Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-64394

Upgrade Tomcat to the version 8.5.29

    XMLWordPrintable

Details

    • 7.03
    • 15
    • Severity 1 - Critical
    • 34
    • Hide
      Atlassian Update – 1 October 2018

      Hello everyone,

      Just to clarify.
      Jira 7.6.9 will be using Tomcat version 8.5.29.
      Jira 7.12.3 and up will be on version 8.5.32. See JRASERVER-68058

      The current ticket is marked resolved because at least one version got their changes released.

      Cheers.

      Piotr Suwała
      Jira Server Bugfix Dev

      Show
      Atlassian Update – 1 October 2018 Hello everyone, Just to clarify. Jira 7.6.9 will be using Tomcat version 8.5.29 . Jira 7.12.3 and up will be on version 8.5.32 . See JRASERVER-68058 The current ticket is marked resolved because at least one version got their changes released. Cheers. Piotr Suwała Jira Server Bugfix Dev

    Description

      Current version of Tomcat 8.5.6 bundled with JIRA 7.3.x is vulnerable to https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.9.

      Customer would like the Tomcat to be upgraded to the latest version available as their client is no longer willing to run JIRA without having the tomcat patched with the latest security updates.

      Questions:

      1. Is it in the road map to include latest Tomcat? If yes, from which version onwards?
      2. Is there any steps which customer can follow to upgrade the bundled Tomcat from 8.5.6 to 8.5.12?

      Attachments

        Issue Links

          is duplicated by

          Suggestion - JRASERVER-65601 Support for Tomcat 8.5.16

          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-67974 JQL search panel is missing when viewing saved filter due to missing Tomcat parameters

          • Highest - Our top priority issues
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-65102 Update bundled Apache Tomcat due to security vulnerabilities

          • Low - Low priority issues
          • Closed

          RAID-284 Loading...

          RAID-335 Loading...

          was cloned as

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-68058 Upgrade Tomcat to the version 8.5.32

          • Low - Low priority issues
          • Closed
          mentioned in

          Page Loading...

          Page Loading...

          Page Loading...

          Activity

            People

              psuwala ΞΔ (Inactive)
              schew@atlassian.com Sean Chew (Inactive)
              Votes:
              19 Vote for this issue
              Watchers:
              35 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: