Security issue for Jira - do we need a new version of the plugin ?

  • altimesh
Posted: Thu, 02/27/2014 - 12:07

Atlassian issued a security alert for Jira :
Looking at the content of the patch, the bundled plugins are to be replaced.
I suppose we need a new version of the plugin to fix this security vulnerability as well.

Do you plan to release one ? Which versions will be covered ? (I am using 6.0.2 now, but could easily upgrade to 6.0.8 if needed - upgrading to a newer version may not be as easy)

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

The updated patch for JIRA

  • admin
  • 02/16/10
  • Mon, 03/03/2014 - 21:30

The updated patch for JIRA 6.0.8 is available at Downloads page. Be sure to apply JRA-35797 patch first and the JFS patch.


Thanks, I can upgrade to

  • altimesh
  • 09/18/13
  • Fri, 02/28/2014 - 16:06


I can upgrade to 6.0.8 version as I said.
Do you have an idea of the timeframe for the 6.0.8 patch ?

We will definitely release

  • admin
  • 02/16/10
  • Fri, 02/28/2014 - 15:40

We will definitely release new JFS patches incorporating fixes provided by Atlassian. However it is still not clear what to do with JIRA versions for which security patches have not been provided. Some people in comments say that the patch for JIRA 6.0.8 breaks JIRA 6.0.1.