How to patch Hipchat Server for CVE-2015-7547

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

プラットフォームについて: Server および Data Center のみ。この記事は、Server および Data Center プラットフォームのアトラシアン製品にのみ適用されます。

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Fisheye および Crucible は除く

This version of Hipchat Server is no longer supported

This article applies to a version of Hipchat Server which is beyond the Atlassian End of Life policy, and is no longer supported.

When was my version deprecated?

The following versions have been deprecated:

  • Hipchat Server 1.3 (EOL Date: Aug 17, 2017)

The following versions will be deprecated soon:

  • Hipchat Server 2.0 (EOL Date: Jun 17, 2018)
  • Hipchat Server 2.1 (EOL Date: Dec 8, 2018)
  • Hipchat Server 2.2 (EOL Date: May 30, 2019)

You can read more about Atlassian's End of Life policy here

You should upgrade to a more recent version of Hipchat Server as soon as you can to take advantage of new features, and security and bug fixes. If possible, you should also consider deploying Hipchat Data Center instead.

目的

To describe the proper method of patching Hipchat Server for the CVE-2015-7547 vulnerability.

Note that Hipchat Server version 2.0 build 1.4.1 is available as a Production Release and already includes the resolution for the issue described on this page.

(Please Watch the Hipchat Server Release Notes page to be informed of new releases).

These instructions are for patching build 1.3.7 or 1.3.4 if you are unable to use beta releases by policy. 

ソリューション

This patch requires restarting the Hipchat Server virtual machine to fully apply changes.

This has only been verified against Hipchat Server v1.3.7 and v1.3.4.

Please see Upgrading Hipchat Server to determine the current Hipchat Server version and steps to upgrade, if necessary.

  1. Back up the Hipchat Server 
  2. Log into the Hipchat Server terminal/command-line interface
  3. Copy and execute the following command to download and apply the patch:

    sudo dont-blame-hipchat -c \
    "wget https://s3.amazonaws.com/hipchat-server-stable/utils/cve-2015-7547/cve-2015-7547-patch.sh; \
    chmod +x cve-2015-7547-patch.sh; \
    ./cve-2015-7547-patch.sh"
  4. Reboot the Hipchat Server virtual machine to fully apply the changes

 

最終更新日 2018 年 11 月 2 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.