I tried updating Tomcat and JRE on a SOI Manager.
For the tomcat update I used the provided tomcat folder from Broadcom and replaced the existing files.

For the JRE update I had a look at:
https://knowledge.broadcom.com/external/article/228521/steps-to-manually-upgrade-soi-jre.html

I downloaded the current JRE version JRE_8u362-b09 (x86-32 and x64) and replaced the existing files.

After starting the SOI services I get encryption/decryption errors and it seems that the samuser password is invalid.
As I have no idea how the samuser password could have changed during this update I assume this has something todo with the encryption/decryption errors.

e.g.:

EventManagement_wrapper.log:
[WrapperSimpleAppMain] ERROR com.ca.sam.util.Encryptor - Error occurred while setting role. Encryption/decryption may not succeed. The provider self-integrity check failed.
...
com.ca.sam.ifw.api.exceptions.MsgBusConnectionFailureException: User name [samuser] or password is invalid.

wso2registry_wrapper.log:
ERROR StatusLogger Log4j2 could not find a logging implementation. Please add log4j-core to the classpath. Using SimpleLogger to log to the console...
ERROR EncryptionUtil Error occurred. Encryption/decryption may not succeed. The provider self-integrity check failed.

ssa_IFW.log:
ERROR  [WrapperStartStopAppMain] util.Encryptor - Error occurred while setting role. Encryption/decryption may not succeed. The provider self-integrity check failed..
ERROR  [WrapperStartStopAppMain] util.Encryptor - Error occurred while setting role. Encryption/decryption may not succeed. Crypto-J has entered an inoperable state, an internal FIPS 140 self-verification test has failed.

soimgr-debug.log:
ERROR [ServletInit] util.Encryptor$1.run(157) [] - Error occurred while setting role. Encryption/decryption may not succeed. The provider self-integrity check failed.
INFO  [ServletInit] ?.() [] - ServerConfig Unable to decrypt password
java.security.NoSuchProviderException: No such provider: JsafeJCE

CA SOI 4.2 CU4

There are some updates with OpenJDK 8.0.362 which is causing the issue.

You need update java security policy files by ollow the below steps.

Stop all the SOI services.

Open and edit the java.security configuration file from the below .

         CA\SOI\jre-64\lib\security\java.security

         CA\SOI\jre-32\lib\security\java.security

         CA\SOI\jre\lib\security\java.security

    3. Search ‘jdk.jar.disabledAlgorithms’ and replace the jdk.jar.disabledAlgorithms with below (line-674) for all the above files (jre,jre-32 and jre-64).

jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \

DSA keySize < 1024, \

include jdk.disabled.namedCurves

     4. Start all the SOI services.