How to apply this patch
==========================

Before applying the patch file, make a copy of your JIRA web application directory in case things go wrong.  This will allow you to more easily back out any changes.

If you are using JIRA Standalone please do the following:

1. Download the file jira_3_10_xss_patch.zip
2. Expand the zip file into  <jira_install_dir>/atlassian-jira/ overwriting the files there
3. Restart JIRA

If you are using the WAR distribution of JIRA:

1. Download the file jira_3_10_xss_patch.zip
2. Expand the zip file to <jira_install_dir>/webapp overwriting the files there
3. Run 'build.sh clean' on unix or 'build.bat clean' on windows
4. Run 'build.sh' on unix or 'build.bat' on windows
5. Redeploy the JIRA web app into your application server

The patch zip file contains the following files :

  Length     Date   Time    Name
 --------    ----   ----    ----
    18331  12-13-07 08:35   500page.jsp
        0  12-13-07 08:35   views/
    10102  12-13-07 08:35   views/setup.jsp
     3777  12-13-07 08:35   views/setup3.jsp
     2502  12-13-07 08:35   views/setup-import.jsp
     1981  12-13-07 08:35   views/setup2.jsp
     1683  12-13-07 08:35   views/setup2-existingadmins.jsp
        0  12-13-07 08:35   WEB-INF/
        0  12-13-07 08:35   WEB-INF/classes/
        0  12-13-07 08:35   WEB-INF/classes/com/
        0  12-13-07 08:35   WEB-INF/classes/com/atlassian/
        0  12-13-07 08:35   WEB-INF/classes/com/atlassian/jira/
        0  12-13-07 08:35   WEB-INF/classes/com/atlassian/jira/web/
        0  12-13-07 08:35   WEB-INF/classes/com/atlassian/jira/util/
        0  12-13-07 08:35   WEB-INF/classes/com/atlassian/jira/web/servlet/
        0  12-13-07 08:35   WEB-INF/classes/com/atlassian/jira/web/action/
     4586  12-13-07 08:35   WEB-INF/classes/com/atlassian/jira/web/servlet/ViewAttachmentServlet.class
        0  12-13-07 08:35   WEB-INF/classes/com/atlassian/jira/web/action/setup/
        0  12-13-07 08:35   WEB-INF/classes/com/atlassian/jira/web/action/filter/
    12809  12-13-07 08:35   WEB-INF/classes/com/atlassian/jira/web/action/setup/Setup.class
    11379  12-13-07 08:35   WEB-INF/classes/com/atlassian/jira/web/action/filter/ManageFilters.class
     3254  12-13-07 08:35   WEB-INF/classes/com/atlassian/jira/util/JiraUtils.class
 --------                   -------
    70404                   22 files

If you have installed JIRA after the patch was produced (13 December 2007) then you may encounter a problem where your application server does not update the compiled
version of the JSP files.  You will need to delete the "working" directory that your application server uses to compile JSP pages.  On Tomcat, this is the "work" directory.