Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 8.11.0, 8.12.0, 8.5.9
Affects Version/s: 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.5.8
Component/s: Tomcat
Labels:

Fixed in Long Term Support Release/s:

Download 8.5
Introduced in Version:
8.05
Support reference count:
19
Symptom Severity:
Severity 2 - Major
UIS:
48
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Issue Summary

The recently disclosed vulnerabilities regarding Apache Tomcat

Which affects the following versions:

Apache Tomcat 8.x from 8.5.0 before 8.5.51

We should bundle a more recent version of Tomcat so that Jira is not affected by this in the future.

Steps to Reproduce

Not applicable.

Expected Results

Not applicable.

Actual Results

Not applicable.

Workaround

Manually upgrade Tomcat according to our documentation.

Attachments

Issue Links

is related to

JSWSERVER-20471 Security Vulnerability Tomcat AJP CNVD-2020-10487/CVE-2020-1938

Closed

relates to

JRASERVER-73223 Upgrade Tomcat to version 8.5.75 - CVE-2020-9484/CVE-2022-23181

Closed

JRASERVER-70487 Upgrade Tomcat to 8.5.50 to fix CVE-2019-17563 & CVE-2019-12418

Closed

VULN-191760 Loading...

RAID-1987 Loading...

mentioned in: Page Loading...; Page Loading...; Page Loading...

(3 mentioned in)

Activity

People

Assignee:: Pawel Przytarski

Reporter:: Solomon Cherian

Votes:: 0 Vote for this issue

Watchers:: 15 Start watching this issue

Dates

Due:: 06/Aug/2020

Created:: 30/Apr/2020 9:04 AM

Updated:: 02/Jan/2024 5:31 PM

Resolved:: 15/Jul/2020 12:26 PM