[Bug 1239676] New: Tomcat 9.0.99 fails to launch with java 17
https://bugzilla.suse.com/show_bug.cgi?id=1239676 Bug ID: 1239676 Summary: Tomcat 9.0.99 fails to launch with java 17 Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: x86-64 OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Java Assignee: java-maintainers@suse.de Reporter: dcermak@suse.com QA Contact: qa-bugs@suse.de Target Milestone: --- Found By: --- Blocker: --- The latest Tomcat 9 version (9.0.99), that has been accepted in Factory last week, is failing to launch with Java 17: # /usr/libexec/tomcat/server start Java virtual machine used: /usr/bin/java classpath used: /usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/lib64/java/commons-daemon.jar main class used: org.apache.catalina.startup.Bootstrap flags used: -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory options used: -Dcatalina.base=/usr/share/tomcat -Dcatalina.home=/usr/share/tomcat -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat/temp -Djava.util.logging.config.file=/usr/share/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager arguments used: start 17-Mar-2025 09:22:19.277 WARNING [main] org.apache.catalina.startup.ClassLoaderFactory.validateFile Problem with JAR file [/usr/share/java/tomcat/commons-collections.jar], exists: [false], canRead: [false] 17-Mar-2025 09:22:19.284 WARNING [main] org.apache.catalina.startup.ClassLoaderFactory.validateFile Problem with JAR file [/usr/share/java/tomcat/commons-collections.jar], exists: [false], canRead: [false] 17-Mar-2025 09:22:19.416 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version name: Apache Tomcat/9.0.99 17-Mar-2025 09:22:19.416 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built: Mar 12 2025 16:21:08 UTC 17-Mar-2025 09:22:19.417 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version number: 9.0.99.0 17-Mar-2025 09:22:19.417 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name: Linux 17-Mar-2025 09:22:19.417 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version: 6.13.6-200.fc41.x86_64 17-Mar-2025 09:22:19.417 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture: amd64 17-Mar-2025 09:22:19.417 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home: /usr/lib64/jvm/java-17-openjdk-17 17-Mar-2025 09:22:19.417 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version: 17.0.14+7-suse-1.3-x8664 17-Mar-2025 09:22:19.417 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor: Oracle Corporation 17-Mar-2025 09:22:19.417 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE: /usr/share/tomcat 17-Mar-2025 09:22:19.417 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME: /usr/share/tomcat 17-Mar-2025 09:22:19.417 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory 17-Mar-2025 09:22:19.418 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/usr/share/tomcat 17-Mar-2025 09:22:19.418 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/usr/share/tomcat 17-Mar-2025 09:22:19.418 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.endorsed.dirs= 17-Mar-2025 09:22:19.418 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=/var/cache/tomcat/temp 17-Mar-2025 09:22:19.418 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=/usr/share/tomcat/conf/logging.properties 17-Mar-2025 09:22:19.418 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 17-Mar-2025 09:22:19.420 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent The Apache Tomcat Native library which allows using OpenSSL was not found on the java.library.path: [/usr/java/packages/lib:/usr/lib64:/lib64:/lib:/usr/lib] 17-Mar-2025 09:22:19.437 SEVERE [main] org.apache.catalina.startup.Catalina.load Error initializing Catalina org.apache.catalina.LifecycleException: Failed to initialize component [StandardServer[8005]] at org.apache.catalina.util.LifecycleBase.handleSubClassException(LifecycleBase.java:406) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:125) at org.apache.catalina.startup.Catalina.load(Catalina.java:690) at org.apache.catalina.startup.Catalina.load(Catalina.java:713) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:569) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:302) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:472) Caused by: java.lang.ExceptionInInitializerError at org.apache.catalina.core.JreMemoryLeakPreventionListener.lifecycleEvent(JreMemoryLeakPreventionListener.java:299) at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:109) at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:389) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:121) ... 