Crowd 2.4.1 Release Notes

Older releases

On this page

Still need help?

The Atlassian Community is here for you.

Ask the community

This release fixes a security flaw. Please refer to the security advisory for details of the security vulnerability, risk assessment and mitigation strategies.

17 May 2012

The Atlassian Crowd team presents Crowd 2.4.1.

This is a security release to fix a critical vulnerability in Crowd that may allow unauthorized access to data. The scale we use (published as Security Levels for Security Issues) allows us to rank the severity as critical, high, moderate or low.

This is an independent assessment and you should evaluate its applicability to your own IT environment.

The vulnerability allows an attacker to

  • execute denial of service attacks against the Crowd server, or
  • read all local files readable to the system user under which Crowd runs

There are no other changes against the previous stable release and we recommend that all customers upgrade. Please refer to the security advisory for details of the security vulnerability, risk assessment and mitigation strategies.

Upgrading to Crowd 2.4.1

You can download Crowd from the Atlassian website. If upgrading from a previous version, please read the Crowd 2.4 Upgrade Notes.

Complete List of Improvements and Fixes

Key Summary P Status
Loading...
Refresh

Last modified on May 26, 2016

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.