This question is in reference to Atlassian Documentation: Crowd Security Advisory 2016-10-19
What are the reasons other products then Crowd needs to be upgraded? Does these products have similar issues with LDAP or is it some type of compatibility thing?
They have their own "embedded" Crowd which shares a lot of the code with Crowd Server, and presumably the vulnerability is in code that is common to the two systems.
Take for example JIRA 7.2.1 that was released for a month ago. That version should be safe from this vulnerability. The issues listed on that release include no references to any LDAP issues. Is there an official explanation to this?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.