Establish the framework for Fleet Application Management to identify necessary patches based on the specified compliance rules. You can then decide whether instances with Apache Tomcat installed are being appropriately maintained or are at risk because of potential vulnerabilities.
-
Verify the presence of compliance policy rules for the Apache Tomcat product from the details page of compliance policy.
-
If policy rules don't exist, create compliance policy rules.
Specify a name for the rule, the required product version for compliance, and the basis for compliance, such as patch level. Setting the basis to the latest patch guarantees that the version remains up-to-date with the latest release patch. Alternatively, compliance can be based on a specific patch number or the last known release date. For example, create a compliance rule for Apache Tomcat with a single rule for version 10.1.30 and above with the latest patch level.
-
Confirm the existence of patches for Apache Tomcat within Fleet Application Management and their availability for patching by uploading a custom patch.
Add a patch by providing fundamental information such as patch name, product, version, and severity of patches to be addressed, for example, Critical. This pertains to the "Critical Patch Update" patch type. Upload the patch from the file system or select it from the Object Storage. Provide the release date and save.
For example, upload a patch from the Object Storage: Object Storage > Compartment: mycompartment > my_bucket > apache-tomcat-10.1.30.tar.gz.