kurtis.fleming Posted February 19, 2019 Share Posted February 19, 2019 Link to community article in question: https://community.jaspersoft.com/questions/1100966/security-finding-cve-2018-5382-jasperreportsWe are currently seeking approval from our security team for Jaspersoft Studio 6.4.2 to bypass the web gateways and connect direct. be carried out until we can confirm that the security finding CVE-2018-5382 has been addressed.Do the patch notes of JS 6.4.2 (or previous versions if addressed some time ago) that is intended for deployment contain explicit reference to CVE-2018-5382?What version of org.bouncycastle:bcprov-jdk15on:XX is used with Jaspersoft 6.4.2?Thanks. Link to comment Share on other sites More sharing options...
hozawa Posted February 19, 2019 Share Posted February 19, 2019 AFIK, there's no security patches for community versions. You'll need to purchase commercial version. Link to comment Share on other sites More sharing options...
kurtis.fleming Posted February 20, 2019 Author Share Posted February 20, 2019 We currently have the Commercial version, through our subscription to CA PPM SaaS. Can you please advise on the above query, and what security patches have been applied? Link to comment Share on other sites More sharing options...
kurtis.fleming Posted February 20, 2019 Author Share Posted February 20, 2019 We currently have the Commercial version, through our subscription to CA PPM SaaS. Can you please advise on the above query, and what security patches have been applied? Link to comment Share on other sites More sharing options...
djohnson53 Posted February 20, 2019 Share Posted February 20, 2019 If you have a support contract with TIBCO, you should raise this issue with them. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now