In order to fix the Heartbleed vulnerability a new release of the tomcat java native libraries is being created. Will this release work with older versions of Tomcat 7 such as 7.0.29, or will this possibly cause problems with code running on the system? Would it be better to just update the whole stack at once?
Asked
Active
Viewed 637 times
1 Answers
0
I've tested with 7.0.45 and it worked just fine. All you need to do is replace the tcnative-1.dll from /bin folder and restart the tomcat service. catalina log file shall print the new OpenSSL version loaded by APR while initialization. Make sure this version string is different from earlier.
I think this works for 7.0.x version without any issues. Post restart if you webapp is just running fine, implies this dll is working for your tomcat version.
Balaji Katika
- 146
- 1