Marcelo Carvalho via FreeIPA-users wrote: > Hi everyone. > > We are running FreeIPA version: > > VERSION: 4.10.1, API_VERSION: 2.251 > > Tomcat showing running is: > > [root@corp-freeipa-01 tomcat]# java -cp catalina.jar > org.apache.catalina.util.ServerInfo > Server version: Apache Tomcat/9.0.50 > Server built: Jan 8 1970 23:12:05 UTC > Server number: 9.0.50.0 > OS Name: Linux > OS Version: 5.14.0-284.30.1.el9_2.x86_64 > Architecture: amd64 > JVM Version: 11.0.20+8-LTS > JVM Vendor: Red Hat, Inc. > > Host is a RHEL 9.2 with OS recently updated. > > The Tomcat version is showing in our Security scan as outdated. > > Is there a way to only update Tomcat or should I update FreeIPA using...... > > # ipa-ldap-updater --upgrade > # ipa-upgradeconfig > > ..... and expect the Tomcat gets updated? > > Please advise.
You're assuming we know which vulnerability you're referring to. A full rebase in RHEL is not common for some packages. Instead they are more often discretely patched as needed. Scanners that check for issues based solely on version in RHEL should be taken with a grain of salt. rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue