify that the CATALINA.PROPERTIES file located in directory NX_ROOT\bopcfg\www\CATALINA_BASE_WF\conf has the same shared.loader as defined in the original

    CATALINA.PROPERTIES file.

  18. If CA Visualizer is installed, verify that the SERVER.XML file located in directory NX_ROOT\bopcfg\www\CATALINA_BASE_VIZ\conf has the same startup (connector) and shutdown ports as defined in the original SERVER.XML file.

    Note: There have been changes to Tomcat 7 that may not allow you to copy the values directly into the new server.xml from the old Tomcat version of the server.xml file. It is recommended that any changes be made manually to the new server.xml file to prevent any possible problem.

  19. If CA Visualizer is installed, verify that the CATALINA.PROPERTIES file located in directory NX_ROOT\bopcfg\www\CATALINA_BASE_VIZ \confhas the same shared.loader as defined in the original CATALINA.PROPERTIES file.

  20. If CA Support Automation is installed, verify that the SERVER.XML file located in directory NX_ROOT\bopcfg\www\CATALINA_BASE_SA\conf has the same startup (connector) and shutdown ports as defined in the original SERVER.XML file.

    Note: There have been changes to Tomcat 7 that may not allow you to copy the values directly into the new server.xml from the old Tomcat version of the server.xml file. It is recommended that any changes be made manually to the new server.xml file to prevent any possible problem.

  21. If CA Support Automation is installed, verify that the CATALINA.PROPERTIES file located in directory NX_ROOT\bopcfg\ www\CATALINA_BASE_SA\conf has the same shared.loader as defined in the original CATALINA.PROPERTIES file.

  22. Download the following Apache Common Logging JAR file from the following location:
    http://mirror.reverse.net/pub/apache//commons/logging/binaries/commons-logging-1.1.3-bin.zip

  23. Unzip the commons-logging-1.1.3-bin.zip file and place files into <drive>:\<install_directory>\CA\SC\tomcat\7.0.42\lib

  24. Copy the following files located in <drive>:\<install_directory>\CA\SC\tomcat\7.0.23\lib
    log4j-1.2.8.jar
    jsafeJCEFIPS.jar
    epdc2.jar
    commons-pool-1.1.jar
    commons-dpcp-1.1.jar
    commons-collections.jar
    commons-codec-1.3.jar
    ca-common-crypto.jar
    mail.jar
    to <drive>:\<install_directory>\CA\SC\tomcat\7.0.42\ lib

  25. Modify CONFIG.PROPERTIES located in directory NX_ROOT\SITE as follows:

    web.tomcat_home=<drive>\:\\<install_directory>\\CA\\SC\\tomcat\\7.0.42
    web.tomcat.service_name=Apache Tomcat 7.0
    web.tomcat.version=7.0.42

  26. For CA Advanced Workflow, copy the PM.XML and WL.XML files from the backup of the NX_ROOT\bopcfg\www\CATALINA_BASE_WF\conf directory created in Step #7 to

    NX_ROOT\bopcfg\www\CATALINA_BASE_WF\conf\Catalina\localhost

    Note: If this step is not performed then the applications will not deploy properly when Tomcat is started.

  27. Start Service Desk Manager service.

Environment:

Release:
Component: ARGIS