CVE-2024-56337

Jira v9.12.16 on Redhat 8.10

Atlassian upgrades do not address this Vulnerability\

Upgrade to Apache Tomcat version 9.0.98 or later

/opt/atlassian/jira installed version 9.0.07

Jira v9.12.16

1 answer

1 vote

@Martin Neal Atlassian does bundle their product with Apache but you should still be updating it to prevent security vulnerabilities. If you would like to use a bundle to accomplish this you would need to move to 10.3 or higher. If you do not want to upgrade because you are on a long-term release you can follow this help document - https://confluence.atlassian.com/jirakb/how-to-upgrade-the-apache-tomcat-version-used-by-jira-server-and-data-center-879957866.html

As with all production upgrades you should backup your instance or even better make an image of it before performing the upgrade. I would suggest making an image, performing the upgrade on the image and validating that everything works before making the upgrade in production.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Heads up! On March 5, starting at 4:30 PM Pacific Time, our community will be undergoing scheduled maintenance for a few hours. During this time, you might find the site temporarily inaccessible. Thanks for your patience. Read more.

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Get product advice from experts

Join a community group

Advance your career with learning paths

Earn badges and rewards

Connect and share ideas at events

CVE-2024-56337

Jira v9.12.16 on Redhat 8.10

Jira v9.12.16

1 answer

Suggest an answer

Was this helpful?

Thanks!

TAGS

Community showcase

Atlassian Community Events