We (well management did and passed it on to me) have received an email (pasted below) stating that there is a security issue that is critical but the security advisory does not appear to deal with the version we are running (above). So it looks like we have a downloaded install given that it doesn't seem to have upgraded automatically but I don't see how to upgrade or implement Whitelist as advised as our version doesn't appear to have that option.
I have never overseen an install or upgrade for Bamboo and have only had the Admin role for a couple of weeks so please treat any help as being directed at novice level as I am still finding my feet in some areas. I need to be aware of any downtime, affect on users etc for any upgrade also so that I can plan it is with minimum disruption
Thank you in advance,
We are writing to inform you of a critical security vulnerability that exists in Bamboo from version 2.3.1 before 188.8.131.52 (the fixed version for 5.11.x) and from 5.12.0 before 184.108.40.206 (the fixed version for 5.12.x).
Customers who have upgraded Bamboo to version 220.127.116.11 or version 18.104.22.168 are not affected.
How do you fix it?
Atlassian Cloud instances have already been upgraded to a fixed version of Bamboo.
Customers who have downloaded and installed Bamboo, follow the instructions provided in the detailed security advisory:
If you have questions or concerns, please raise a support request. One of our support engineers will be happy to help you.
Hi Darren, you would need to upgrade your install/upgrade by downloading a complete new version.
As mentioned on the webpage : "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-07-20-831660461.html" Binary patches are no longer released.
So you would need to download the latest and upgrade (which is , normally , a quick and easy process)
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
Bamboo 5.9 will no longer be supported after June 12, 2017. What does this mean? As part of our End of Life policy, Atlassian supports major versions for two years after the first major iteratio...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs