<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Thu Feb 08 23:27:17 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[FOLIO-3327] Upgrade FOLIO Confluence to address new security vulnerability</title>
                <link>https://folio-org.atlassian.net/browse/FOLIO-3327</link>
                <project id="10290" key="FOLIO">FOLIO</project>
                    <description>&lt;p&gt;Atlassian has reported a new security vulnerability in Confluence that they have classified as &quot;critical&quot;.  &lt;a href=&quot;https://confluence.atlassian.com/security/multiple-products-security-advisory-unrendered-unicode-bidirectional-override-characters-cve-2021-42574-1086419475.html?subid=1527911294&amp;amp;jobid=105251298&amp;amp;utm_campaign=multiple-products-advisory_november-2021_EML-11738&amp;amp;utm_medium=email&amp;amp;utm_source=alert-email&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://confluence.atlassian.com/security/multiple-products-security-advisory-unrendered-unicode-bidirectional-override-characters-cve-2021-42574-1086419475.html?subid=1527911294&amp;amp;jobid=105251298&amp;amp;utm_campaign=multiple-products-advisory_november-2021_EML-11738&amp;amp;utm_medium=email&amp;amp;utm_source=alert-email&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Will require upgrading Confluence to the latest fixed version. &lt;/p&gt;</description>
                <environment></environment>
        <key id="82104">FOLIO-3327</key>
            <summary>Upgrade FOLIO Confluence to address new security vulnerability</summary>
                <type id="10003" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium">Task</type>
                                            <priority id="10001" iconUrl="https://dev.folio.org/assets/jira-priority/jira-p2.svg">P2</priority>
                        <status id="6" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="green"/>
                                    <resolution id="10003">Done</resolution>
                                                        <assignee accountid="5ced27478b03050f27825a93">Peter Murray</assignee>
                                                                <reporter accountid="5f9abc1eb45b2e007453f423">John Malconian</reporter>
                                    <labels>
                    </labels>
                <created>Tue, 2 Nov 2021 13:47:59 +0000</created>
                <updated>Sun, 7 Nov 2021 19:18:45 +0000</updated>
                            <resolved>Sun, 7 Nov 2021 19:18:35 +0000</resolved>
                                                                        <due></due>
                            <votes>0</votes>
                                    <watches>4</watches>
                                                                <comments>
                                                            <comment id="196830" author="5ced27478b03050f27825a93" created="Fri, 5 Nov 2021 19:35:30 +0000"  >&lt;p&gt;Ah, nuts...I didn&apos;t see this until now.&#160; Have you had a chance to look at it, Malc?&#160; If not, I&apos;ll try to sneak it in this weekend.&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;</comment>
                                                            <comment id="196832" author="5f9abc1eb45b2e007453f423" created="Fri, 5 Nov 2021 20:12:17 +0000"  >&lt;p&gt;I haven&apos;t been able to get to this, this week, &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5ced27478b03050f27825a93&quot; class=&quot;user-hover&quot; rel=&quot;5ced27478b03050f27825a93&quot; data-account-id=&quot;5ced27478b03050f27825a93&quot; accountid=&quot;5ced27478b03050f27825a93&quot; rel=&quot;noreferrer&quot;&gt;Peter Murray&lt;/a&gt;.    I did upgrade FOLIO Jira, however, and I did spend some time renewing/upgrading all the Confluence plugins in preparation for the Confluence upgrade.    If I&apos;m not mistaken we should upgrade from 7.8.0 to 7.13.2 which is the latest LTS patch revision.    Before shutting down Confluence and beginning the upgrade, the SSO for Atlassian Datacenter plugin should be disabled.   It can be re-enabled and updated post-upgrade.   If you don&apos;t get to the upgrade this weekend,  I can do it early next week.    Should be a fairly painless upgrade (famous last words).  &lt;/p&gt;</comment>
                                                            <comment id="196834" author="5f9abc1eb45b2e007453f423" created="Fri, 5 Nov 2021 20:14:59 +0000"  >&lt;p&gt;We should also use this opportunity to apply latest AL2 updates ( sudo yum update) and reboot the instance. &lt;/p&gt;</comment>
                                                            <comment id="196835" author="5ced27478b03050f27825a93" created="Sun, 7 Nov 2021 18:42:57 +0000"  >&lt;p&gt;Restarted server, but Confluence crashed with an out-of-heap-space error.&#160; Edited &lt;tt&gt;/opt/Confluence/bin/setenv.sh&lt;/tt&gt; to raise both &lt;tt&gt;Xms&lt;/tt&gt; and &lt;tt&gt;Xmx&lt;/tt&gt; to &quot;1536m&quot; (both were at 1024m previously).&lt;/p&gt;

