Confluence Windows version 7.7.2.
The workaround suggested by Atlassian includes the replacement of three files,
None of these files can be found in the Confluence directory tree.
Does this vulnerability apply to the Windows version, and if so, what would be the correct workaround?
Yes this vulnerability applies to Windows editions as well. The files you mentioned are the replacement files. Not the files that are currently on your system. You need to download those specific files you mentioned from the Advisory itself. Then remove the existing files with similar (but not exactly the same names). Then copy in the downloaded files to their appropriate locations. If you cannot find this folder, you might want to search for the
folder instead. Two of the jar files will be found in the WEB-INF/lib/ directory.
Yes, that is expected as well. That .class file has to added to a separate directory.
Change to directory
Create a new directory called
Copy CachedConfigurationProvider.class into
Ensure the permissions and ownership are correct for:
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event