SAML Single Sign On (SAML SSO) Bitbucket

Version history

Watch

CollapsedExpanded5.1.2Bitbucket Server 6.7.0 - 7.16.02021-09-14Improved Groovy transformations and better Crowd support
Download
Version 5.1.2 • Released 2021-09-14 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
- Improved Groovy attribute transformations. If you're using custom Groovy based attribute transformations, please check that user attributes are assigned properly after upgrading. There may be edge cases where adjusting the Groovy code is beneficial or required. If unsure, please open a support ticket and attach your configuration before upgrading so we can validate it.
- When using Crowd directories backed by LDAP, triggering the LDAP update in Crowd uses a builtin REST endpoint, so our Crowd plugin is no longer required.
- SAML Single Sign-On 5.1.2 comes with the User Sync 2.1.1 bugfix release, see 2.1.x release notes.
CollapsedExpanded5.1.2Bitbucket Data Center 6.7.0 - 7.16.02021-09-14Improved Groovy transformations and better Crowd support
Download•
•
Version 5.1.2 • Released 2021-09-14 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
- Improved Groovy attribute transformations. If you're using custom Groovy based attribute transformations, please check that user attributes are assigned properly after upgrading. There may be edge cases where adjusting the Groovy code is beneficial or required. If unsure, please open a support ticket and attach your configuration before upgrading so we can validate it.
- When using Crowd directories backed by LDAP, triggering the LDAP update in Crowd uses a builtin REST endpoint, so our Crowd plugin is no longer required.
- SAML Single Sign-On 5.1.2 comes with the User Sync 2.1.1 bugfix release, see 2.1.x release notes.
CollapsedExpanded5.0.7Bitbucket Server 6.4.0 - 7.16.02021-09-06Bugfix release
Download
Version 5.0.7 • Released 2021-09-06 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
- SAML Single Sign-On 5.0.7 comes with the User Sync 2.0.5 bugfix release, see 2.0.x release notes.
CollapsedExpanded5.0.7Bitbucket Data Center 6.4.0 - 7.16.02021-09-06Bugfix release
Download•
•
Version 5.0.7 • Released 2021-09-06 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
- SAML Single Sign-On 5.0.7 comes with the User Sync 2.0.5 bugfix release, see 2.0.x release notes.
CollapsedExpanded5.0.6Bitbucket Server 6.4.0 - 7.16.02021-08-12Improved Security Update
Download
Version 5.0.6 • Released 2021-08-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
Sorry! - We have to ask you to update (again!)

On July 29th, we released a "fix version" for a critical security vulnerability, however, due to researcher feedback & additional follow-up, we realized another attack vector.

This version (released August 12th) addresses this additional scenario. We expected this to be the final & complete fix.

To allow upgrades to a fix version without major upgrades in the Atlassian application, all public versions in the marketplace include the fix to the security vulnerability.

Please reference the version history for the most relevant version for your instance. https://marketplace.atlassian.com/apps/1217045/saml-single-sign-on-saml-sso-bitbucket/version-history

Please refer to this wiki page for the latest status: https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2021-07-29-authentication-bypass-network-attacker-can-login-to-users-accounts-when-usernames-are-known
CollapsedExpanded5.0.6Bitbucket Data Center 6.4.0 - 7.16.02021-08-12Improved Security Update
Download•
•
Version 5.0.6 • Released 2021-08-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
Sorry! - We have to ask you to update (again!)

On July 29th, we released a "fix version" for a critical security vulnerability, however, due to researcher feedback & additional follow-up, we realized another attack vector.

This version (released August 12th) addresses this additional scenario. We expected this to be the final & complete fix.

To allow upgrades to a fix version without major upgrades in the Atlassian application, all public versions in the marketplace include the fix to the security vulnerability.

Please reference the version history for the most relevant version for your instance. https://marketplace.atlassian.com/apps/1217045/saml-single-sign-on-saml-sso-bitbucket/version-history

Please refer to this wiki page for the latest status: https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2021-07-29-authentication-bypass-network-attacker-can-login-to-users-accounts-when-usernames-are-known
CollapsedExpanded4.0.13Bitbucket Server 6.0.0 - 7.16.02021-08-12Improved Security Update
Download
Version 4.0.13 • Released 2021-08-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
Sorry! - We have to ask you to update (again!)

On July 29th, we released a "fix version" for a critical security vulnerability, however, due to researcher feedback & additional follow-up, we realized another attack vector.

This version (released August 12th) addresses this additional scenario. We expected this to be the final & complete fix.

To allow upgrades to a fix version without major upgrades in the Atlassian application, all public versions in the marketplace include the fix to the security vulnerability.

Please reference the version history for the most relevant version for your instance. https://marketplace.atlassian.com/apps/1217045/saml-single-sign-on-saml-sso-bitbucket/version-history

Please refer to this wiki page for the latest status: https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2021-07-29-authentication-bypass-network-attacker-can-login-to-users-accounts-when-usernames-are-known
CollapsedExpanded4.0.13Bitbucket Data Center 6.0.0 - 7.16.02021-08-12Improved Security Update
Download•
•
Version 4.0.13 • Released 2021-08-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
Sorry! - We have to ask you to update (again!)

On July 29th, we released a "fix version" for a critical security vulnerability, however, due to researcher feedback & additional follow-up, we realized another attack vector.

This version (released August 12th) addresses this additional scenario. We expected this to be the final & complete fix.

To allow upgrades to a fix version without major upgrades in the Atlassian application, all public versions in the marketplace include the fix to the security vulnerability.

