Incarion Posted May 4, 2021 Share Posted May 4, 2021 Greetings! If by chance my question has already been attended in older versions, plase point me to it; Im fairly new to using Jasper Reports Server.-------------I recently installed JasperReportsServer 7.8 (TIB_js-jrs-cp_7.8.0_win_x86_64.exe) on a server that's constantly being scanned for vulnerabilities. This scan detected that Apache Tomcat versions 8.5.XX under 8.5.60 are affected by multiple vulnerabilities. The bundled version is 8.5.57.Vulnerabilities: a) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122 b) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527 I was wondering IF there is a known and documented way to upgrade Apache Tomcat, independent from JasperReportsServer application, so that I can instruct my IT team on how to perform this installation and clear this security risk.I ask, rather than just going ahead and trying force it, because several technologies are bundled together (Postgresql, Apache Tomcat 8.5.57, Jasper Resports Server 7.8 + its library dependencies in classpath) and I want to make sure there are no known compatibility issues.Any guidance is greatly appreciated. Link to comment Share on other sites More sharing options...
rmeadows Posted August 25, 2021 Share Posted August 25, 2021 You should be able to install tomcat and just copy over your jasperserver war file. Yo uwill of course need to configure any tomcat level configuration you may have like SSL, etc.The war file has the jndi connection information built into it and is built against a particualar database dialect during install.Thanks. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now