Atlassian upgrades do not address this Vulnerability\
Upgrade to Apache Tomcat version 9.0.98 or later
/opt/atlassian/jira installed version 9.0.07
@Martin Neal Atlassian does bundle their product with Apache but you should still be updating it to prevent security vulnerabilities. If you would like to use a bundle to accomplish this you would need to move to 10.3 or higher. If you do not want to upgrade because you are on a long-term release you can follow this help document - https://confluence.atlassian.com/jirakb/how-to-upgrade-the-apache-tomcat-version-used-by-jira-server-and-data-center-879957866.html
As with all production upgrades you should backup your instance or even better make an image of it before performing the upgrade. I would suggest making an image, performing the upgrade on the image and validating that everything works before making the upgrade in production.
Spend the day sharpening your skills in Atlassian Cloud Organization Admin or Jira Administration, then take the exam onsite. Already ready? Take one - or more - of 12 different certification exams while you’re in Anaheim at Team' 25.
Learn more
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.