Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

how to perform the Confluence Security Advisory - 2021-08-25 when confluence is running in docker?

Admin Flanders Make
Admin Flanders Make
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 6, 2021

Hello,

how to perform the Confluence Security Advisory - 2021-08-25 when confluence is running in docker?

thank you

 

Answer
Watch
Like Be the first to like this
575 views

1 answer

0 votes
Mohit Dhir
Mohit Dhir September 6, 2021

Hi,

We were in same situation and ended up in upgrading the app.

There seems no way to stop the confluence app from within the container . if you try to kill the process also it will destroy docker. Else it would have been simple to login to the container, wget the file, execute it and start the container.

 

ofcourse you would need to do it again incase you have to stop-start  the container. But as I said there is not good way to stop the application in the container. it was not an option for us. Let me know if you find any.

 

Second option which I though but did not spend much time was to create a custom image based on the Atlassian image and then run the commands which basically gets the sh file and execute it with right user and permission. may be you could give this a try.

 

My suggestion still would be to upgrade to 7.13.0 which is LTS. It is the latest version and also have some bundled applications and features like Confluence calendar, Analytics and personal token support 

View More Comments
Kishan Sharma
Kishan Sharma
Community Champion
September 6, 2021

That's very useful, thank you Mohit

Like
Admin Flanders Make
Admin Flanders Make
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 7, 2021

Hi Mohit,

This is what i recieved from atlassian support concerning our docker install:

For Docker you will need to run the script inside the container as the installation directory is not normally mounted on the host system. The container must alaso be running to gain access then you can restart after it's applied.

You can access you container with:

docker exec -it my_container /bin/bash

You can install wget if it's not installed and download that way or copy the file to the container with docker cp - docker cp - Docker Documentation.

Although there are a few things to be aware of with Docker. You will need to make sure you on start/stop/restart your container because if it's rebuilt from the image with docker run for example the mitigation script will need to be re-applied.

That is why we strongly advise to upgrade if using Docker to avoid any issue. Also remember to run the script as the same user who runs the Confluence service as per below.

Confluence Server or Data Center Node running on Linux based Operating System...

  1. Shut down Confluence.
    1. copy the script to the container or download it after accessing the container shell
  2. Access the container shell
  3. Edit the cve-2021-26084-update.sh file and set INSTALLATION_DIRECTORY to your Confluence installation directory, for example:

INSTALLATION_DIRECTORY=/opt/atlassian/confluence

  1. Save the file.
  2. Give the script execute permission.

chmod 700 cve-2021-26084-update.sh

  1. Change to the Linux user that owns the files in the Confluence Installation directory, for example:

7.  $ ls -l /opt/atlassian/confluence | grep bin8.  drwxr-xr-x 3 root root 4096 Aug 18 17:07 bin9.   10.# In this first example, we change to the 'root' user to run the workaround script$ sudo su root$ ls -l /opt/atlassian/confluence | grep bindrwxr-xr-x 3 confluence confluence 4096 Aug 18 17:07 bin # In this second example, we need to change to the 'confluence' user to run the workaround script$ sudo su confluence

  1. Run the workaround script.

$ ./cve-2021-26084-update.sh

  1. The expected output should confirm up to five files updated and end with:

Update completed!

    • The number of files updated will differ, depending on your Confluence version.
  2. Start Confluence.
  3. If you run Confluence in a cluster, make sure you run this script on all of your nodes.
Like # people like this
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
SERVER
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.