Please reference the version history for the most relevant version for your instance. https://marketplace.atlassian.com/apps/1217045/saml-single-sign-on-saml-sso-bitbucket/version-history

Please refer to this wiki page for the latest status: https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2021-07-29-authentication-bypass-network-attacker-can-login-to-users-accounts-when-usernames-are-known
CollapsedExpanded3.6.7Bitbucket Server 5.12.4 - 7.16.02021-08-12Improved Security Update
Download
Version 3.6.7 • Released 2021-08-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
Sorry! - We have to ask you to update (again!)

On July 29th, we released a "fix version" for a critical security vulnerability, however, due to researcher feedback & additional follow-up, we realized another attack vector.

This version (released August 12th) addresses this additional scenario. We expected this to be the final & complete fix.

To allow upgrades to a fix version without major upgrades in the Atlassian application, all public versions in the marketplace include the fix to the security vulnerability.

Please reference the version history for the most relevant version for your instance. https://marketplace.atlassian.com/apps/1217045/saml-single-sign-on-saml-sso-bitbucket/version-history

Please refer to this wiki page for the latest status: https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2021-07-29-authentication-bypass-network-attacker-can-login-to-users-accounts-when-usernames-are-known
CollapsedExpanded3.6.7Bitbucket Data Center 5.12.4 - 7.16.02021-08-12Improved Security Update
Download•
•
Version 3.6.7 • Released 2021-08-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
Sorry! - We have to ask you to update (again!)

On July 29th, we released a "fix version" for a critical security vulnerability, however, due to researcher feedback & additional follow-up, we realized another attack vector.

This version (released August 12th) addresses this additional scenario. We expected this to be the final & complete fix.

To allow upgrades to a fix version without major upgrades in the Atlassian application, all public versions in the marketplace include the fix to the security vulnerability.

Please reference the version history for the most relevant version for your instance. https://marketplace.atlassian.com/apps/1217045/saml-single-sign-on-saml-sso-bitbucket/version-history

Please refer to this wiki page for the latest status: https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2021-07-29-authentication-bypass-network-attacker-can-login-to-users-accounts-when-usernames-are-known
CollapsedExpanded3.5.0.2Bitbucket Server 5.6.0 - 6.10.132021-08-12Improved Security Update
Download
Version 3.5.0.2 • Released 2021-08-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
Sorry! - We have to ask you to update (again!)

On July 29th, we released a "fix version" for a critical security vulnerability, however, due to researcher feedback & additional follow-up, we realized another attack vector.

This version (released August 12th) addresses this additional scenario. We expected this to be the final & complete fix.

To allow upgrades to a fix version without major upgrades in the Atlassian application, all public versions in the marketplace include the fix to the security vulnerability.

Please reference the version history for the most relevant version for your instance. https://marketplace.atlassian.com/apps/1217045/saml-single-sign-on-saml-sso-bitbucket/version-history

Please refer to this wiki page for the latest status: https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2021-07-29-authentication-bypass-network-attacker-can-login-to-users-accounts-when-usernames-are-known
CollapsedExpanded3.5.0.2Bitbucket Data Center 5.6.0 - 6.10.132021-08-12Improved Security Update
Download•
•
Version 3.5.0.2 • Released 2021-08-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
Sorry! - We have to ask you to update (again!)

On July 29th, we released a "fix version" for a critical security vulnerability, however, due to researcher feedback & additional follow-up, we realized another attack vector.

This version (released August 12th) addresses this additional scenario. We expected this to be the final & complete fix.

To allow upgrades to a fix version without major upgrades in the Atlassian application, all public versions in the marketplace include the fix to the security vulnerability.

Please reference the version history for the most relevant version for your instance. https://marketplace.atlassian.com/apps/1217045/saml-single-sign-on-saml-sso-bitbucket/version-history

Please refer to this wiki page for the latest status: https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2021-07-29-authentication-bypass-network-attacker-can-login-to-users-accounts-when-usernames-are-known
CollapsedExpanded2.5.10Bitbucket Server 5.5.0 - 6.10.52021-08-12Improved Security Update
Download
Version 2.5.10 • Released 2021-08-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
Sorry! - We have to ask you to update (again!)

On July 29th, we released a "fix version" for a critical security vulnerability, however, due to researcher feedback & additional follow-up, we realized another attack vector.

This version (released August 12th) addresses this additional scenario. We expected this to be the final & complete fix.

To allow upgrades to a fix version without major upgrades in the Atlassian application, all public versions in the marketplace include the fix to the security vulnerability.

Please reference the version history for the most relevant version for your instance. https://marketplace.atlassian.com/apps/1217045/saml-single-sign-on-saml-sso-bitbucket/version-history

Please refer to this wiki page for the latest status: https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2021-07-29-authentication-bypass-network-attacker-can-login-to-users-accounts-when-usernames-are-known
CollapsedExpanded2.5.10Bitbucket Data Center 5.5.0 - 6.10.52021-08-12Improved Security Update
Download•
•
Version 2.5.10 • Released 2021-08-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial
Sorry! - We have to ask you to update (again!)

On July 29th, we released a "fix version" for a critical security vulnerability, however, due to researcher feedback & additional follow-up, we realized another attack vector.

This version (released August 12th) addresses this additional scenario. We expected this to be the final & complete fix.

To allow upgrades to a fix version without major upgrades in the Atlassian application, all public versions in the marketplace include the fix to the security vulnerability.

Please reference the version history for the most relevant version for your instance. https://marketplace.atlassian.com/apps/1217045/saml-single-sign-on-saml-sso-bitbucket/version-history

Please refer to this wiki page for the latest status: https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2021-07-29-authentication-bypass-network-attacker-can-login-to-users-accounts-when-usernames-are-known