8 more Caused by: java.lang.reflect.InaccessibleObjectException: Unable to make field static final boolean java.io.FileSystem.useCanonCaches accessible: module java.base does not "opens java.io" to unnamed module @30946e09 at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:354) at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:297) at java.base/java.lang.reflect.Field.checkCanSetAccessible(Field.java:178) at java.base/java.lang.reflect.Field.setAccessible(Field.java:172) at org.apache.tomcat.util.compat.JreCompat.<clinit>(JreCompat.java:131) ... 12 more 17-Mar-2025 09:22:19.438 INFO [main] org.apache.catalina.startup.Catalina.load Server initialization in [126] milliseconds 17-Mar-2025 09:22:19.600 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service [Catalina] 17-Mar-2025 09:22:19.601 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet engine: [Apache Tomcat/9.0.99] 17-Mar-2025 09:22:19.623 SEVERE [main] org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to initialize component [Connector["http-nio-8080"]] java.lang.NoClassDefFoundError: Could not initialize class org.apache.tomcat.util.compat.JreCompat at org.apache.catalina.connector.Connector.initInternal(Connector.java:1025) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:122) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:155) at org.apache.catalina.core.StandardService.startInternal(StandardService.java:428) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:874) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) at org.apache.catalina.startup.Catalina.start(Catalina.java:739) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:569) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:345) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:473) Caused by: java.lang.ExceptionInInitializerError: Exception java.lang.reflect.InaccessibleObjectException: Unable to make field static final boolean java.io.FileSystem.useCanonCaches accessible: module java.base does not "opens java.io" to unnamed module @30946e09 [in thread "main"] at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:354) at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:297) at java.base/java.lang.reflect.Field.checkCanSetAccessible(Field.java:178) at java.base/java.lang.reflect.Field.setAccessible(Field.java:172) at org.apache.tomcat.util.compat.JreCompat.<clinit>(JreCompat.java:131) at org.apache.catalina.core.JreMemoryLeakPreventionListener.lifecycleEvent(JreMemoryLeakPreventionListener.java:299) at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:109) at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:389) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:121) at org.apache.catalina.startup.Catalina.load(Catalina.java:690) at org.apache.catalina.startup.Catalina.load(Catalina.java:713) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:569) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:302) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:472) 17-Mar-2025 09:22:19.624 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"] 17-Mar-2025 09:22:19.643 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [204] milliseconds 17-Mar-2025 09:22:19.650 INFO [main] org.apache.coyote.AbstractProtocol.pause Pausing ProtocolHandler ["http-nio-8080"] 17-Mar-2025 09:22:19.650 INFO [main] org.apache.catalina.core.StandardService.stopInternal Stopping service [Catalina] 17-Mar-2025 09:22:19.650 INFO [main] org.apache.coyote.AbstractProtocol.stop Stopping ProtocolHandler ["http-nio-8080"] 17-Mar-2025 09:22:19.651 INFO [main] org.apache.coyote.AbstractProtocol.destroy Destroying ProtocolHandler ["http-nio-8080"] This happens on a fresh and completely unmodified Tumbleweed installation after running `zypper -n in tomcat java-17-openjdk java-17-openjdk-headless`. The problem can be worked around by adding `--add-opens=java.base/java.io=ALL-UNNAMED` to OPTIONS in /usr/libexec/tomcat/server. The problem does not occur with Java 21. