- Allow OAuth2 authentication with Atlassian, LinkedIn, GitHub, Twitter or Facebook
- Specific SP metadata can be provided per IdP
- User Sync now allows synchronizing profile pictures from Azure or G Suite in Jira and Confluence
- Fix a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed .
- Please check our release notes for more details.
Version history
6.3.0Jira Server 8.3.0 - 9.6.02023-01-12OAuth2 authentication, Profile Pictures, IdP specific metadata, security fix Version 6.3.0 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial6.3.0Jira Data Center 8.3.0 - 9.6.02023-01-12OAuth 2 authentication, Profile Pictures, IdP specific metadata, security fix Version 6.3.0 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- Allow OAuth2 authentication with Atlassian, LinkedIn, GitHub, Twitter or Facebook
- Specific SP metadata can be provided per IdP
- User Sync now allows synchronizing profile pictures from Azure or G Suite in Jira and Confluence
- Fix a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed .
- Please check our release notes for more details.
6.2.5Jira Server 8.3.0 - 9.6.02023-01-12Security update Version 6.2.5 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
6.2.5Jira Data Center 8.3.0 - 9.6.02023-01-12Security update Version 6.2.5 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
4.0.15Jira Server 7.13.0 - 8.17.02023-01-12Security update Version 4.0.15 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
4.0.15Jira Data Center 7.13.0 - 8.17.02023-01-12Security update Version 4.0.15 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
3.6.8Jira Server 7.3.0 - 8.14.12023-01-12Security update Version 3.6.8 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
3.6.8Jira Data Center 7.3.0 - 8.14.12023-01-12Security update Version 3.6.8 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
2.0.15Jira Server 7.0.4 - 7.9.22023-01-12Security update Version 2.0.15 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.