[JRASERVER-61885] Upgrade Tomcat to 8.0.36 or later - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Medium (View bug fix roadmap)
Fix Version/s: 7.2.6
Affects Version/s: 7.2.2, 7.1.9
Component/s: Tomcat, Upgrade
Labels:

Introduced in Version:
7.01
Support reference count:
4
UIS:
2
Bug Fix Policy:
View Atlassian Server bug fix policy

Current version of Tomcat 8.0.33 is vulernable to http://www.cvedetails.com/cve/CVE-2016-3092/

We need to upgrade the version we package with JIRA to address that vulnerability.

is duplicated by

JRASERVER-63421 CVEs: 2016-6797, 2016-6796, 2016-6794, 2016-5018 and 2016-0762.

Closed

JSB-101 You do not have permission to view this issue

Assignee:: Michal Orzechowski (Inactive)

Reporter:: Joel E. Wilson

Affected customers:: 4 This affects my team

Watchers:: 6 Start watching this issue

Created:: 14/Jul/2016 2:22 PM

Updated:: 09/Aug/2019 2:44 PM

Resolved:: 16/Nov/2016 8:35 PM