Hi,
i changed maxHttpHeaderSize in server.xml following the recommendation in
CVE-2016-3092.
I changed it to 2048 bytes.
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" maxHttpHeaderSize="2048" />
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" maxHttpHeaderSize="2048" />
After restart of the server i got several errors in catalina.log:
Jun 22, 2016 1:38:01 PM org.apache.catalina.loader.WebappClassLoader
clearReferencesJdbc
SEVERE: The web application [/MouseIDGenes] registered the JDBC driver
[org.postgresql.Driver] but failed to unregister it when the web application
was stopped. To prevent a memory leak, the JDBC Driver has been forcibly
unregistered.
Jun 22, 2016 1:38:01 PM org.apache.coyote.http11.Http11Protocol destroy
...
Jun 22, 2016 1:38:07 PM org.apache.catalina.loader.WebappLoader start
SEVERE: LifecycleException
java.io.IOException: Failed to access resource /WEB-INF/lib/[taglibs-core].jar
at
org.apache.catalina.loader.WebappLoader.setRepositories(WebappLoader.java:1052)
at org.apache.catalina.loader.WebappLoader.start(WebappLoader.java:683)
at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4609)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:803)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:780)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:583)
at
org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1080)
at
org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:1003)
at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:507)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1322)
at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:325)
at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:142)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1069)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:822)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1061)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)
at
org.apache.catalina.core.StandardService.start(StandardService.java:525)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:759)
at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
at java.lang.reflect.Method.invoke(Method.java:620)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: javax.naming.NamingException: Resource [taglibs-core].jar not found
at
org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:209)
at
org.apache.catalina.loader.WebappLoader.setRepositories(WebappLoader.java:1050)
... 24 more
...
Jun 22, 2016 1:38:07 PM org.apache.catalina.core.ContainerBase addChildInternal
SEVERE: ContainerBase.addChild: start:
LifecycleException: start: : java.io.IOException: Failed to access resource
/WEB-INF/lib/[taglibs-core].jar
at org.apache.catalina.loader.WebappLoader.start(WebappLoader.java:709)
at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4609)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:803)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:780)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:583)
at
org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1080)
at
org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:1003)
at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:507)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1322)
at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:325)
at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:142)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1069)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:822)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1061)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)
at
org.apache.catalina.core.StandardService.start(StandardService.java:525)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:759)
at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
at java.lang.reflect.Method.invoke(Method.java:620)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
...
Jun 22, 2016 1:38:07 PM org.apache.catalina.startup.HostConfig deployDirectory
SEVERE: Error deploying web application directory examples
java.lang.IllegalStateException: ContainerBase.addChild: start:
LifecycleException: start: : java.io.IOException: Failed to access resource
/WEB-INF/lib/[taglibs-core].jar
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:807)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:780)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:583)
at
org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1080)
at
org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:1003)
at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:507)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1322)
at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:325)
at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:142)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1069)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:822)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1061)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)
at
org.apache.catalina.core.StandardService.start(StandardService.java:525)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:759)
at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
at java.lang.reflect.Method.invoke(Method.java:620)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
I'm pretty new to tomcat. Does anybody have an idea ?
It's tomcat6-6.0.45-0.50.1 on a SLES 11 SP4 64bit.
Thanks.
Bernd
--
Bernd Lentes
Systemadministration
institute of developmental genetics
Gebäude 35.34 - Raum 208
HelmholtzZentrum München
bernd.len...@helmholtz-muenchen.de
phone: +49 (0)89 3187 1241
fax: +49 (0)89 3187 2294
Wer glaubt das Projektleiter Projekte leiten
der glaubt auch das Zitronenfalter
Zitronen falten
Helmholtz Zentrum Muenchen
Deutsches Forschungszentrum fuer Gesundheit und Umwelt (GmbH)
Ingolstaedter Landstr. 1
85764 Neuherberg
www.helmholtz-muenchen.de
Aufsichtsratsvorsitzende: MinDir'in Baerbel Brumme-Bothe
Geschaeftsfuehrer: Prof. Dr. Guenther Wess, Dr. Alfons Enhsen, Renate Schlusen
(komm.)
Registergericht: Amtsgericht Muenchen HRB 6466
USt-IdNr: DE 129521671
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
