...
In the event of a Tomcat vulnerability, Ubisecure reviews the vulnerability notices and determines if the vulnerability is relevant to our customers. Many vulnerabilities apply to standard default installs where deployed applications can be managed via included applications and interfaces. Our own distribution and pre-configuration removes many of these risks. In the event that a vulnerability applies, we provide instructions via our technical-announcements blog at https://www.ubisecure.com/technical-announcements/ It is possible and encouraged to subscribe to email notifications of the technical announcements at the bottom of the page https://www.ubisecure.com/developers/ . An RSS feed is also available and could be directed to a ticketing system to ensure action is taken when new software is released or announcements are made.
Instructions typically include configuration changes to existing installations to eliminate the vulnerability. Sometimes a new patch is made to correct a vulnerability before the following scheduled release.
...