Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 7.1.2
Affects Version/s: 7.0.9
Component/s: Installation
Labels:

Introduced in Version:
7
CVSS Score:
6.8
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Update the bundled version of java to a version >= 1.8u71 (1.8 update 71), which fixes many security issues (http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA).
Included in the security fixes is a fix for CVE-2016-0483 "An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions".

Attachments

Issue Links

incorporates

JRASERVER-45367 Secure LDAP connections are broken when using Java 1.8u51, 1.8u60, 1.7.0_85+ and 1.6.0_101+

Closed

is related to

JRASERVER-44296 Update Java version bundled found in the installer to a version >= 1.8u51

Closed

JRASERVER-45367 Secure LDAP connections are broken when using Java 1.8u51, 1.8u60, 1.7.0_85+ and 1.6.0_101+

Closed

relates to

CONFSERVER-40671 Update Java version bundled found in the installer to a version >= 1.8u71

Closed

JPA-1288 Loading...

included in

CPU-408 JIRA 7.2.0-OD-04-029

(1 included in)

Activity

People

Assignee:: Oswaldo Hernandez (Inactive)

Reporter:: David Black

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 04/Feb/2016 2:52 AM

Updated:: 28/Mar/2019 12:19 AM

Resolved:: 16/Mar/2016 4:34 AM