Processed: Re: Bug#959937: tomcat9: update to tomcat9:amd64 9.0.31-1~deb10u1 breaks application
Processing control commands: > severity -1 normal Bug #959937 [tomcat9] tomcat9: update to tomcat9:amd64 9.0.31-1~deb10u1 breaks application Severity set to 'normal' from 'grave' -- 959937: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959937 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#959937: tomcat9: update to tomcat9:amd64 9.0.31-1~deb10u1 breaks application
Control: severity -1 normal Am 07.05.20 um 17:58 schrieb Michael Meier: [...] > The application doesn't use ajp. > > The sense of using unattended-upgrades and debian stable (no breaking > changes on updates) is not to read each security announcement in before. > > I'm not working in an area, where anybody would (be able to) pay for that. It is not feasible to detect any possible incompatibility beforehand because it heavily depends on the apps in use. Debian stable updates work 99% of the time without major issues but there will never be a 100% success rate because some problems are unrelated or simply not under Debian control. Setting up a test server before deploying updates to a production environment is the way to go here. >> If that does not solve your problem, then we need more information about >> your setup and configuration to debug the problem but note that we ship >> the latest upstream version basically unmodified, so this would be most >> likely an upstream bug. > > I could trace it back to the zk library used: > > https://bz.apache.org/bugzilla/show_bug.cgi?id=64097 > > https://tracker.zkoss.org/browse/ZK-4510 > > That seems to be a really really weird bug. If I understand it > correctly, it's the fault of zk, but I'm not 100% sure. > > Anyway, as it seems if I manage to update the project to the new zk > major version, it's supposed to work again. Ok, as I previously thought, it is an upstream bug but not in Tomcat itself but in el-api. Updating the zk library for your app might resolve the issue. I wonder if we need to upgrade src:el-api in Debian too. I think it is best when Emmanuel Bourg chimes in here. Regards, Markus signature.asc Description: OpenPGP digital signature
Bug#959937: tomcat9: update to tomcat9:amd64 9.0.31-1~deb10u1 breaks application
On 07.05.20 06:31, Markus Koschany wrote: Am 07.05.20 um 10:04 schrieb Michael Meier: Package: tomcat9 Version: 9.0.16-4 Severity: grave Justification: renders package unusable I've just been called out of bed. As it seems unattended-upgrades upgraded on a debian buster server from:9.0.16-4 to 9.0.31-1~deb10u1 One of the installed webapps throws following error when trying to use it: [https-openssl-nio-8443-exec-13] ERROR org.zkoss.zk.ui.metainfo.Property - Failed to assign [value=${i18n:rt('Benutzername')}] to Unable to find ExpressionFactory of type: # Licensed to the Apache Software Foundation (ASF) under one or more Downgrading to 9.0.16-4 solves the issue. Have you read the changelog or the Debian security announcement before upgrading Tomcat 9 ? Does your application require the AJP protocol to work? Then you probably need to slightly change your Tomcat configuration. For more information please also refer to the official documentation at https://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html The application doesn't use ajp. The sense of using unattended-upgrades and debian stable (no breaking changes on updates) is not to read each security announcement in before. I'm not working in an area, where anybody would (be able to) pay for that. If that does not solve your problem, then we need more information about your setup and configuration to debug the problem but note that we ship the latest upstream version basically unmodified, so this would be most likely an upstream bug. I could trace it back to the zk library used: https://bz.apache.org/bugzilla/show_bug.cgi?id=64097 https://tracker.zkoss.org/browse/ZK-4510 That seems to be a really really weird bug. If I understand it correctly, it's the fault of zk, but I'm not 100% sure. Anyway, as it seems if I manage to update the project to the new zk major version, it's supposed to work again.
Bug#959937: tomcat9: update to tomcat9:amd64 9.0.31-1~deb10u1 breaks application
Am 07.05.20 um 10:04 schrieb Michael Meier: > Package: tomcat9 > Version: 9.0.16-4 > Severity: grave > Justification: renders package unusable > > I've just been called out of bed. > As it seems unattended-upgrades upgraded on a debian buster server > from:9.0.16-4 to 9.0.31-1~deb10u1 > One of the installed webapps throws following error when trying to use it: > > [https-openssl-nio-8443-exec-13] ERROR org.zkoss.zk.ui.metainfo.Property - > Failed to assign [value=${i18n:rt('Benutzername')}] to > Unable to find ExpressionFactory of type: # Licensed to the Apache Software > Foundation (ASF) under one or more > > Downgrading to 9.0.16-4 solves the issue. Have you read the changelog or the Debian security announcement before upgrading Tomcat 9 ? Does your application require the AJP protocol to work? Then you probably need to slightly change your Tomcat configuration. For more information please also refer to the official documentation at https://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html If that does not solve your problem, then we need more information about your setup and configuration to debug the problem but note that we ship the latest upstream version basically unmodified, so this would be most likely an upstream bug. Regards, Markus Koschany signature.asc Description: OpenPGP digital signature
Bug#959937: tomcat9: update to tomcat9:amd64 9.0.31-1~deb10u1 breaks application
Package: tomcat9 Version: 9.0.16-4 Severity: grave Justification: renders package unusable I've just been called out of bed. As it seems unattended-upgrades upgraded on a debian buster server from:9.0.16-4 to 9.0.31-1~deb10u1 One of the installed webapps throws following error when trying to use it: [https-openssl-nio-8443-exec-13] ERROR org.zkoss.zk.ui.metainfo.Property - Failed to assign [value=${i18n:rt('Benutzername')}] to Unable to find ExpressionFactory of type: # Licensed to the Apache Software Foundation (ASF) under one or more Downgrading to 9.0.16-4 solves the issue. -- System Information: Debian Release: 10.3 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates'), (400, 'testing'), (300, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 5.5.0-2-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_USER, TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tomcat9 depends on: ii lsb-base10.2019051400 ii systemd 245.5-2~bpo10+1 ii tomcat9-common 9.0.16-4 ii ucf 3.0038+nmu1 Versions of packages tomcat9 recommends: pn libtcnative-1 Versions of packages tomcat9 suggests: pn tomcat9-admin pn tomcat9-docs pn tomcat9-examples pn tomcat9-user -- no debconf information