Description
Apache, Tomcat, OpenSSL and Log4j components are installed as part of the Desktop and Laptop Option (DLO) server and are used for managing Dedupe data and IO access.
Below are details of the default Apache Tomcat versions used and the Maximum Tomcat versions currently supported in each of the recent DLO versions.
As VxUpdate (in DLO 9.7 and newer) can upgrade Tomcat Components, the maximum supported versions may change over time:
| DLO Version | Default Apache Tomcat Version | Maximum currently supported Apache Tomcat Version |
| DLO 9.0 | Tomcat Server 8.0.35 | Tomcat Server 8.0.35 |
| DLO 9.0 SP1 | Tomcat Server 8.0.35 | Tomcat Server 8.0.35 |
| DLO 9.1 | Tomcat Server 8.0.43 | Tomcat Server 8.0.43 |
| DLO 9.2 | Tomcat Server 8.5.24 | Tomcat Server 8.5.24 |
| DLO 9.3 | Tomcat Server 8.5.24 | Tomcat Server 8.5.24 |
| DLO 9.3.1 | Tomcat Server 8.5.34 | Tomcat Server 8.5.34 |
| DLO 9.3.2 | Tomcat Server 8.5.40 | Tomcat Server 8.5.40 |
| DLO 9.3.3 | Tomcat Server 8.5.45 | Tomcat Server 8.5.45 |
| DLO 9.4 | Tomcat Server 8.5.55 | Tomcat Server 8.5.55 |
| DLO 9.5 | Tomcat Server 8.5.58 | Tomcat Server 8.5.58 |
| DLO 9.6 | Tomcat Server 8.5.63 | Tomcat Server 8.5.63 |
| DLO 9.7 | Tomcat Server 8.5.72 | Tomcat Server 8.5.85 |
| DLO 9.8 | Tomcat Server 8.5.82 | Tomcat Server 8.5.82 |
| DLO 9.8.1 | Tomcat Server 8.5.84 | Tomcat Server 8.5.84 |
| DLO 9.8.2 | Tomcat Server 8.5.84 | Tomcat Server 8.5.89 |
| DLO 9.8.3 | Tomcat Server 8.5.96 | Tomcat Server 8.5.96 |
| DLO 9.9 | Tomcat Server 10.1.19 | Tomcat Server 10.1.19 |
Apache HTTP Server is installed as part of the Desktop and Laptop Option (DLO) server and is used for managing Edge server access.
Below are details of the default Apache versions used and the Maximum Apache versions currently supported in each of the recent DLO versions.
As VxUpdate (in DLO 9.7 and newer) can upgrade Apache Components, the maximum supported versions may change over time:
| DLO Version | Default Apache Server Version | Maximum currently supported Apache Server version |
| DLO 9.0 | Apache-HTTP Server 2.4.20 | Apache-HTTP Server 2.4.20 |
| DLO 9.0 SP1 | Apache-HTTP Server 2.4.20 | Apache-HTTP Server 2.4.20 |
| DLO 9.1 | Apache-HTTP Server 2.4.26 | Apache-HTTP Server 2.4.26 |
| DLO 9.2 | Apache-HTTP Server 2.4.26 | Apache-HTTP Server 2.4.26 |
| DLO 9.3 | Apache-HTTP Server 2.4.33 | Apache-HTTP Server 2.4.33 |
| DLO 9.3.1 | Apache-HTTP Server 2.4.35 | Apache-HTTP Server 2.4.35 |
| DLO 9.3.2 | Apache-HTTP Server 2.4.39 | Apache-HTTP Server 2.4.39 |
| DLO 9.3.3 | Apache-HTTP Server 2.4.41 | Apache-HTTP Server 2.4.41 |
| DLO 9.4 | Apache-HTTP Server 2.4.43 | Apache-HTTP Server 2.4.43 |
| DLO 9.5 | Apache-HTTP Server 2.4.46 | Apache-HTTP Server 2.4.46 |
| DLO 9.6 | Apache-HTTP Server 2.4.46 | Apache-HTTP Server 2.4.46 |
| DLO 9.7 | Apache-HTTP Server 2.4.52 | Apache-HTTP Server 2.4.56 |
