Crowd 2.7.2 Release Notes

 

13th May 2014

The Atlassian Crowd team presents Crowd 2.7.2.

This release is a recommended upgrade for all customers. It brings important fixes, which are listed below.

Crowd 2.7 Upgrade Notes

Responding to your feedback:
(green star) 69 votes satisfied

Update: 21 May 2014

 A critical security vulnerability has been found in previous versions of Crowd, and has been fixed in Crowd 2.7.2. It is recommended for all customers to upgrade to Crowd 2.7.2 as soon as possible.

Full security advisory: Crowd Security Advisory 2014-05-21

Stability improvements

Some customers have reported crashes in Crowd 2.7.0 and Crowd 2.7.1 caused by database deadlocks when using database-backed token storage, which is the default option in Crowd. The 2.7.2 release contains fixes that address this problem. Customers who have switched to in-memory token storage to improve the stability of their Crowd servers are invited to switch back to the database-backed token storage after the upgrade.

SOAP regression fix

Crowd 2.7.1 shipped with a change that created a regression that potentially affected some Crowd SOAP API clients. It did not affect those using the Crowd integration Java SOAP library and Crowd 2.7.2 fixes the regression. Maintainers who applied the workaround detailed in the Crowd 2.7.1 Release Notes may continue using that workaround in Crowd 2.7.2. See  CWD-3838 - SOAP API requires un-encrypted password credential in Crowd 2.7.1 Resolved  for further discussion.

Java 8

This release adds compatibility with Java 8.

 Complete list of improvements and fixes

Was this helpful?

Thanks for your feedback!

Why was this unhelpful?

Have a question about this article?

See questions about this article

Powered by Confluence and Scroll Viewport