[CONFSERVER-33729] Upgrading to 5.5.1 from 5.4.3 didn't update xwork from 1.13 to 1.17

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 5.5.2
Affects Version/s: 5.5.1
Component/s: None
Labels:

Bug Fix Policy:
View Atlassian Server bug fix policy

We recently upgraded our instance following your security advisory. It was discovered shortly after the upgrade that the xwork file that was vulnerable (1.13) was not upgraded to the safe version (1.17). This could have just been specific to our instance but you should check your upgrade process and see if the correct file is bundled and the update process is actually updating it.

relates to

CONFSERVER-33515 ClassLoader Manipulation vulnerability

Closed

mentioned in: Page Failed to load; Page Failed to load; Page Failed to load

No work has yet been logged on this issue.

Assignee:: Steve Haffenden (Inactive)

Reporter:: Steve Goldberg

Affected customers:: 0 This affects my team

Watchers:: 4 Start watching this issue

Created:: 22/May/2014 12:50 PM

Updated:: 11/Oct/2018 8:52 AM

Resolved:: 26/May/2014 7:08 AM

Confluence Data Center

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates