Crowd 1.5.1 Release Notes

過去のリリース

このページの内容

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

14 October 2008
The Atlassian Crowd team is delighted to present Crowd 1.5.1.

Crowd 1.5.1 is a recommended upgrade which fixes a parameter injection vulnerability and other issues. Please refer to the security advisory for details of the security vulnerability, risk assessment and mitigation strategies.

When using Crowd for single sign-on (SSO), you can now specify that the 'secure' flag is set on the SSO cookie. This will enforce a secured connection, such as SSL, for all SSO requests. Note that if you set this flag, any applications not using a secure connection will not be able to participate in SSO. Potentially, this may make it impossible to log in to Crowd.

When generating session tokens, Crowd now includes a very large random number as part of the hash value. This makes it more difficult for a malicious third party to impersonate a legitimate Crowd user.

This release also brings a number of improvements to search functionality, particularly for LDAP directories and for Confluence instances integrated with Crowd.

Don't have Crowd 1.5 yet?
Take a look at the new features and other highlights in the Crowd 1.5 Release Notes.

Complete List of Fixes in Crowd 1.5.1

鍵 (キー) summary priority status

Unable to locate JIRA server for this macro.It may be due to Application Link configuration.

最終更新日: 2014 年 9 月 14 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.