Confluence 8.9 release notes

On this page

Still need help?

The Atlassian Community is here for you.

Ask the community

 

Get the latest version

This Confluence release supports only Data Center licenses. If you have a Server license, check out your options for upgrading.

   


More

Read the upgrade notes for important info about this release and see the full list of issues resolved.  


Thanks for your feedback

More than 260 votes satisfied!

Customize your profile pic!

For: END USERS ADMINS

Modify and refresh your profile picture as often as you like. Previously, only admins could delete profile pictures, and users were unable to rotate images when uploading a new profile picture. Now users can rotate uploaded images, choose to set an initials avatar, and are also empowered to delete their own profile photos without involving an Administrator.

Explore all profile picture options.

Screenshot: rotate your profile image, or use initials instead!

Seamlessly copy links to comments

For: END USERS 

With our latest design enhancement, sharing comment links has never been easier. The link location is now more visible, with just one click required.

Hover your cursor over a comment date to display the link icon, then click on it. This will copy the link URL to your clipboard, so you can conveniently paste the link to share it wherever it’s needed.

See links for more information.

Screenshot: animation showing how to copy a comment link.

Find the right macro faster

For: END USERS 

Thanks to a more effective algorithm, macro search now delivers more accurate results, reducing time spent scrolling through irrelevant macros, and increasing your productivity!

This change has been made to both the inline macro suggestions and the macro modal accessed through the editor toolbar. We're confident this update will streamline your workflow, and we look forward to your feedback.

Discover how macros work.

Resize images in a flash

For: END USERS 

You can now resize an image by using the drag handle, located on the sides of the image. Your image will proportionally grow as you drag the handle away from your image, and shrink when you drag it in the other direction.

You can still resize using our existing range of toolbar options, such as precise pixel width — if you’re more a numbers person.

Screenshot: animation of an image being dragged to resize.

Updated editor color palettes

For: END USERS 

In preparation for the release of dark theme, we’ve updated the text color and table cell background color palettes to use design tokens. These updated palettes now use colors that also improve accessibility contrast.

As a result of this change, once dark theme is released in the coming months, all colors in the editor will be converted to match the updated color palettes. That means you will no longer be able to customize these palettes using the temporary workaround.

Screenshot: image of the updated table background color palette.

Tighten security with websudo allowlists

For: ADMINS

Configure and enable your own Confluence allowlist for websudo commands. This additional layer of security means that certain superuser operations can be performed only from pre-approved IP addresses or subnets.

This feature is deactivated by default. Discover how to activate it here.

More accessibility improvements

For: END USERS 

We have continued to address accessibility issues and made improvements for keyboard users in Team Calendars, the space sidebar and when managing watchers. This release has also placed particular emphasis on accessibly creating new content in pages and blogs, including inserting links and files.

See the list of resolved tickets for further information.

Improved protection against CSRF attacks

For: END USERS ADMINS

We’ve enhanced our security measures to provide better protection against cross-site request forgery (CSRF) attacks. Now, more Confluence links that can change the database or the application's state will require CSRF tokens for access. These tokens are generated and passed automatically when browsing trhough Confluence. However, users will no longer be able to directly bookmark affected links for later, such as the Create Page button link.

Hazelcast updated

For: ADMINS

This release contains an upgrade to Hazelcast IMDG 5.3.6 as part of our focus on keeping Confluence Data Center secure and up to date. This recent upgrade enhances our platform by improving JMX metrics, which translates to more efficient garbage collector operations, and optimized memory consumption. This version does not support rolling upgrades (ZDU).

Some customers who use Windows may experience a conflict between Confluence and Active Directory (dns.exe) both trying to use port 54327. If this happens, exclude the port from the port range. Follow the steps on our troubleshooting page for full details.

Advance notice: take a peek!

OpenSearch opt-in feature ready for early access

For: ADMINS

We’re working to introduce OpenSearch as an opt-in search engine in an upcoming feature release of Confluence 9.x. It will not be part of Confluence 9.0. This will provide more advanced indexing options leading to less processing requirements and faster search results.

We’re inviting customers to be a part of our Early Access Program (EAP)! We’ve updated the OpenSearch upgrade guide, to help you get started, along with other information, should you wish to test during the EAP phase. At this early stage, OpenSearch during EAP is not suitable for production environments, but we invite you to try it on your testing environment, and welcome your feedback.

Contact us on osfc@atlassian.com, or via our customer support channel.

Dark theme for Confluence

For: ADMINS

As we’re approaching the release of dark theme in Confluence 9.0, you can now get a first glimpse by enabling the theme.switcher dark feature. Bear in mind that we’re still working on finishing touches before the official release, and switching on the dark feature will enable dark theme for all users. We encourage you to try it in your staging environment, and let us know your feedback here.

Screenshot: image showing a Confluence comment in dark theme.

