Recommended update for tomcat

Announcement ID:	SUSE-RU-2020:2558-1
Rating:	moderate
References:	bsc#1092163 bsc#1172562 bsc#1173103
Affected Products:	SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 Web and Scripting Module 15-SP2

An update that has three fixes can now be installed.

Description:

This update for tomcat fixes the following issues:

• Fixed the package alternatives for tomcat-servlet-4_0-api to use /usr/share/java/servlet.jar instead of /usr/share/java/tomcat-servlet.jar - We kept /usr/share/java/tomcat-servlet.jar as a symlink for compatibility reasons (bsc#1092163)
• Removed write permissions on several files and directories for the tomcat group (bsc#1172562)
• Changed the tomcat.pid location from /var/run to /run (bsc#1173103)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• Web and Scripting Module 15-SP2
  zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP2-2020-2558=1

Package List:

• Web and Scripting Module 15-SP2 (noarch)
  • tomcat-el-3_0-api-9.0.36-3.9.1
  • tomcat-servlet-4_0-api-9.0.36-3.9.1
  • tomcat-jsp-2_3-api-9.0.36-3.9.1
  • tomcat-9.0.36-3.9.1
  • tomcat-webapps-9.0.36-3.9.1
  • tomcat-admin-webapps-9.0.36-3.9.1
  • tomcat-lib-9.0.36-3.9.1

References:

• https://bugzilla.suse.com/show_bug.cgi?id=1092163
• https://bugzilla.suse.com/show_bug.cgi?id=1172562
• https://bugzilla.suse.com/show_bug.cgi?id=1173103