Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Fix SourceTree security vulnerability for Mac OS X Mavericks

In response to a security alert for SourceTree: I cannot upgrade SourceTree to 2.5.1 because I am using Mac OS X Mavericks.  Is there a patch I can use to fix this security issue?

6 answers

I agree with Dan.  Updating to 10.11 is a lot for Atlassian to ask of users for a security fix that should have been there in the first place. In my experience, an OS upgrade is a decision not to be taken lightly because it is frequently a 1-2 day chunk of work to then deal with all the underlying incompatibilities from 3 party software.  In some cases, entirely new workflows need to be developed because the 3rd party software was custom or doesn't support the new OS version.  

The problem is worse for enterprise with many clients.  Even worse for small businesses without and IT department.  

Second that. One of my dev machines needs to be kept on Mac OS X Mavericks. Latest SourceTree for that is 2.1, would appreciate a patch to fix the critical vulnerability.

Arg!  Atlassian - did you not make huge profits last year? Please oh please could you just make a little patch for this?

I'm in the same boat as many of the posters here.  It is not trivial to upgrade my operating system. There's a huge overhead of time to reinstall 3rd party software and then a risk things may not work again. 

Edit: And now 3 colleagues are in the same boat. Anyway, I deleted SourceTree.  Bye SourceTree!  I will miss you!  Not sure I'll go back, since this EXACT SAME THING could happen again ... and again ...

Unless of course Atlassian would fix this issue???

0 votes
Gary Atlassian Team May 10, 2017

Hi Penny,

Unfortunately, the only way is to upgrade to the latest version of SourceTree. The latest versions only support OSX 10.11 or later.

Without upgrading, you run the risk of actively keeping your system open to this issue.

Cheers,
Gary

 

Seriously!?! You've got a critical security issue and you are not going to do a release for older OSX? I guess you don't take security very seriously. Not everyone can just upgrade their OS on a whim, especially in a corporate environment. OSX 10.10 is not end of life, and Apple is still releasing security updates for it. It's less than 3 years old.

Gary, it is a ridiculously entitled expectation to assume that all your users on older OSX versions will perform a major OS upgrade to close a security hole in your utility application.

My solution is far easier: delete SourceTree off my drive entirely, and label Atlassian as incompetent when it comes to handling security issues, bug fixes, application updates, and user experience consideration. Disgraceful.

Ditto. Running 10.10 and am not in a position to upgrade. I love SourceTree, but if Atlassian refuses to release a patch for older versions, I will have to move to an alternative app or perhaps even the command line.

Same here, running 10.10 and not going to upgrade OS for a bug in SourceTree. I've just uninstalled SourceTree and am going to delete my account on Atlassian in 3... 2... 1.

https://id.atlassian.com/manage/close-account

Goodbye.

Edit: it seems that it is not possible to completely delete one's account from SourceTree. Specifically, I could not delete my free license: I could only change the billing contact, but the license is still there. This is beyond my comprehension.

Ditto. Running osx 10.10 ... and there is still software that I need in 10.10

A Patch for sourcetree 2.4.1 would be great....

I'm also on OSX 10.10 and very dissapointed that I can not download the update for a critcal security issue.

Are there any plans on releasing the security patch for users on OSX 10.10?

Please correct me if I'm wrong, but I have not seen any statements about SourceTree officially dropping support for OSX 10.10.

Check for updates tells me "SourceTree 2.4.1 is currently the newest version available." Come on on guys, you can't get your auto-update tool to provide the latest version to fix a critical security issue?

Gary Atlassian Team May 10, 2017

Hi Dan,

Which version of OSX are you using?  2.5.1 only supports OSX 10.11, or later.

Cheers,

Gary

OSX 10.10, which I will point out is is not end of life, and Apple is still releasing security updates for it, and is less than 3 years old. It seems that something you describe as a critical security issue would warrant a release.

Hi Gary, I'm on OSX 10.11.3 and also get the "SourceTree 2.4.1 is currently the newest version available".

Those of you who are having problems on 10.11.x might want to start a new thread for that, I don't think you can expect Atlassian to respond in this one.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Sourcetree

[dev team] Sourcetree for Windows 2019 Preview - Dark Theme

Hi folks, While the full post is over on our blog I'd like to share the dark theme we've got planned for 2019 here directly as well to keep the discussion going.  The ...

3,280 views 19 18
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you