Just had my security guys pick me up about the Tomcat released with 10.6 thats currnetly on our pre box. dont like the idea of updating tomcat outside Jamf so reached out to our account manager to see if at least Jamf is aware.
Jamf suggested using the root.war manual upgrade path to me. This would be upgrading without upgrading Tomcat itself.
EDIT - Spoke with Jamf again and they don't want us changing our upgrade method from the Windows .msi based one. To be continued another weekend.