6 March 2008

Confluence 2.7.2 is a recommended upgrade which fixes a security flaw and other bugs.

We have fixed a security flaw which allowed users who have 'View' permission (or higher) on a space to purge any page in that space. For details, please refer to the security advisory and related JIRA issue.

Other good fixes in this point release:

  • The Rich Text editor no longer breaks links to pages in other spaces.
  • Some customers have reported problems with permissions after upgrading to Confluence 2.7.1, where some space permissions or global permissions were lost if using a case-sensitive database. From Confluence 2.7.2, the space permissions and global permissions screens will display a message highlighting any case-sensitivity problems. We have also provided a routine to fix existing permissions affected by this issue — read the detailed instructions on running the routine.
  • The JIRA Portlet macro now displays correctly when using trusted communication between JIRA and Confluence.
  • Confluence 2.7.2 also clarifies the procedures around renewing your license before upgrading.

There's a complete list of fixes below. Click a specific issue to see details of the fix, and to download patches where relevant.

Don't have Confluence 2.7 yet?
Take a look at the new features and other highlights in the Confluence 2.7 Release Notes.

Upgrading from a Previous Version of Confluence

Upgrading Confluence should be fairly straightforward. Please read the Confluence 2.7.2 Upgrade Guide. We strongly recommend that you back up your confluence.home directory and database before upgrading.

Updates and Fixes in this Release