升級原因
存儲庫管理器缺少訪問控制RCE,有遭受遠程攻擊風險
下載最新NEXUS_REPOSITORY_MANAGER
或者
https://help.sonatype.com/repomanager3/download
檢查比較配置信息是否需要修改
Compare the nexus-3.2.0-01/bin/nexus.vmoptions file with your existing version.
If you changed the default location of the Data Directory, then edit ./bin/nexus.vmoptions and change the line -Dkaraf.data=../sonatype-work/nexus3 to point to your existing data directory. Example: -Dkaraf.data=/app/nexus3/data
If you changed the default location of the temporary directory, then edit ./bin/nexus.vmoptions and replace the line -Djava.io.tmpdir=../sonatype-work/nexus3/tmp to point to your preferred temporary directory.
If you adjusted the default Java virtual machine max heap memory, then edit ./bin/nexus.vmoptions and edit the line -Xmx1200M accordingly.
If you have enabled jetty HTTPS access, make sure your etc/jetty/jetty-https.xml SSL keystore location is still available to the new install.
If you manually adjusted any other install files under ./etc you will need to manually perform a diff between the old files and the new files and apply your changes if applicable to the new version.
啓動新的nexus-3.30.0
舊的nexus 執行 ./nexus stop
新的nexus 執行 ./nexus start