- In some environments that did not have a context path, a redirect loop occurred
Version history
3.1.1.0Jira Data Center 8.14.0 - 9.6.02022-10-26BugFix Release 3.1.1.0Jira Server 8.14.0 - 9.6.02022-10-26BugFix Release - In some environments that did not have a context path, a redirect loop occurred
3.1.0.0Jira Data Center 8.14.0 - 9.3.32022-10-17BugFix Release - Severity Vulnerability (P3 - Moderate)
- an attacker could provide a URL that redirect path is forwarding to an unsuspecting victim from a legitimate domain to an attacker's phishing site
- Severity Vulnerability (P3 - Moderate)
3.1.0.0Jira Server 8.14.0 - 9.3.32022-10-17BugFix Release - Severity Vulnerability (P3 - Moderate)
- an attacker could provide a URL that redirect path is forwarding to an unsuspecting victim from a legitimate domain to an attacker's phishing site
- Severity Vulnerability (P3 - Moderate)
3.0.0.0Jira Data Center 8.12.0 - 9.1.12022-07-11Major Release - dependencies update of vulnerability
3.0.0.0Jira Server 8.12.0 - 9.1.12022-07-11Major Release - dependencies update of vulnerability
2.9.0.0Jira Data Center 8.9.0 - 8.22.62022-04-04BugFix Release - BugFixes and UI improve
2.9.0.0Jira Server 8.9.0 - 8.22.62022-04-04BugFix Release - BugFixes and UI improve
2.8.3.0Jira Data Center 8.8.0 - 8.21.12022-02-03Bugfix Release - Fix for compatibility with Atlassian native mobile app
- First steps to provide accessibility
2.8.3.0Jira Server 8.8.0 - 8.21.12022-02-03Bugfix Release - Fix for compatibility with Atlassian native mobile app
- First steps to provide accessibility
2.8.2.0Jira Data Center 8.4.0 - 8.21.12021-08-03Bugfix Release - issue with redirection of direct call to Service Management project queue
2.8.2.0Jira Server 8.4.0 - 8.21.12021-08-03Bugfix Release - issue with redirection of direct call to Service Management project queue
2.8.1.0Jira Data Center 8.3.0 - 8.17.12021-02-04BugFix Release - Windows Hello now supported
- UI Fixes
- Secure login profiles of users who are deleted from the system are also removed
- The message when deleting a token in the 2FA User Manager no longer shifts the table
2.8.1.0Jira Server 8.3.0 - 8.17.12021-02-04BugFix Release - Windows Hello now supported
- UI Fixes
- Secure login profiles of users who are deleted from the system are also removed
- The message when deleting a token in the 2FA User Manager no longer shifts the table
2.8.0.0Jira Data Center 8.3.4 - 8.14.12020-08-28Feature Release - Support of (Atlassian) native Jira Mobile App
2.8.0.0Jira Server 8.3.4 - 8.14.12020-08-28Feature Release - Support of (Atlassian) native Jira Mobile App
2.7.2.0Jira Data Center 7.12.3 - 8.11.12020-08-11Security Fix - internally found vulnerability closed
2.7.2.0Jira Server 7.12.3 - 8.11.12020-08-11Security Fix - internally found vulnerability closed
2.6.3.2Jira Data Center 7.5.0 - 8.8.12019-08-28BugFix Release No release notes.2.6.3.2Jira Server 7.5.0 - 8.8.12019-08-28BugFix Release No release notes.2.6.3.1Jira Data Center 7.5.0 - 8.3.52019-08-15Bugfix Release - Users can be searched by fullname
2.6.3.1Jira Server 7.5.0 - 8.3.52019-08-15Bugfix Release - Users can be searched by fullname
2.6.3.0Jira Data Center 7.4.4 - 8.3.52019-08-05Data Center Initial Release - Same functionality as Server edition
2.6.3.0Jira Server 7.5.0 - 8.3.52019-08-05compatibility release for Jira 8.3 and Jira Data Center No release notes.2.6.2.11Jira Server 7.5.0 - 8.3.52019-07-31Compatibility and Feature Release - Compatibility Release for Jira 8.3
- Brute Force Protection
- Token Mode
- Bugfixes
2.5.2.9Jira Server 7.4.0 - 8.2.62019-05-21Feature Release - support of hardware token as alternative to a mobile authenticator
2.4.2.8Jira Server 7.4.0 - 8.1.32018-12-17Feature Release - IP based filters now accept client IPs with port numbers in HTTP forward header
- Sysadmins can grant access for the user manager and audit log to normal admins
- Attachments and thumbnails in the Service Desk Portal views are now accessible without 2FA
2.3.2.7Jira Server 7.3.0 - 7.13.182018-10-12Bugfix release - Support for users without email address from external user directories
- Fix for user manager showing not more than 50 users
2.3.2.6Jira Server 7.3.0 - 7.12.32018-08-31Feature Release - The audit log can now be activated or deactivated.
- If the audit log is activated, the hold period for the log entries can be defined
- A time-controlled job deletes the outdated log entries every eight hours
- The Secure Login profiles of deleted users are deleted every 8 hours.
- Revised IPv4 and IPv6 support in the IP white/blacklists
- Small error corrections and stability improvements
- Renaming the admin menu entries for better selection in the global search context
2.2.2.5Jira Server 7.2.0 - 7.11.22018-06-27Security Hotfix This security hotfix contains the fix for two not yet published vulnerabilities:
- Unauthorized deactivation of Secure Login through REST API access
- Unauthorized access to the 2FA secret of a user through URL manipulation
Both vulnerabilities presuppose the potential attacker got access to the login credentials of a user upfront.
Please upgrade your Secure Login installation immediately to fix this vulnerability. See the corresponding security advisory for more details.