> From: Barrera, Maribel [mailto:maribel.barr...@travelport.com] > Subject: FW: how to apply fixes for various identified vulnerabilities
> We are using Tomcat 4.1.24 Which is over 8.5 years old... > McAfee has identified several vulnerabilities. I bet it has. > How do I build these source codes and replace the classes in the > tomcat files that are currently installed in the system ? First off, Tomcat 4 hasn't been supported in years, so there are likely dozens of additional vulnerabilities that will _never_ be fixed in that version. Trying to stay safe on Tomcat 4 is a pointless exercise. You really, really, really need to upgrade to a supported level; since you really, really, really need to upgrade, you might as well move to the current 7.0.x version. There are a few configuration differences between Tomcat 4 and Tomcat 7, so you must read the docs for 7 when setting it up. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org