Uploaded image for project: 'SET - Setups'
  1. SET - Setups
  2. SET-148

Setup should remove older Jetty release if newer release is used

    XMLWordPrintable

Details

    • Feature
    • Status: Released (View Workflow)
    • Major
    • Resolution: Fixed
    • None
    • 1.12.6
    • None

    Description

      Current Situation
      The Setup of the JOC Cockpit is already updated to install the latest Jetty Version 9.4.12.v20180830 due to security vulnerability.

      When installing a JOC Cockpit over a previous installation old libraries of Jetty 9.3.x are not removed and results in duplicated libraries with different versions present in the file system. This behavior only occurs in 1.12.5. In the JOC 2.0-SNAPSHOT old Jetty libraries are removed correctly.

      Desired Behavior
      After installing JOC Cockpit over a previous installation no duplicated libraries should be present.

      Workaround
      Delete JOC_HOME/jetty folder manually before startig the installer

      Maintainer Note
      The Jetty Version 9.4.12.v20180830 has a new module for logging (console-capture) which is not compatible with the previous module logging.

      Attachments

        Issue Links

          requires

          Fix - JOC-521 Update Jetty version to 9.4.12 due to 3rd party vulnerability issues in Jetty (CVE-2018-12538, CVE-2018-12536, CVE-2017-7658, CVE-2017-7657, CVE-2017-7656)

          • Blocker - Blocks development and/or testing work, production could not run.
          • Released

          Activity

            People

              oh Oliver Haufe
              sp Santiago Aucejo Petzoldt
              Santiago Aucejo Petzoldt Santiago Aucejo Petzoldt
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: