We (well management did and passed it on to me) have received an email (pasted below) stating that there is a security issue that is critical but the security advisory does not appear to deal with the version we are running (above). So it looks like we have a downloaded install given that it doesn't seem to have upgraded automatically but I don't see how to upgrade or implement Whitelist as advised as our version doesn't appear to have that option.
I have never overseen an install or upgrade for Bamboo and have only had the Admin role for a couple of weeks so please treat any help as being directed at novice level as I am still finding my feet in some areas. I need to be aware of any downtime, affect on users etc for any upgrade also so that I can plan it is with minimum disruption
Thank you in advance,
Darren
Hello Stephen, |
We are writing to inform you of a critical security vulnerability that exists in Bamboo from version 2.3.1 before 5.11.4.1 (the fixed version for 5.11.x) and from 5.12.0 before 5.12.3.1 (the fixed version for 5.12.x). |
Customers who have upgraded Bamboo to version 5.11.4.1 or version 5.12.3.1 are not affected. |
How do you fix it? |
Atlassian Cloud instances have already been upgraded to a fixed version of Bamboo. |
Customers who have downloaded and installed Bamboo, follow the instructions provided in the detailed security advisory: |
If you have questions or concerns, please raise a support request. One of our support engineers will be happy to help you. |
Kind regards, |
Hi Darren, you would need to upgrade your install/upgrade by downloading a complete new version.
As mentioned on the webpage : "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-07-20-831660461.html" Binary patches are no longer released.
So you would need to download the latest and upgrade (which is , normally , a quick and easy process)
Thanks Mark,
Do you know if there is any cost attached to an upgrade or is it free?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If you have an active license it's free.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.