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1239676 Dan Čermák <dcermak@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bci-internal@suse.de Assignee|java-maintainers@suse.de |fstrba@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1239676 Dirk Mueller <dmueller@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P2 - High -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1239676 Dan Čermák <dcermak@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|fstrba@suse.com |ricardo.mestre@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1239676 https://bugzilla.suse.com/show_bug.cgi?id=1239676#c1 --- Comment #1 from Ricardo Mestre <ricardo.mestre@suse.com> --- It appears that this issue has already been identified. From what I understand: It was introduced in Tomcat 9.0.99 as part of the fix for CVE-2024-56337 and was later resolved in Tomcat 9.0.100. Unfortunately, the recent update to Tomcat 10.1.35 is also affected. However, this has been addressed in Tomcat 10.1.36. It is unclear whether Tomcat 8 is impacted. sources: 1) https://bz.apache.org/bugzilla/show_bug.cgi?id=69576 2) https://tomcat.apache.org/tomcat-9.0-doc/changelog.html 3) https://tomcat.apache.org/tomcat-10.1-doc/changelog.html -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1239676 Ricardo Mestre <ricardo.mestre@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |IN_PROGRESS -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1239676 https://bugzilla.suse.com/show_bug.cgi?id=1239676#c2 --- Comment #2 from Ricardo Mestre <ricardo.mestre@suse.com> --- Thank you for suggesting the workaround with the extra flag. However, we decided to bump the version instead. We'd eventually have to do it anyway and likely I would have forgotten to remove the workaround :\ In the meanwhile we created this requests for Java:packages: https://build.opensuse.org/request/show/1254261 https://build.opensuse.org/request/show/1254262 Both SUSE:SLE-12-SP4:Update and SUSE:SLE-12-SP2:Update were not affected by this issue. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1239676 https://bugzilla.suse.com/show_bug.cgi?id=1239676#c5 --- Comment #5 from Maintenance Automation <maint-coord+maintenance-robot@suse.de> --- SUSE-SU-2025:1024-1: An update that solves two vulnerabilities can now be installed. URL: https://www.suse.com/support/update/announcement/SUSE-SU-2025:1024-1 Category: security (important) Bug References: 1239302, 1239676 CVE References: CVE-2024-56337, CVE-2025-24813 Maintenance Incident: [SUSE:Maintenance:38023](https://smelt.suse.de/incident/38023/) Sources used: openSUSE Leap 15.6 (src): tomcat10-10.1.39-150200.5.36.1 Web and Scripting Module 15-SP6 (src): tomcat10-10.1.39-150200.5.36.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (src): tomcat10-10.1.39-150200.5.36.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (src): tomcat10-10.1.39-150200.5.36.1 SUSE Linux Enterprise Server 15 SP5 LTSS (src): tomcat10-10.1.39-150200.5.36.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5 (src): tomcat10-10.1.39-150200.5.36.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1239676 https://bugzilla.suse.com/show_bug.cgi?id=1239676#c6 --- Comment #6 from Maintenance Automation <maint-coord+maintenance-robot@suse.de> --- SUSE-SU-2025:1126-1: An update that solves two vulnerabilities can now be installed. URL: https://www.suse.com/support/update/announcement/SUSE-SU-2025:1126-1 Category: security (important) Bug References: 1239302, 1239676 CVE References: CVE-2024-56337, CVE-2025-24813 Maintenance Incident: [SUSE:Maintenance:38008](https://smelt.suse.de/incident/38008/) Sources used: SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): tomcat-9.0.102-150200.78.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): tomcat-9.0.102-150200.78.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5 (src): tomcat-9.0.102-150200.78.1 SUSE Manager Server 4.3 (src): tomcat-9.0.102-150200.78.1 SUSE Enterprise Storage 7.1 (src): tomcat-9.0.102-150200.78.1 openSUSE Leap 15.6 (src): tomcat-9.0.102-150200.78.1 Web and Scripting Module 15-SP6 (src): tomcat-9.0.102-150200.78.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): tomcat-9.0.102-150200.78.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): tomcat-9.0.102-150200.78.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): tomcat-9.0.102-150200.78.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (src): tomcat-9.0.102-150200.78.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (src): tomcat-9.0.102-150200.78.1 SUSE Linux Enterprise Server 15 SP3 LTSS (src): tomcat-9.0.102-150200.78.1 SUSE Linux Enterprise Server 15 SP4 LTSS (src): tomcat-9.0.102-150200.78.1 SUSE Linux Enterprise Server 15 SP5 LTSS (src): tomcat-9.0.102-150200.78.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com