Updating Apache Tomcat

Updating to the latest supported Apache Tomcat version ensures you have the newest features, performance improvements, and security fixes.

This procedure addresses vulnerabilities reported on any of these ports and directories:

15080
15081
15090
15443
15453
/opt/infoprint/ippd/ws
/opt/infoprint/ippd/ws_new
/opt/infoprint/ippd/ws_old
/opt/infoprint/ippd/fmgrws
/opt/infoprint/ippd/fmgrws_new
/opt/infoprint/ippd/fmgrws_old
/opt/infoprint/ippd/pc/ws

Follow the steps to install Product Update and then the Tomcat update package.

Important:

Take a snapshot or backup of the RICOH ProcessDirector system to avoid data loss.
Verify that antivirus or other security software that locks and scans files is still disabled on the RICOH ProcessDirector system.
RICOH ProcessDirector installs Apache Tomcat to be used by the base product. Other features install additional instances of Apache Tomcat. This procedure leads you through the steps to update the version of Tomcat used by Ricoh PDF, Custom PDF, and TASKalfa printers by installing the Product Update. Then, it helps you update the version of Apache Tomcat that is installed with the base product.

To update Apache Tomcat:

Install the Product Update feature. See Downloading and installing update packages.
Installing the Product Update feature addresses the vulnerabilities reported on port 15081 and the /opt/infoprint/ippd/pc/ws directory.
Log in to the primary computer as the system user (aiw1 is the default).
Source the RICOH ProcessDirector system environment variables to the root session:

source /opt/infoprint/ippd/base/config/ippdprofile
To verify the current version of Apache Tomcat, go to the /opt/infoprint/ippd/ws directory, assuming /opt/infoprint/ippd is the installation path, and open the Tomcat RELEASE-NOTES file.
Copy the updateTomcat.zip package that you downloaded from the RICOH Software website to a temporary location on the primary computer. For example, you can use the /aiw/aiw1/tmp directory.
To generate the MD5 checksum of the package, enter:

md5sum /aiw/aiw1/tmp/updateTomcat.zip

Compare the result with the value provided on the RICOH Software website. If the values do not match, download the package again.
Unpack the updateTomcat.zip package to the temporary folder.

Stop all RICOH ProcessDirector processes:
stopaiw -a
Note:
- To make sure that the RICOH ProcessDirector Java processes are stopped, enter:
  ps -ef | grep java
If the RICOH ProcessDirector Java processes are stopped, you see only the Java processes that are not related to RICOH ProcessDirector.
- If any secondary or application servers are running on remote systems, make sure to shut down the RICOH ProcessDirector processes on the remote systems too.
Change directories to the location where you unpacked the update file. If you unpacked the file into /aiw/aiw1/tmp, type:

cd /aiw/aiw1/tmp/updateTomcat
Type: updateTomcat.sh to install the update.
Review the output for any warnings or errors. If the output is correct, make sure all files are correctly loaded by typing:
installPDUpdate.pl fix
- Installing the Tomcat update addresses vulnerabilities reported on any of these ports and directories:
  - 15080
  - 15090
  - 15443
  - 15453
  - /opt/infoprint/ippd/ws
  - /opt/infoprint/ippd/ws_new
  - /opt/infoprint/ippd/fmgrws
  - /opt/infoprint/ippd/fmgrws_new
To verify that the system is running correctly, log in to RICOH ProcessDirector.
Click Administration ⇒ Utilities ⇒ Features and verify that the page opens correctly.
Close the Feature Manager page.
If the user interface and the Feature Manager load correctly, look in /opt/infoprint/ippd and verify that these directories exist:
- /opt/infoprint/ippd/ws
- /opt/infoprint/ippd/fmgrws
If they exist, delete these directories:
- /opt/infoprint/ippd/ws_old
- /opt/infoprint/ippd/fmgrws_old

Note:

If you had to stop any secondary or application servers on remote systems in step , restart the RICOH ProcessDirector processes on the remote systems too.

RICOH ProcessDirector™ for Linux

Updating Apache Tomcat

Related information: