Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-62062

Upgrade bundled Java to 8u101+

XMLWordPrintable

      Oracle's Critical patch update for July includes some "unspecified vulnerability", for example CVE-2016-3552 & CVE-2016-3503, fixes in the "install" component of java that may affect JIRA.

            [JRASERVER-62062] Upgrade bundled Java to 8u101+

            Ignat (Inactive) added a comment -

            Bundled Java is upgraded to 8u102 in JIRA Server 7.2.0.

            Ignat (Inactive) added a comment - Bundled Java is upgraded to 8u102 in JIRA Server 7.2.0.

            David Black added a comment -

            Taking the CVSS score from CVE-2016-3552 -
            CVSS v3 score: 7.4 => High severity

            Exploitability Metrics

            Attack Vector Local
            Attack Complexity High
            Privileges Required None
            User Interaction None

            Scope Metric

            Scope Unchanged

            Impact Metrics

            Confidentiality High
            Integrity High
            Availability High

            See http://go.atlassian.com/cvss for more details.

            David Black added a comment - Taking the CVSS score from CVE-2016-3552 - CVSS v3 score: 7.4 => High severity Exploitability Metrics Attack Vector Local Attack Complexity High Privileges Required None User Interaction None Scope Metric Scope Unchanged Impact Metrics Confidentiality High Integrity High Availability High See http://go.atlassian.com/cvss for more details.

              Unassigned Unassigned
              dblack David Black
              Affected customers:
              0 This affects my team
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: