How to manually upgrade to Tomcat v9.0.102 in Managed File Transfer Command Center and Internet Server
Article ID: KB0137254
Updated On:
| Products | Versions |
|---|---|
| TIBCO Managed File Transfer Command Center | 8.4.x, 8.5.x, 8.6.x |
| TIBCO Managed File Transfer Internet Server | 8.4.x, 8.5.x, 8.6.x |
Description
Several security vulnerabilities have recently been reported for Tomcat releases below v9.0.102, including:
CVE-2025-24813
CVE-2024-56337
CVE-2024-54677
CVE-2024-54677
CVE-2024-52316
CVE-2024-50379
CVE-2024-50379
MFT Command Center and Internet Server are not vulnerable to the above CVEs. However, some customers have requested an updated Tomcat release.
Below is the procedure to upgrade Tomcat to v9.0.102 in MFT.
Note: This procedure is valid for 8.4.x, 8.5.x and 8.6.x. ** Applying a hotfix released prior to this article will result in a downgrade of Tomcat.
Note: Please open a support case and request the tomcat-9.0.102.jar.rename file necessary for the procedure below.
Environment
All supported environments.
Resolution
Step 1: Verify the Java JDK requirements
This upgrade requires MFT to run under Java 17 JDK or higher. Verify the java version using this command before proceeding:
java -version
If Java is not in your PATH, execute this command:
UNIX
$JAVA_HOME/bin/java -version
Windows
%JAVA_HOME%/bin/java -version
: MFT 8.4.4, 8.5.2 and 8.6.0 require Java 17 or higher. So this upgrade can be installed if you are using these MFT releases.
: MFT 8.4.0, 8.4.1, 8.4.2, 8.5.0 and 8.5.1 can run under Java versions prior to Java 17. If you are running these versions and using one of these older Java versions, you must first upgrade to Java JDK 17 or higher before upgrading Tomcat.
If you upgrade Tomcat but do not upgrade to Java 17 or higher, the MFT Server will not start.
Note: We suggest using an LTS(Long Term Support) Java JDK such as Java 17 or Java 21.
Step 2: Stop the MFT Server
: Follow your procedures to stop the MFT Server
Step 3: Backup the current server directory
UNIX
cd <MFT-Install>
cp -R server server.backup
Windows
cd <MFT-Install>
xcopy server server.backup /E /I
(Optionally, you can use Windows File Explorer to backup the "server" directory"
Step 4: Copy file tomcat-9.0.102.jar to the <MFT-Install> directory
: Copy file tomcat-9.0.102.jar.rename to the <MFT-Install> directory and rename it to tomcat-9.0.102.jar
UNIX
cp /tmp/tomcat-9.0.102.jar.rename <MFT-Install>/tomcat-9.0.102.jar
Windows
copy c:\users\your.userid\downloads\tomcat-9.0.102.jar.rename <MFT-Install>\ tomcat-9.0.102.jar
Step 5: Unjar file tomcat-9.0.102.jar
jar xvf tomcat-9.0.98.jar
Step 6: Verify the Tomcat version
cd <MFT-Install>/server/bin
chmod 755 version.sh
./version.sh
Windows
cd <MFT-Install>\server\bin
version
Verify that theServer Number is 9.0.102:
Server number: 9.0.102.0
Step 7: Start the MFT Server
: Follow your procedures to start the MFT Server
Issue/Introduction
How to manually upgrade to Tomcat v9.0.102 in Managed File Transfer Command Center and Internet Server
Feedback
Yes
No
Powered by