&lt;p&gt;Now seeing:&lt;/p&gt;

&lt;div class=&quot;code panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;codeContent panelContent&quot;&gt;
&lt;pre class=&quot;code-java&quot;&gt;
2021-11-07 18:25:15,416 INFO [Catalina-utility-1] [confluence.upgrade.recovery.ConfluenceProgressMonitor] begin TABLE_DATA: [scheduler_run_details]
2021-11-07 18:25:59,813 WARN [C3P0PooledConnectionPoolManager[identityToken-&amp;gt;2tam8rak1xtkx6qdrju30|10adf096]-AdminTaskTimer] [mchange.v2.async.ThreadPoolAsynchronousRunner] log com.mchange.v2.async.ThreadPoolAsynchronousRunner$DeadlockDetector@6306fb76 -- APPARENT DEADLOCK!!! Creating emergency threads &lt;span class=&quot;code-keyword&quot;&gt;for&lt;/span&gt; unassigned pending tasks!
2021-11-07 18:26:11,028 WARN [C3P0PooledConnectionPoolManager[identityToken-&amp;gt;2tam8rak1xtkx6qdrju30|10adf096]-AdminTaskTimer] [mchange.v2.async.ThreadPoolAsynchronousRunner] log com.mchange.v2.async.ThreadPoolAsynchronousRunner$DeadlockDetector@6306fb76 -- APPARENT DEADLOCK!!! Complete Status:
	Managed Threads: 3
	Active Threads: 3
	Active Tasks:
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@7802d438
			on thread: C3P0PooledConnectionPoolManager[identityToken-&amp;gt;2tam8rak1xtkx6qdrju30|10adf096]-HelperThread-#0
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@611e8af
			on thread: C3P0PooledConnectionPoolManager[identityToken-&amp;gt;2tam8rak1xtkx6qdrju30|10adf096]-HelperThread-#1
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@1a8e7f07
			on thread: C3P0PooledConnectionPoolManager[identityToken-&amp;gt;2tam8rak1xtkx6qdrju30|10adf096]-HelperThread-#2
	Pending Tasks:
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@6c4f2c25
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@2829680
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@bdf52ef
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@62c062d4
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@77fb44ad
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@61dbea44
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@106284ba
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@71d582a0
		com.mchange.v2.resourcepool.BasicResourcePool$1RefurbishCheckinResourceTask@5ca66e1b
		com.mchange.v2.resourcepool.BasicResourcePool$1DestroyResourceTask@62912601
		com.mchange.v2.resourcepool.BasicResourcePool$1DestroyResourceTask@665229bd
		com.mchange.v2.resourcepool.BasicResourcePool$1DestroyResourceTask@3bcf6755
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@54760081
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@3fbc8520
		com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask@48545cab
		com.mchange.v2.resourcepool.BasicResourcePool$1RefurbishCheckinResourceTask@8e17f3b
&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;

&lt;p&gt;Upped the heap spaces to 2048m each.  Now getting a different error:&lt;/p&gt;

&lt;p&gt;&lt;span class=&quot;image-wrap&quot; style=&quot;&quot;&gt;&lt;a id=&quot;64410_thumb&quot; href=&quot;/rest/api/3/attachment/content/64410&quot; title=&quot;screenshot-1.png&quot; file-preview-type=&quot;image&quot; file-preview-id=&quot;64410&quot; file-preview-title=&quot;screenshot-1.png&quot;&gt;&lt;jira-attachment-thumbnail url=&quot;https://folio-org.atlassian.net/rest/api/3/attachment/thumbnail/64410?default=false&quot; jira-url=&quot;https://folio-org.atlassian.net/rest/api/3/attachment/thumbnail/64410&quot; filename=&quot;screenshot-1.png&quot;&gt;&lt;img src=&quot;https://folio-org.atlassian.net/rest/api/3/attachment/thumbnail/64410&quot; data-attachment-name=&quot;screenshot-1.png&quot; data-attachment-type=&quot;thumbnail&quot; data-media-services-id=&quot;71b24f6e-a614-4968-8fc3-12e72c5bd4ca&quot; data-media-services-type=&quot;file&quot; style=&quot;border: 0px solid black&quot; /&gt;&lt;/jira-attachment-thumbnail&gt;&lt;/a&gt;&lt;/span&gt; &lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;Upgrade failed. Please consult the system logs for details. You will need to fix these problems, restore your database and confluence home directory to the pre upgrade state. Then retry the upgrade. Upgrade error message: Upgrade task &lt;/p&gt;

&lt;p&gt;com.atlassian.confluence.upgrade.upgradetask.DenormalisedSpacePermissionsUpgradeTask@7cf327bb failed during the SCHEMA_UPGRADE phase due to: StatementCallback; uncategorized SQLException for SQL &lt;span class=&quot;error&quot;&gt;&amp;#91;CREATE TRIGGER denormalised_space_trigger_on_update AFTER UPDATE ON SPACES FOR EACH ROW sp: BEGIN DECLARE isServiceDisabled BOOL DEFAULT TRUE; CALL space_procedure_for_denormalised_permissions(isServiceDisabled); IF (isServiceDisabled) THEN LEAVE sp; END IF; IF (NEW.LOWERSPACEKEY = OLD.LOWERSPACEKEY) THEN LEAVE sp; END IF; INSERT INTO DENORMALISED_SPACE_CHANGE_LOG(SPACE_ID) VALUES (NEW.SPACEID); END;&amp;#93;&lt;/span&gt;; SQL state &lt;span class=&quot;error&quot;&gt;&amp;#91;HY000&amp;#93;&lt;/span&gt;; error code &lt;span class=&quot;error&quot;&gt;&amp;#91;1419&amp;#93;&lt;/span&gt;; You do not have the SUPER privilege and binary logging is enabled (you &lt;b&gt;might&lt;/b&gt; want to use the less safe log_bin_trust_function_creators variable); nested exception is java.sql.SQLException: You do not have the SUPER privilege and binary logging is enabled (you &lt;b&gt;might&lt;/b&gt; want to use the less safe log_bin_trust_function_creators variable)&lt;/p&gt;&lt;/blockquote&gt;</comment>
                                                            <comment id="196838" author="5ced27478b03050f27825a93" created="Sun, 7 Nov 2021 19:18:17 +0000"  >&lt;p&gt;Ah, apparently a known issue: &lt;span class=&quot;error&quot;&gt;&amp;#91;Install/Upgrade Confluence 7.11+ fails with error - You do not have the SUPER privilege and binary logging is enabled | Confluence | Atlassian Documentation|https://confluence.atlassian.com/confkb/install-upgrade-confluence-7-11+-fails-with-error-you-do-not-have-the-super-privilege-and-binary-logging-is-enabled-1044096915.html&amp;#93;&lt;/span&gt;&lt;/p&gt;

&lt;p&gt;At the prompting of Confluence on first login (&quot;Tomcat config is incorrect&quot;), also needed to change the Tomcat &lt;tt&gt;server.xml&lt;/tt&gt; file to know about the NGINX proxy: &lt;a href=&quot;https://confluence.atlassian.com/confkb/can-t-check-base-url-warning-in-confluence-6-6-or-later-939718433.html&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;Can&apos;t check base URL warning in Confluence 6.6 or later&lt;/a&gt; and &lt;span class=&quot;error&quot;&gt;&amp;#91;How to use NGINX to proxy requests for Confluence | Confluence | Atlassian Documentation|https://confluence.atlassian.com/confkb/how-to-use-nginx-to-proxy-requests-for-confluence-313459790.html&amp;#93;&lt;/span&gt;&lt;/p&gt;

&lt;p&gt;After Confluence upgrade, also upgraded plugins:&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;Atlassian SSO&lt;/li&gt;
	&lt;li&gt;Atlassian Universal Plugin Manager Plugin&lt;/li&gt;
	&lt;li&gt;Confluence Unknown Attachment Reconcilliation Plugin&lt;/li&gt;
&lt;/ul&gt;
</comment>
                    </comments>
                    <attachments>
                            <attachment id="64410" name="screenshot-1.png" size="452599" author="5ced27478b03050f27825a93" created="Sun, 7 Nov 2021 18:40:47 +0000"/>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10057" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Development Team</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10155"><![CDATA[FOLIO DevOps]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10063" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>PO Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|i03m13:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="283">DevOps Sprint 126</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10024" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>[CHART] Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Fri, 5 Nov 2021 19:35:30 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10025" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>[CHART] Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>