I am currently testing ePO 5.12 from a ePO 5.11 server. The ePO 5.11 server has the KB1052048 hotfix applied to it over a week ago. This hotfix updates Java to SE 7U80. After upgrading the server to 5.12, I noticed that the Java version was now SE 7U76 and not the updated one SE 7U80.
I thought upgrades are supposed to cumulative and preserve previous updates. Does anyone know why McAfee overwrites the Java to an older vulnerable version?
Solved! Go to Solution.
Upgrades to newer patch versions do not preserve hotfixes applied in the interim. In most cases, these hotfixes are included in the patch, but due to the timing of this hotfix, it would have been impossible to incorporate without significantly delaying the release schedule. As noted, you must re-apply the patch after upgrading to EPO 5.1.2, and hotfix 1052048 was tested with 5.1.2 in mind, it just could not meet the testing requirements for a full patch release versus a hotfix.