This is the patch instructions for the security bug JRA-16072

		http://jira.atlassian.com/browse/JRA-16072										
		http://confluence.atlassian.com/pages/viewpage.action?pageId=177340733

	NOTES : 
	
	This patch upgrades the version of DWR in use.  To be sure it works without fail,
	please remove the old version of DWR which is 'WEB-INF/classes/lib/dwr-1.1.4.jar'
	
	WINDOWS USERS : Do not use the built in Windows ZIP extractor to apply this patch!

	By default it replaces all the files in a directory instead of merging the files in.
	If this happens, JIRA will not be able to work correctly.  Use another zip tool such
	as WinZip or 7-Zip.
	
	
	
	How to apply this patch
	==========================
	
	Before applying the patch file, make a copy of your JIRA web application directory in case
	things go wrong.  This will allow you to more easily back out any changes.
	
	If you are using the Standalone distribution of JIRA:
			
	1. Download the file jra-16072-3.12.3-patch.zip
	2. Expand the zip file into  <jira_install_dir>/atlassian-jira/ overwriting the files there
	3. Restart JIRA													


	If you are using the WAR distribution of JIRA:

	1. Download the file jra-16072-3.12.3-patch.zip
	2. Expand the zip file to <jira_install_dir>/webapp overwriting the files there
	3. Run 'build.sh clean' on unix or 'build.bat clean' on windows
	4. Run 'build.sh' on unix or 'build.bat' on windows
	5. Redeploy the JIRA web app into your application server


	The patch zip file contains the following files :
	
Archive:  jra-16072-3.12.3-patch.zip
  Length     Date   Time    Name
 --------    ----   ----    ----
      891  12-14-08 11:49   WEB-INF/dwr.xml
    27170  12-15-08 11:49   WEB-INF/web.xml
    18721  12-14-08 11:49   WEB-INF/classes/system-webresources-plugin.xml
      667  12-14-08 11:49   WEB-INF/classes/com/atlassian/jira/web/util/JiraPicoDWRCreator.class
     1072  12-14-08 11:49   WEB-INF/classes/com/atlassian/jira/web/util/dwr/JiraDWREngineHandler.class
     1232  12-14-08 11:49   WEB-INF/classes/com/atlassian/jira/web/util/dwr/JiraDWREngineHandler$DwrFixupNonCachingResponseWrapper.class
     9078  12-14-08 11:49   WEB-INF/classes/com/atlassian/jira/web/dwr/AjaxIssuePicker.class
     3266  12-14-08 11:49   WEB-INF/classes/com/atlassian/jira/issue/search/parameters/lucene/HistorySearchParameter.class
     1960  12-14-08 11:49   WEB-INF/classes/com/atlassian/jira/issue/fields/renderer/wiki/JiraRendererConfiguration.class
     1702  12-14-08 11:49   WEB-INF/classes/com/atlassian/jira/bc/issue/search/LuceneCurrentSearchIssuePickerSearchProvider.class
   502402  12-14-08 11:49   WEB-INF/lib/dwr-2.0.5.jar
 --------                   -------
   568161                   11 files