We have a JIRA 7.7.0 instance running on RHEL 7 server. In Nessus Security Center, we are showing several vulnerabilities related to the JRE that is bundled with JIRA. The current Java version is 1.8.0_102, which Nessus is complaining about. My question is, can we safely replace the bundled JRE with a more up to date version to keep our system in compliance? If not, is there a timeline on updating JIRA to use a more recent version of Java?
Dear @Scott King,
I have over the past decade never used any bundled Java version and I had never any problems.
I think, it is save to update the JRE. But best practice in such situations (like OS Upgrade, JRE or DB Changes) - always perform these changes to a staging environment, first.
And: Read the release notes. Sometimes special JRE versions are excluded due to known issues.
So long
Thomas
Dear @Scott King,
was my answer fine enough to be accepted? Do you need more information?
Many thanks
Thomas
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.