OLD Portal 6.2.1 CE GA2 -- > any FixPack for CVE-2020-7961 (RCE json api) ?OLD Portal 6.2.1 CE GA2 -- > any FixPack for CVE-2020-7961 (RCE json api) ?https://liferay.dev/en/c/message_boards/find_thread?p_l_id=119785333&threadId=1211718062024-03-29T11:27:02Z2024-03-29T11:27:02ZRE: OLD Portal 6.2.1 CE GA2 -- > any FixPack for CVE-2020-7961 (RCE json apOlaf Kockhttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785333&messageId=1211730182021-09-28T16:04:01Z2021-09-28T16:02:29Z<p>if that CVE is included in a patch, it will only be on the latest
available GA on any version. E.g. check <a href="https://liferay.dev/blogs/-/blogs/security-patches-for-liferay-portal-6-2-7-0-and-7-1">https://liferay.dev/blogs/-/blogs/security-patches-for-liferay-portal-6-2-7-0-and-7-1</a></p>
<p>At a minimum, you'll have to be on 6.2 GA6</p>
<p>Another resource to check is <a href="https://portal.liferay.dev/learn/security/known-vulnerabilities">https://portal.liferay.dev/learn/security/known-vulnerabilities</a></p>Olaf Kock2021-09-28T16:02:29ZOLD Portal 6.2.1 CE GA2 -- > any FixPack for CVE-2020-7961 (RCE json api) ?James Rondhttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785333&messageId=1211718052021-10-04T17:24:42Z2021-09-27T19:59:36Z<p>Hello,</p>
<p>I have in my company's network an old <u>production server</u>
<strong>running Liferay Portal CE 6.2.1 GA2</strong>, which
<u>cannot</u> (currently) be migrated to a new version.</p>
<p> </p>
<p>
<strong>I'm asking if there is a Fix Pack for</strong> the<u> Remote
Code Execution vulnerability CVE-2020-7961</u> (Json API
Deserialization one) which concerns me the most, or if the only way is