Announcement
- Release Type: Vulnerability Maintenance Release
- Date of Shipment: 2018-10-02
- Scope
- This release brings bug-fixes for vulnerabilities of the Jetty Server version 9.3.11 that ships with JobScheduler releases 1.12 to 1.12.5. We recommend that users of JobScheduler 1.12 install this release. This is a maintenance release based on Release 1.12.6 (in progress).
- see https://www.cvedetails.com/vulnerability-list/vendor_id-10410/product_id-34824/year-2018/Eclipse-Jetty.html
- This release exclusively applies to JOC Cockpit - JobScheduler Master and YADE are not affected by the vulnerabilities.
Issues
Loading …
| Key | T | Sub-Tasks | Linked Issues | Fix Version/s | P | Summary | Status | Resolution | cve-id |
|---|---|---|---|---|---|---|---|---|---|
| JOC-521 |
|
SET-149 , SET-148 | 1.12.6 |
|
Update Jetty version to 9.4.12 due to vulnerability issues in Jetty (CVE-2018-12538, CVE-2018-12536, CVE-2017-7658, CVE-2017-7657, CVE-2017-7656) | Resolved | Fixed | CVE-2018-12538, CVE-2018-12536, CVE-2017-7658, CVE-2017-7657, CVE-2017-7656 |