We distribute a customized build of JasperReports server in a container. Every installation is a full installation, not an upgrade of an existing server. To incorporate security fixes, we need a full distribution of JasperReports server that includes these fixes.
Unfortunately, the fixes for the October security issues (2021-35494, 2021-35495, and 2021-35496) were only distributed as a service pack that must be installed on top of an older release. We have been using JasperReports Server 7.5.1, which does not include the fixes. The release with the fixes (7.5.2 for us) does not include a full distribution of the product; it is just an incremental overlay over 7.5.1.
Note that 7.5.1 was released as a full installation; this request is just to make 7.5.2 and other security-patch releases follow the same pattern.
This was originally requested in case 02061666, which was dismissed as an enhancement request.