Updating Java on Servers
Dear all,
with all the recent security vulnerabilities in Java on Desktop Computers I wonder if these also require updating Java/JDK on servers running Tomcat, JBoss or other Java-based applications?
I have tried Google but couldn't find anything related. On one forum I found a heated debate on wether this is necessary but with no summary or result.
Thanks for you answers!
with all the recent security vulnerabilities in Java on Desktop Computers I wonder if these also require updating Java/JDK on servers running Tomcat, JBoss or other Java-based applications?
I have tried Google but couldn't find anything related. On one forum I found a heated debate on wether this is necessary but with no summary or result.
Thanks for you answers!
Working on CCNP: [X] SWITCH --- [ ] ROUTE --- [ ] TSHOOT
Goal for 2014: RHCA
Goal for 2015: CCDP
Goal for 2014: RHCA
Goal for 2015: CCDP
Comments
-
lordy
Member Posts: 632 ■■■■□□□□□□
Ok, the guys at OWASP seem to suggest running the latest JRE/JDK:
https://www.owasp.org/index.php/Securing_tomcatWorking on CCNP: [X] SWITCH --- [ ] ROUTE --- [ ] TSHOOT
Goal for 2014: RHCA
Goal for 2015: CCDP -
RobertKaucher
Member Posts: 4,299 ■■■■■■■■■■
These vulnerabilities are only an issue for machines where Java is allowed to execute in the browser. You should always run the latest version that is compatible with your application, but if you are not surfing the web with the Java browser plugin enabled on the server your chances of being hit by one of these recent exploits is exactly 0. -
ajs1976
Member Posts: 1,945 ■■■■□□□□□□
you need to be careful when updating Java on servers running some version of Citrix Xenapp. some of the management tools for the older versions would break since they are built on Java.Andy
2020 Goals: 0 of 2 courses complete, 0 of 2 exams complete