- Release Type: Vulnerability Maintenance Release
- Date of Shipment: 2018-10-02
- This release brings bug-fixes for vulnerabilities of the Jetty Server version 9.3.11 that ships with JobScheduler releases 1.12 to 1.12.5. We recommend that users of JobScheduler 1.12 install this release. This is a maintenance release based on Release 1.12.6 (in progress).
- see https://www.cvedetails.com/vulnerability-list/vendor_id-10410/product_id-34824/year-2018/Eclipse-Jetty.html
- This release exclusively applies to JOC Cockpit - JobScheduler Master and YADE are not affected by the vulnerabilities.
|Key||T||Sub-Tasks||Linked Issues||Fix Version/s||P||Summary||Status||Resolution||cve-id|
|JOC-521||SET-149 , SET-148||1.12.6||Update Jetty version to 9.4.12 due to vulnerability issues in Jetty (CVE-2018-12538, CVE-2018-12536, CVE-2017-7658, CVE-2017-7657, CVE-2017-7656)||Resolved||Fixed||CVE-2018-12538, CVE-2018-12536, CVE-2017-7658, CVE-2017-7657, CVE-2017-7656|