In the Administrative Console, click the Lock & Edit button and navigate to Deployments. Scroll to the bottom of the User Preferences screen and deselect Automatically Acquire Lock and Activate Changes. Select the Preferences link at the top of the Admin console. To deploy the JasperReports Server WAR file in WebLogic (based on Install Guide): jasperserver-pro.warĭeploying the JasperReports Server WAR file in WebLogic Repackage the jasperserver-pro.war file, using commands such as the following: JRS 7.5.2 has a different version of Log4j, (2.12.1).Īdd the following files (Jar download location is also provided) Notes: The files listed above are applicable to JRS version 7.8.1, 7.9.1, and 8.0.0. For example, enter these commands to use the Java jar tool: Using the Java jar tool or an unzip tool, unpack the jasperserver-pro.war file. Perform the following steps to patch the war file for any Application Servers. WebLogic and WebSphere Deploying from the Administrative Consoleĭeploying from the Administrative Console requires changes to the original war file. var/lib/tomcat8/webapps/jasperserver-pro/WEB-INF/lib. Find jars under /var/lib/tomcat/webapps/jasperserver-pro/WEB-INF/lib. Locate the application server under /var/lib/tomcat/ and follow Tomcat steps above. standalone/deployments/jasperserver-pro.war/WEB-INF/libĪdd the following files (Jar download location is also provided):įor JBoss and Wildfly application servers, change the reference of Log4j jar versions from 2.13.3 to 2.17.1 in jboss-deployment-structure.xml.Ĭ:\jboss\standalone\deployments\jasperserver-pro.war\META-INFĬ:\wildfly1910\standalone\deployments\jasperserver-pro.war\META-INFĪWS Marketplace and QuickStart deployment jboss-eap-7.2/standalone/deployments/jasperserver-pro.war/WEB-INF/libįor Wildfly 18/19, the location of log4j files is: JRS 7.5.2 has a different version of Log4j, (2.12.1).įor JBoss EAP 7.2.0, the location of log4j files is: The files listed above are applicable to JRS version 7.8.1, 7.9.1, and 8.0.0. (for example: c:\apache-tomcat\webapps\jasperserver-pro\WEB-INF\lib) (for example: c:\apache-tomcat\webapps\jasperserver-pro\*.*).ĭelete the following files from the library folder TIBCO will update this information if there is any impact. Note that updating the JARs should not have any impact on Jaspersoft product functionality. To disable the compromised functionality for JasperReports Server, perform the following steps: *For these Jaspersoft products, customers are responsible for updating libraries for their applications. The following Jaspersoft products are not affected by the Apache Log4J vulnerability: Important Note: The following JDBC datasources will stop working when these drivers are removed:įor additional information on Neo4j CVE mitigation, see. Third-party drivers with vulnerable libraries (instructions for manually removing these libraries are provided in the next section): TIBCO Jaspersoft products/versions with vulnerable Log4j code:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |