Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-72310

8.5 and 8.13 LTS releases should bundle Tomcat 8.5.63 or higher

    XMLWordPrintable

Details

    Description

      Issue Summary

      The Apache Tomcat version used by the currently available LTS (Long Term Support) releases has a few vulnerabilities, therefore the next LTS release should bundle an updated version of Tomcat.

      Steps to Reproduce

      1. Not applicable.

      Expected Results

      • Not applicable.

      Actual Results

      • Not applicable.

      Note on fix

      Tomcat version will be bumped to version 8.5.65

      Workaround

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-72211 Tomcat PersistenceManager vulnerabilities - CVE-2021-25329 and CVE-2021-25122

          • Low - Low priority issues
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-72609 Upgrade the bundled version of Apache Tomcat to 8.5.68 or later

          • Medium - Medium priority issues
          • Closed
          mentioned in

          Page Loading...

          Activity

            People

              Unassigned Unassigned
              gperes@atlassian.com Gregory Peres (Inactive)
              Votes:
              3 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: