JAVA vulnerabilities in ALM 12.21 servers

Question ID: 109982
0
0
We were asked to resolve the below vulnerabilities in ALM servers and we are using ALM 12.21. <br />Can you please provide help us resolve this?<br /><br /><em>vulnerability.ref_sn_vul_third_party_entry.u_plugin_info vulnerability.ref_sn_vul_third_party_entry.severity</em><br /><em>141800 (445/6) Oracle Java SE 1.7.0_281 / 1.8.0_271 / 1.11.0_9 / 1.15.0_1 Multiple Vulnerabilities (Oct 2020 CPU) Medium</em><br /><em>55958 (445/6) Oracle Java JRE Unsupported Version Detection Critical</em><br /><em>57290 (445/6) Oracle Java JDK / JRE 6 &lt; Update 30 Multiple Vulnerabilities Critical</em><br /><em>118228 (445/6) Oracle Java SE Multiple Vulnerabilities (October 2018 CPU) Medium</em><br /><em>141800 (445/6) Oracle Java SE 1.7.0_281 / 1.8.0_271 / 1.11.0_9 / 1.15.0_1 Multiple Vulnerabilities (Oct 2020 CPU) Medium</em>
Marked as spam
Posted by (Questions: 79, Answers: 4)
Asked on January 15, 2021 10:31 am
8 views
Answers (1)
1
Private answer

ALM/QC 12.21 does NOT allow you to change the JAVA version that it is installed with, BUT, starting with ALM/QC version 12.60 and later, the CUSTOMER is required to install their OWN version of JAVA BEFORE installing ALM/QC.

So, you can use whatever version/flavor of JAVA you want (as long as it is supported).

JAVA Versions supported with 12.6:
 https://admhelp.microfocus.com/alm/specs/alm-qc-system-requirements.htm#ALM1260

All supported ALM/QC versions:
https://admhelp.microfocus.com/documents/alm/alm-system-requirements/alm-qc-system-requirements.htm

We highly suggest you upgrade to ALM/QC 12.6 or later.

Marked as spam
Posted by (Questions: 3, Answers: 476)
Answered on January 15, 2021 10:32 am