Confluence 8.5 Release Notes
22 August 2023
We're excited to present Confluence 8.5.Confluence 8.5.x is the last version that supports Server licenses. Learn what this means for you
Highlights
.
More
Read the upgrade notes for important info about this release and see the full list of issues resolved.
Thanks for your feedback
More than 5,900 votes satisfied
since the last Long Term Support release.
Confluence Server and Data Center 8.5 is a Long Term Support release
This means we'll provide bug fix releases until 8.5 reaches end of life, to address critical security, stability, data integrity, and performance issues.
Long Term Support release roundup
It's been about 12 months since our last long-term support release, Confluence 7.19. In that time we've shipped a huge amount of Enterprise value, especially for Data Center. Check out these highlights:
For admins |
|---|
Enterprise scale
|
Diagnostics and troubleshooting
|
Platform performance upgrades
|
For end users |
|---|
Editor experience
|
Search experience
|
Accessibility improvements
|
All in all, we've resolved over 570 issues since 7.19.0. For an overview of all the changes, check out the Confluence 8.5 Long Term Support Release Change Log.
So what can you expect from Confluence 8.5? We've been focused on raising the already high bar we’ve set for quality, stability, and performance, and have tackled some particularly high-impact bugs to make sure Confluence 8.5 is the best it can be.
Performance benchmarking report
We’ve run comprehensive testing to compare our Long Term Support releases Confluence 7.19 and 8.5 to see how the new features affect Confluence, and to make sure we’re not introducing any performance regressions. Long Term Support releases are always a number of versions apart so changes in performance are much more visible than between smaller, feature releases.
Read the report to learn about the benefits of upgrading from 7.19.0.
Confluence 8.5 Long Term Support Release Performance Benchmarking Report
Connect more Confluence spaces to your Jira Server Management portals
Using Jira Service Management with Confluence? Connect more spaces to your portals to help people find the answers they’re looking for. The latest Jira Service Management 5.11 release introduces multi-space linking, so customers can access articles from all relevant knowledge bases instead of only one.
Learn more about multi-space linking
Screenshot: Jira Service Management portal with multiple linked knowledge bases (Confluence spaces)
Confluence 8.5.x is the last release to support Server licenses
Confluence 8.5.x is the last Confluence feature release available to download for Server customers prior to the Server end of support date on February 15, 2024. All feature releases after Confluence 8.5.x will only support our Data Center offering. As Confluence 8.5 is a Long Term Support release, it will continue to receive security and bug fixes until the end of support date on February 15, 2024.
We recommend that you migrate to the Atlassian Cloud offering or upgrade to Data Center to remain secure and supported.
Security check-up
Upgrading to a new Long Term Support release is a great time to check your site security. We've put together a list of things you might want to check as part of this upgrade, as our recommendations may have changed since you first installed Confluence.
- Subscribe to advisory alerts and keep technical contact details up to date
Receive security advisory alerts and other important technical updates.
Atlassian email and privacy preferences - Run Confluence with a dedicated non-root user account
Limit that account to just the directories that Confluence needs to write to.
Learn how to create a dedicated user account
- Limit the accounts that can access Confluence directories
Ensure only selected user accounts can read and write to Confluence directories, including custom directories where you might store attachments, backups, or data pipeline exports.
Learn how to allow the account to write to particular directories
- Limit hosts which can mount network file systems
Limit the hosts that can mount NFS file systems to just the Confluence host (such as in the /etc/exports file in Linux). Refer to your operating system documentation to find out how to do this.
- Limit database access
Limit database access to just the Confluence host (using iptables or built in database security tools). Refer to your database documentation to find out how to do this.
- Use secure administrator sessions
Require admins to re-enter their password to access admin functions, and set a short timeout for the administrator session.
Learn how to turn on secure administrator sessions
- Use the allowlist
Limit incoming and outgoing connections to avoid Server-Side Request Forgery (SSRF) attacks.
Learn how to turn on the allowlist
- Use personal access tokens for integrations
Provide a more secure way to authenticate API requests than basic authentication (username and password)
Learn how to manage personal access tokens
- Review confluence-administrators group membership
Members of this 'super group' can access all admin functions and access all content, including restricted pages. Consider limiting the members of this group and instead create a new group with system administrator global permissions.
Learn about the confluence-administrators super group
- Review administrator account practices
Avoid shared admin accounts, and easily guessed usernames like 'admin' or 'jdoe'. Consider providing administrators with two accounts, allowing them to use different accounts for day-to-day Confluence use and administrator tasks.
- Monitor the access log
Access logs can help you identify unusual activity. Logs are written to the install directory, and you may want to monitor these logs using your preferred monitoring tool.
Learn about access logging
- Use rate limiting to block all requests from anonymous users DATA CENTER
Block REST API requests from anonymous users if you don't have a reason to allow them, or limit the number of requests to reduce the risk of DoS attacks
Learn how to use rate limiting to block requests
- Review audit log settings DATA CENTER
The audit log capabilities may have changed significantly since your last upgrade. Check which events you can monitor.
Learn which events you can write to the audit log
- Consider single-sign on DATA CENTER
There are a number of options for integrating Confluence with your identity provider for SSO.
Learn about the various SSO options available
Resolved issues
For full details of bugs fixed and suggestions resolved, head to our public issues tracker on Jira.
Issues resolved in 8.5.9
Issues resolved in 8.5.8
Issues resolved in 8.5.7
Issues resolved in 8.5.6
Issues resolved in 8.5.5
Issues resolved in 8.5.4
Issues resolved in 8.5.3
Issues resolved in 8.5.2
Issues resolved in 8.5.1
Issues resolved in 8.5.0
Get ready to upgrade
Before you upgrade, check out the Upgrade Notes for important changes in this release, then follow the usual upgrade instructions to upgrade your site.
Credits
Our wonderful customers...
You play an important role in making Confluence better. Thanks to everyone who participated in interviews with us, made suggestions, voted, and reported bugs!