Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 8.5.9, 8.11.0, 8.12.0
Affects Version/s: 8.9.0
Component/s: Tomcat
Labels:

Fixed in Long Term Support Release/s:

Download 8.5
Introduced in Version:
8.09
Support reference count:
2
Symptom Severity:
Severity 2 - Major

Issue Summary

The recently disclosed vulnerability regarding Tomcat affects the following versions:

Apache Tomcat 7x <7.0.103
Apache Tomcat 8x <8.5.54
Apache Tomcat 9x <9.0.34
Apache Tomcat 10x < 10.0.0-M4

We should bundle a more recent version of Tomcat, so that Jira is not affected by this in the future.

Steps to Reproduce

Check the CVE report.

Expected Results

Not applicable.

Actual Results

Not applicable.

Workaround

Manually upgrade Tomcat according to our documentation.

relates to

JRASERVER-71321 Upgrade the bundled version of Apache Tomcat to 8.5.57

Closed

Assignee:: Unassigned
Reporter:: Gregory Peres (Inactive)
Votes:: 1 Vote for this issue
Watchers:: 9 Start watching this issue

Due:: 27/Sep/2020
Created:: 25/Jun/2020 4:59 AM
Updated:: 14/Oct/2020 4:00 PM
Resolved:: 15/Jul/2020 12:26 PM