| DLO 9.8 | Apache-HTTP Server 2.4.54 | Apache-HTTP Server 2.4.54 |
| DLO 9.8.1 | Apache-HTTP Server 2.4.54 | Apache-HTTP Server 2.4.54 |
| DLO 9.8.2 | Apache-HTTP Server 2.4.55 | Apache-HTTP Server 2.4.56 |
| DLO 9.8.3 | Apache-HTTP Server 2.4.58 | Apache-HTTP Server 2.4.58 |
| DLO 9.9 | Apache-HTTP Server 2.4.58 | Apache-HTTP Server 2.4.61 |
Below are details of the Log4j Versions used in each of the recent DLO versions:
| DLO Version | Apache Log4j Version |
| DLO 9.0 | Apache Log4j 2.5 |
| DLO 9.0 SP1 | Apache Log4j 2.5 |
| DLO 9.1 | Apache Log4j 2.9.0 |
| DLO 9.2 | Apache Log4j 2.9.0 |
| DLO 9.3 | Apache Log4j 2.9.0 |
| DLO 9.3.1 | Apache Log4j 2.9.0 |
| DLO 9.3.2 | Apache Log4j 2.9.0 |
| DLO 9.3.3 | Apache Log4j 2.9.0 |
| DLO 9.4 | Apache Log4j 2.13.3 |
| DLO 9.5 | Apache Log4j 2.13.3 |
| DLO 9.6 | Apache Log4j 2.13.3 |
| DLO 9.7 | Apache Log4j 2.17.1 |
| DLO 9.8 | Apache Log4j 2.17.1 |
| DLO 9.8.1 | Apache Log4j 2.17.1 |
| DLO 9.8.2 | Apache Log4j 2.17.1 |
| DLO 9.8.3 | Apache Log4j 2.17.1 |
| DLO 9.9 | Apache Log4j 2.17.1 |
Below are details of the OpenSSL Versions used in each of the recent DLO versions:
| DLO Version | OpenSSL Version |
| DLO 9.0 | OpenSSL 1.0.2h |
| DLO 9.0 SP1 | OpenSSL 1.0.2k |
| DLO 9.1 | OpenSSL 1.0.2k |
| DLO 9.2 | OpenSSL 1.0.2k |
| DLO 9.3 | OpenSSL 1.0.2o |
| DLO 9.3.1 | OpenSSL 1.0.2o |
| DLO 9.3.2 | OpenSSL 1.0.2r |
| DLO 9.3.3 | OpenSSL 1.0.2t |
| DLO 9.4 | OpenSSL 1.1.1g |
| DLO 9.5 | OpenSSL 1.1.1g |
| DLO 9.6 | OpenSSL 1.1.1k |
| DLO 9.7 | OpenSSL 1.1.1l |
| DLO 9.8 | OpenSSL 1.1.1q |
| DLO 9.8 | OpenSSL 1.1.1q |
| DLO 9.8.1 | OpenSSL 1.1.1q |
| DLO 9.8.2 | OpenSSL 1.1.1t |
| DLO 9.8.3 | OpenSSL 1.1.1w |
| DLO 9.9 | OpenSSL 3.2.1 |
Q: Can Apache Tomcat be upgraded separately to DLO ?
Yes. For DLO versions 9.7 and newer, please use the DLOVxUpdate Utility to update DLO or Components to the currently supported versions.
For DLO versions 9.6 and earlier, please contact Veritas Technical Support for Apache and Tomcat version upgrade.
Note: The version of Apache or Tomcat you upgrade to must not exceed the current maximum supported versions for the DLO server version, as detailed in the tables above.
Q: Security Checks indicate Vulnerability issues (CVE) with the version of Apache Tomcat Server being used.
Please review the National Vulnerability Database (https://nvd.nist.gov) for details of that vulnerability.
For any queries that have been reported to Veritas Support, Public Tech Articles are produced that give information on whether or not that vulnerability has any impact on DLO.
Please search the Veritas Support pages for the CVE reference, to find those. For any others where an article does not exist, please contact Veritas Support, providing full details of any reported vulnerability. That will then be investigated and the status established.
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.