Loading...

XML

Word

Printable

Details

Type: Suggestion
Resolution: Fixed
Fix Version/s: 6.6.2, 6.7.0
Component/s: Server - Platform
Labels:

Support reference count:
2
Fixed in Long Term Support Release/s:

Download 6.6
Feedback Policy:

We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

Description

Problem Definition

Current embedded JRE has some vulnerabilities which have been resolved in critical security update Java 1.8.0.161. Many larger companies which have a dedicated security team will ask their Confluence system admin to update the Java version to the new critical security update. Which forces the JIRA system admin to sway away from sticking to the embedded version.

https://www.java.com/en/download/faq/release_changes.xml

Workaround

If the customer is requested to update Java before a new Confluence release with the required java update comes out, they can update their Java versions manually by following these KB articles;

Installing JDK

How to switch from the bundled JRE to System Java when using Confluence as Windows Service

How to use system Java instead of the bundled JRE

Attachments

Issue Links

is incorporated by

CONFSERVER-54797 Upgrade Confluence to use JDK 8u162

Closed

is related to

JRASERVER-66241 Embed latest java critical security update (1.8.0.171 or higher) into the next JIRA (sub)version

Closed

mentioned in: Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Wayne Wong (Inactive)

Votes:: 1 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Due:: 21/May/2018

Created:: 01/Nov/2017 8:44 AM

Updated:: 22/May/2020 8:25 AM

Resolved:: 24/Apr/2018 3:22 AM

Embed latest java critical security update (1.8.0.161 or higher) into the next Confluence (sub)version