-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nitin,
On 2/21/19 07:47, Nitin Kadam wrote: > FOr backup - I will be taking Snapshot backup before doing the > upgrade but also going to take folder backup from C: programme > Files /Apache Tomcat folder. > > I am continuously getting emails from the internal security team > for upgrading the version 7.0.79 to the latest version need to > figure out this ASAP Upgrading from 7.0.79 to 7.0.92 should not be too risky. Upgrading from 7.0.79 (or 7.0.92) up to 8.5.x will absolutely require you to test it in another environment before upgrading. There are a few small things that changed which may significantly affect you. I'm specifically thinking about the stricter Cookie-parsing that was introduced in Tomcat 8.5 which may break some of your application's cookies. (Specifically, ones that are not properly-quoted and/or use non-ASCII names and values). If you have Cookie-related problems, my recommendation is that you modify your application to encode cookie values in a way that guarantees ASCII-only values. Options include base32/64 encoding, etc. > Apps are hosted in Web apps folders and there are few D3 apps which > connected with SQL for database This should be no problem. For your 7.0.x -> 8.5.x upgrade, I highly recommend that you start using split CATALINA_HOME and CATALINA_BASE directories. It makes "trying" a new version of Tomcat much less painful. Hope that helps, - -chris > On Wed, Feb 20, 2019 at 9:45 PM John Dale <jcdw...@gmail.com> > wrote: > >> Without all of those early adopters to take the flack, we'd never >> know where the enemy bases are .. or something like that. ;) >> >> I'm just very glad we have OpenJDK and that my code is very >> simple. >> >> Java 12 .. Uff da! >> >> >> >> On 2/20/19, Christopher Schultz <ch...@christopherschultz.net> >> wrote: > John, > > On 2/20/19 10:58, John Dale wrote: >>>>> Points taken .. I have a great deal from my cloud provider >>>>> on a wheezy instance, so I have to see if I can negotiate >>>>> to keep my rate. I do a lot of custom MVC and security >>>>> checks so things are nice and tight and I haven't been >>>>> hacked even though I get several thousand attempts a day >>>>> mostly from China and Iran. I'm also kicking around >>>>> whether to use James or keep using postfix for email. With >>>>> an upgrade to Java 8 I can use the latest james release so >>>>> I'll look into that. >>>>> >>>>> I've been struggling to find a nice block of time for a >>>>> full regression test. It's funny .. I was working for a >>>>> bank a couple of years back that was still on Java 1.6 and >>>>> that's the way they liked it. :) >>>>> >>>>> Did you see the road map for Java 10? Seems like we're >>>>> moving a little too fast sometimes .. > > Java 10's dead, baby. > > Java 11 will be a long-term-service release. Java 12 is already > available for pre-release. > > The biggest step is from 8 -> 9/10/11. Once you are over that, it > will be much better for everyone. > > I don't want to have to wait 10 years to get new stuff like TLS > 1.3 support or the forthcoming HTTP/3, so I'm happy with the > shorter development cycles Oracle has switched-over to. > > -chris > >>>>> On 2/20/19, Christopher Schultz >>>>> <ch...@christopherschultz.net> wrote: John, >>>>> >>>>> On 2/20/19 09:11, John Dale wrote: >>>>>>>> I'm thinking about migrating to 8 soon myself. Maybe >>>>>>>> I'll use this as an opportunity to get started on >>>>>>>> that .. but I think the last time I checked, OpenJDK >>>>>>>> 7 was supported on Wheezy, so I'm thinking I have >>>>>>>> more to do than just upgrade tomcat in my scenario. >>>>> >>>>> Yes. Wheezy is essentially unsupported and I would drop >>>>> everything and upgrade to at least Jessie like right now if >>>>> I were you. Stretch isn't much more work and you'll be good >>>>> for a few years on that. >>>>> >>>>> Stretch has OpenJDK 8 packages. Current version is >>>>> 1.8.0_181. >>>>> >>>>> Jessie looks like it only has OpenJDK 7 packages. I didn't >>>>> check the backports. >>>>> >>>>>>>> I'll need to update linux, Java, tomcat, then finally >>>>>>>> my apps. But I'm pretty CDO (that's like OCD, but >>>>>>>> alphabetical) about the platform independence of my >>>>>>>> apps, so that's going to be straightforward. >>>>> Make sure you don't waste time upgrading from Tomcat 7 to >>>>> Tomcat 8. Go directly to Tomcat 8.5, since 8.0 is no longer >>>>> supported. >>>>> >>>>> -chris >>>>> >>>>>>>> On 2/20/19, Nitin Kadam <nitinkadam1...@gmail.com> >>>>>>>> wrote: >>>>>>>>> Thanks John for reply.. >>>>>>>>> >>>>>>>>> is there any documentation walkthrough for this >>>>>>>>> upgrade available? i am new to Tomcat and doing >>>>>>>>> this 1st time, It will be great help if anyone >>>>>>>>> provide same. >>>>>>>>> >>>>>>>>> On Wed, Feb 20, 2019 at 6:49 PM Olaf Kock >>>>>>>>> <tom...@olafkock.de> wrote: >>>>>>>>> >>>>>>>>>> >>>>>>>>>> On 20.02.19 13:57, Nitin Kadam wrote: >>>>>>>>>>> Hello Team, >>>>>>>>>>> >>>>>>>>>>> Can you please guide how we can migrate >>>>>>>>>>> seamlessly from Tomcat apache 7.0.79 to 7.0.92 >>>>>>>>>>> or any latest version that 8.x or 9.x ( Windows >>>>>>>>>>> 2012 R2 server)escr >>>>>>>>>> >>>>>>>>>> 7.0 to 8.0: >>>>>>>>>> https://tomcat.apache.org/migration-8.html >>>>>>>>>> >>>>>>>>>> 8.0 to 8.5: >>>>>>>>>> https://tomcat.apache.org/migration-85.html >>>>>>>>>> >>>>>>>>>> 8.x to 9.0: >>>>>>>>>> https://tomcat.apache.org/migration-9.html >>>>>>>>>> >>>>>>>>>>> the current environment is configured with SSL >>>>>>>>>>> certificate ( SSL 443) >>>>>>>>>> .jks >>>>>>>>>>> store and needs to upgrade same due to >>>>>>>>>>> security vulnerability detected by Qualys >>>>>>>>>>> scanner. >>>>>>>>>> >>>>>>>>>> The documents have TLS documentation chapters. If >>>>>>>>>> you run into specific problems, describe them >>>>>>>>>> here. >>>>>>>>>> >>>>>>>>>> Olaf >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> ------------------------------------------------------------- - ---- > >>>>>>>>>> - --- >>>>> >>>>>>>>>> > - >>>>>>>>>> >>>>>>>>>> >>>>> To unsubscribe, e-mail: >>>>> users-unsubscr...@tomcat.apache.org >>>>>>>>>> For additional commands, e-mail: >>>>>>>>>> users-h...@tomcat.apache.org >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> -- Regards Nitin Kadam (9967688959) >>>>>>>>> >>>>>>>> >>>>>>>> --------------------------------------------------------------- - ---- >>> >>> >>>>>>>> - --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For >>> additional commands, e-mail: users-h...@tomcat.apache.org >>> >>> >> >> --------------------------------------------------------------------- >> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlxusngACgkQHPApP6U8 pFgE5Q//TQy2bJoayS6ygBWXpT7iSxxhxDw93QC2AEfDb/Z9OVFeQS47FcVvBF0I t5pcUsulrlf1n7Xn/2ayMAuXN0F/TdxISBQjvCgsIOAO4mj9VdgNbcrAhNohjzCz uqPuE9tda3044/7zM2SQmmJYWguOM+SyPG6/wJrhhhqtm0d+o+VsaVTcXrF9LWJO +77NBKnwT0/OR7TJI4IJz40J8+ygfhCM2JyW3p5im0nEEE+T2riNDb+Rk/rFj8iD 30KIjP5vwyRCphSNPPokcLvJsDkzEED4Kto+++eEVhd6JLoi63B5gBAbMcHkamgJ QXGfRat/MQ4CrxU2KUxZ4fvALcnhZQ3WEpXaORQxnruDF3h7hT5Xf2FXEmNq//EJ qr/uOaFCFMBjiA9r4ifkuxNrazYgiG6SGPPNYoDXmmJG300cOOTM45znqonWv3uO Sdz2MqLsNuLlCQ/Zc4Zya3etgNV6IEs3fTx5oVNUF8CIsLoMFisU8AQLUIBmBaT8 iUtvRMd9vTHCFXTjTnfrAYXrqbsnMMNDcoH2RpOOW6BVnMZIysU0WjNtgsFgeS0K 4/opHu5sOrIO1MT0RfdC6oUtXGFyNS74y0Puy6o9owwb5xwc9M6zY3Ch1gfAVTKy 4jkio8l8T4vjKAnEpbaUITpvRKKajJx+S/0YFm0UScZ+6A68Jx0= =IJiN -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
