Upgrade bamboo because of Tomcat vulnerability but license expired.

niraj September 6, 2022

Hello, I am currently using Bamboo server 7.2.4 and my license expired on May 2021.

I have to upgrade Bamboo or Tomcat to a later version because of the Tomcat vulnerability  CVE-2022-25762.

What are the options for me?

Which version can I upgrade to?

Can I upgrade even if the license is expired?

Can I create a new instance of my bamboo server by taking a backup of the AMI and spinning a new instance, and they try the upgrade process there?

 

Thanks

1 answer

1 accepted

1 vote
Answer accepted
Eduardo Alvarenga
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 6, 2022

Hello @niraj,

Welcome to Atlassian Community!

Bamboo requires a license that is valid up to the date of the release you intend to install. As you are running Bamboo 7.2.4, you are on a "Server license", meaning you will not be able to upgrade Bamboo to a version of Bamboo that was released after the license expired nor be entitled to support.

For dates and examples please check the following KB article:

Cheers,

Eduardo Alvarenga
Atlassian Support APAC

--please don't forget to Accept the answer if the reply is helpful-- 

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events