Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1357595 - Security Patch level of jboss-webserver-3/webserver30-tomcat8-openshift
Summary: Security Patch level of jboss-webserver-3/webserver30-tomcat8-openshift
Keywords:
Status: CLOSED DEFERRED
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Image
Version: 3.2.1
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: ---
Assignee: kconner
QA Contact: Wang Haoran
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-07-18 15:29 UTC by Miheer Salunke
Modified: 2016-10-20 10:44 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-07-18 17:36:51 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
JBoss Issue Tracker CLOUD-852 Blocker Closed Security Patch level of jboss-webserver-3/webserver30-tomcat8-openshift 2016-10-20 10:55:53 UTC

Description Miheer Salunke 2016-07-18 15:29:03 UTC
Description of problem:

The provided version of tomcat 8 -
 (8.0.18-25_patch_00.ep7.el7.-patch-00) has known security issues.
The used image was  jboss-webserver-3/webserver30-tomcat8-openshift.

There are newer versions available of tomcat. The latest was 
tomcat8-8.0.18-61_patch_01.ep7.el7 from Arpil 2016. 
Could you please upgrade the tomcat8 image to the newest patchlevel.

Version-Release number of selected component (if applicable):

jboss-webserver-3/webserver30-tomcat8-openshift
Openshift version  3.1.1.6-64

How reproducible:
Always

Steps to Reproduce:
1.mentioned in the description
2.
3.

Actual results:

jboss-webserver-3/webserver30-tomcat8-openshift has (8.0.18-25_patch_00.ep7.el7.-patch-00) which has known security issues.

Expected results:

jboss-webserver-3/webserver30-tomcat8-openshift shall have 
tomcat8-8.0.18-61_patch_01.ep7.el7 from Arpil 2016 a newer version

Additional info:

Comment 3 JBoss JIRA Server 2016-10-20 10:44:25 UTC
Marek Goldmann <mgoldman@redhat.com> updated the status of jira CLOUD-852 to Closed


Note You need to log in before you can comment on or make changes to this bug.