Changes to Security Bug Fix Policy

We’ve updated the Atlassian Security Bug Fix Policy. Changes took effect across all Data Center products on March 15, 2024. Previously, we delivered bug fix releases for any supported Long Term Support release in accordance with the Atlassian Support End-of-Life Policy, and for all product versions that are no older than 6 months.

With our new policy, we will continue to deliver a bug fix release for any supported Long Term Support release in accordance with the Atlassian Support End-of-Life Policy, but we are updating our policy to only support the most recently shipped feature release.


More info

In the event of a critical vulnerability, we will take all of the following steps:

  1. Ship a bug fix for the latest feature release of the product affected by the vulnerability.

  2. Ship a new feature release for the affected product according to the release schedule.

  3. Ship a bug fix release for all supported Long Term Support releases of the affected product, adhering to the Atlassian Support End of Life Policy.

We aim to develop the most effective methods for enhancing the security of our software and delivering updates faster and more frequently. When considering an upgrade, you can be sure that the latest feature release is the most secure and stable product version as it contains the most up-to-date security fixes and feature enhancements.

If you have any concerns or if you require clarification on any aspect of the updated bug fix policy, please do not hesitate to reach out to our support team.

Find more details at https://www.atlassian.com/trust/security/bug-fix-policy.

Introducing Software Bill of Materials (SBOMs) in Confluence

Continuing our commitment to providing the most secure products for our customers, we’re introducing Software Bill of Materials (SBOMs) for Confluence.

SBOM is a detailed list or inventory of all the components in a piece of software. These components can include open-source software, proprietary code, libraries, frameworks, and other elements used in the software.


More info

Why we’re adding SBOM

SBOM is essential for ensuring compliance with different regulations and standards; for example, the United States Executive Order on Improving the Nation's Cybersecurity, the European Union NIS 2 Directive and Cyber Resilience Act. It enhances transparency and facilitates a deeper understanding of software components, their versions, dependencies, and updates to their security vulnerabilities.

Furthermore, SBOM can help app developers and admins identify potential security risks, manage licenses, and maintain software more effectively. For example, if a vulnerability is discovered in a specific open-source component, anyone with access to SBOM can quickly check if their software is affected.

How SBOM is generated

We use Syft, an open-source tool, to automatically generate SBOM files during the product build process. Syft scans the code, identifies dependencies, and compiles a JSON file with the results. Syft supports various SBOM formats, with CycloneDX being Atlassian's current choice due to its popularity.

Where to find SBOM

To locate the SBOM, go to the sbom/ folder in the installation directory of your Atlassian product and search for a file named with either of the following patterns: <product_name>-<version>-cyclonedx-sbom.json or <product_name>-<version>-sbom.cdx.json.

For example, for Confluence 8.9, the file name might be:

atlassian-confluence-8.9.0-sbom.cdx.json

Important to know

Due to the complex, plugin- and component-based architecture of our product suite, we are gradually revealing all front-end dependencies. Our current SBOMs cover a portion of these dependencies.


We’ll provide more information soon.

Resolved issues

For full details of bugs fixed and suggestions resolved, head to our public issues tracker on Jira.

Issues resolved in 8.9.8

Released on 04 November 2024

T Key Summary Status
Loading...
Refresh

Issues resolved in 8.9.7

The Atlassian Confluence team is pleased to announce the release of Confluence 8.9.7, which is a bug-fix release.

Don't have Confluence 8.9 yet?

Check out the new features and other highlights in the Confluence 8.9 release notes.

Issues resolved in 8.9.6

Released on 03 September 2024

T Key Summary Status
Loading...
Refresh

Issues resolved in 8.9.5

Released on 30 July 2024

T Key Summary Status
Loading...
Refresh

Issues resolved in 8.9.4

Released on 02 July 2024

T Key Summary Status
Loading...
Refresh

Issues resolved in 8.9.3

Released on 11 June 2024

T Key Summary Status
Loading...
Refresh

Issues resolved in 8.9.2

Released on 04 June 2024

T Key Summary Status
Loading...
Refresh

Issues resolved in 8.9.1

Released on 08 May 2024

T Key Summary Status
Loading...
Refresh

Issues resolved in 8.9.0

Released on 02 April 2024

T Key Summary Status
Loading...
Refresh


Get ready to upgrade

Before you upgrade, check out the Confluence 8.9 upgrade notes for important changes in this release, then follow the usual upgrade instructions to upgrade your site.

tip/resting Created with Sketch.

Been a while since your last upgrade? Check out our upgrade matrix for a bird's-eye view of the most important changes since Confluence 8.5 LTS.

Don't forget to renew your software maintenance. Renew now

Credits

Our wonderful customers... 

You play an important role in making Confluence better. Thanks to everyone who participated in interviews with us, made suggestions, voted, and reported bugs!

Last modified on Jul 2, 2024

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.