Lucene search
Michael.litwakATLASSIAN:JRASERVER-38927HistoryJun 26, 2014 - 7:39 p.m.
Update Tomcat Native DLL in JIRA Installer
2014-06-2619:39:26
michael.litwak
jira.atlassian.com
93
0.975 High
EPSS
Percentile
100.0%
{panel:bgColor=#e7f4fa}
NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? [See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-38927].
{panel}
{quote}
7 new vulnerabilities were announced for OpenSSL on 5 June 2014. These vulnerabilities affect Tomcat Native, which ships with the Windows Installer versions of JIRA.
So please update your JIRA Windows Installers to include a patched version of Tomcat Native DLL’s, once these become available.
{quote}
Note
This is related to the Heartbleed vulnerability. Does not affect JIRA if recommended configuration is followed http://blogs.atlassian.com/2014/04/openssl-cve-2014-0160-atlassian/
| CPE | Name | Operator | Version |
|---|---|---|---|
| jira server and data center | le | 6.1.7 |
Related
suse
suse
update for openssl (important)
2014-04-08 13:04:15
ubuntucve
ubuntucve
CVE-2014-0160
2014-04-07 00:00:00
fortinet
fortinet
Information Disclosure Vulnerability in OpenSSL (Heartbleed)
2014-04-08 00:00:00
checkpoint_security
checkpoint_security
Check Point response to OpenSSL vulnerability (CVE-2014-0160)
2014-04-07 21:00:00
securityvulns
securityvulns
hp
hp
nvd
nvd
CVE-2014-0160
2014-04-07 22:55:03
openvas
openvas
CentOS Update for openssl CESA-2014:0376 centos6
2014-04-08 00:00:00
OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability (STARTTLS Check)
2014-04-09 00:00:00
Debian: Security Advisory (DSA-2896-1)
2014-04-06 00:00:00
thn
thn
HeartBleed Bug Explained - 10 Most Frequently Asked Questions
2014-04-14 20:40:00
Heartbleed - OpenSSL Zero-day Bug leaves Millions of websites Vulnerable
2014-04-08 08:23:00
How Heartbleed Bug Exposes Your Passwords to Hackers
2014-04-10 07:00:00
ibm
ibm
nessus
nessus
openSUSE Security Update : openssl (openSUSE-SU-2014:0492-1) (Heartbleed)
2014-06-13 00:00:00
openSUSE Security Update : openssl (openSUSE-SU-2014:0560-1) (Heartbleed)
2014-06-13 00:00:00
CentOS 6 : openssl (CESA-2014:0376)
2014-04-08 00:00:00
atlassian
atlassian
Update Tomcat Native DLL in JIRA Installer
2014-06-26 19:39:26
attackerkb
attackerkb
CVE-2014-0160 (AKA: Heartbleed)
2014-04-07 00:00:00
n0where
n0where
Access Point Impersonation Attacks: hostapd-wpe
2016-04-12 22:19:39
ics
ics
ABB Relion 650 Series OpenSSL Vulnerability (Update A)
2018-09-06 12:00:00
Schneider Electric Wonderware Intelligence Security Patch for OpenSSL Vulnerability
2018-08-27 12:00:00
Digi International OpenSSL Vulnerability
2018-09-06 12:00:00
f5
f5
K15159 : OpenSSL vulnerability CVE-2014-0160
2015-02-16 00:00:00
SOL15159 - OpenSSL vulnerability CVE-2014-0160
2014-04-08 00:00:00
vulnerlab
vulnerlab
HeartBleed SSL CVE 20140160 - 10 Steps to Fix in Ubuntu
2014-04-09 00:00:00
HeartBleed SSL CVE 20140160 - 10 Steps to Fix in Ubuntu
2014-04-09 00:00:00
seebug
seebug
Oracle Session Monitor Suite OpenSSL TLS心跳信息泄漏漏洞
2014-04-21 00:00:00
OpenVPN OpenSSL TLS心跳信息泄漏漏洞
2014-04-21 00:00:00
Sophos Antivirus for vShield OpenSSL TLS心跳信息泄漏漏洞
2014-04-16 00:00:00
packetstorm
packetstorm
Heartbleed Proof Of Concept
2014-04-08 00:00:00
Heartbleed User Session Extraction
2014-04-09 00:00:00
Streamworks Job Scheduler Release 7 Authentication Weakness
2019-01-16 00:00:00
exploitpack
exploitpack
OpenSSL TLS Heartbeat Extension - Heartbleed Memory Disclosure
2014-04-08 00:00:00
zdt
zdt
OpenSSL Heartbeat (Heartbleed) Information Leak Exploit
2014-04-10 00:00:00
Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support
2014-04-24 00:00:00
OpenSSL TLS Heartbeat Extension - Memory Disclosure
2014-04-08 00:00:00
kitploit
kitploit
Heartbleed Vulnerability Scanner - Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)
2015-10-01 09:47:00
sslscan - tests SSL/TLS enabled services to discover supported cipher suites
2016-12-26 14:30:00
Collection of Heartbleed Tools (OpenSSL CVE-2014-0160)
2014-04-10 00:55:00
centos
centos
openssl security update
2014-04-08 02:54:58
redhat
redhat
(RHSA-2014:0376) Important: openssl security update
2014-04-08 00:00:00
(RHSA-2014:0396) Important: rhev-hypervisor6 security update
2014-04-10 00:00:00
threatpost
threatpost
Tor Blacklisting Exit Nodes Vulnerable to Heartbleed Bug
2014-04-17 11:40:41
April 2014 Oracle Critical Patch Update
2014-04-16 12:32:06
Oracle Gives Heartbleed Update, Patches 14 Products
2014-04-21 13:55:42
debiancve
debiancve
CVE-2014-0160
2014-04-07 22:55:03
cert
cert
cisco
cisco
OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products
2014-04-09 03:00:00
OpenSSL TLS/DTLS Heartbeat Information Disclosure Vulnerability
2014-04-08 14:39:29
qt
qt
Heartbleed Bug (CVE-2014-0160) and Qt
2014-04-10 00:00:00
myhack58
myhack58
oraclelinux
oraclelinux
openssl security update
2014-04-07 00:00:00
hackerone
hackerone
Concrete CMS: https://concrete5.org ::: HeartBleed Attack (CVE-2014-0160)
2014-04-08 11:01:31
Internet Bug Bounty: TLS heartbeat read overrun
2014-04-05 23:51:06
Mail.ru: scfbp.tng.mail.ru: Heartbleed
2015-02-25 07:49:11
veracode
veracode
Information Disclosure Through Buffer Over-read
2019-01-15 09:00:11
malwarebytes
malwarebytes
Five years later, Heartbleed vulnerability still unpatched
2019-09-12 15:00:00
debian
debian
[SECURITY] [DSA 2896-1] openssl security update
2014-04-07 21:36:46
[SECURITY] [DSA 2896-2] openssl security update
2014-04-08 13:47:13
[SECURITY] [DSA 2896-2] openssl security update
2014-04-08 13:47:13
freebsd
freebsd
OpenSSL -- Remote Information Disclosure
2014-04-07 00:00:00
intel
intel
Multiple Intel Software Products and API Services impacted by CVE-2014-0160
2014-04-30 00:00:00
osv
osv
openssl - security update
2014-04-07 00:00:00
prion
prion
Buffer overflow
2014-04-07 22:55:00
symantec
symantec
openssl
openssl
Vulnerability in OpenSSL CVE-2014-0160
2014-04-07 00:00:00