Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Cloudera 5.16.2: Tomcat upgrade

Labels:
avatar
author-rank CaptainJa
Explorer

Created on ‎02-11-2020 01:17 AM - last edited on ‎02-11-2020 01:39 AM by Community Manager Community Manager

Hello,

 

After running a security tool on our cluster, a report found the tomcat version as outdated and vulnerable to certain threats. We have tried to find ways to upgrade Tomcat on our cluster but are not having any success with it.

 

I realize this is similar to a post https://community.cloudera.com/t5/Support-Questions/Apache-tomcat-compatibility/m-p/159988 which concerns HDP but there are no responses on that post either.

 

Does anyone have some experience with this? If so, I would be grateful for some pointers.

Thanks.

 

Regards,

CaptainJay

2,293 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank GangWar author-rank
Master Guru

Created ‎02-14-2020 05:56 AM

@CaptainJa  The version of Tomcat used in CDH 5.16.2 should not have any vulnerabilities. Could you share the CVE that is reported CDH is vulnerable to?

 

Per the notice [1] independent upgrade of Tomcat is not supported and we are moving towards newer versions in CDH6 => Cloudera Enterprise 6 has replaced Tomcat 6 with Jetty 9 and is not susceptible to Tomcat security issues.

 

LINKS: [1] https://community.cloudera.com/t5/Customer/CDH-5-support-for-Tomcat-6/ta-p/73655


Cheers!
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

View solution in original post

2,250 Views
3 REPLIES 3

avatar
author-rank StevenOD author-rank
Super Collaborator

Created ‎02-11-2020 05:53 AM

Hi @CaptainJa 

 

Are you able to upgrade your environment to CDH 6? In CDH 6 Tomcat is replaced by Jetty. Please take a look at this post:

 

https://blog.cloudera.com/third-party-libraries-in-c6/

 

Regards,

Steve

2,274 Views
0 Kudos

avatar
author-rank CaptainJa
Explorer

Created ‎02-11-2020 09:37 AM

Hello @StevenOD,

 

Thanks for the reply. We have considered this but at the moment, the client requirements limits our usage to 5.16.x

2,267 Views
0 Kudos

avatar
author-rank GangWar author-rank
Master Guru

Created ‎02-14-2020 05:56 AM

@CaptainJa  The version of Tomcat used in CDH 5.16.2 should not have any vulnerabilities. Could you share the CVE that is reported CDH is vulnerable to?

 

Per the notice [1] independent upgrade of Tomcat is not supported and we are moving towards newer versions in CDH6 => Cloudera Enterprise 6 has replaced Tomcat 6 with Jetty 9 and is not susceptible to Tomcat security issues.

 

LINKS: [1] https://community.cloudera.com/t5/Customer/CDH-5-support-for-Tomcat-6/ta-p/73655


Cheers!
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
2,251 Views
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements