Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Sourcetree Security Update - Yosemite?

kurtdekker
kurtdekker
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 13, 2017

Is there a roadmap for when the SourceTree security update will be available for MacOSX Yosemite?

Also, is there some guidance as to mitigating the chance of the sourcetree:// injection attack in the interim? I'd like to continue using SourceTree until you get it updated for Yosemite, but I'm not keen on having my system pwned.

Answer
Watch
Like Be the first to like this
915 views

1 answer

0 votes
Ana Retamal
Ana Retamal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 15, 2017

Hi Kurt, the new version of SourceTree requires that you're on OSX 10.11 or later. We support two versions of MacOS and don't support older versions of SourceTree. For more information you can see the response from Rahul at SRCTREE-4738.

In response to your second question, we don't have any official workaround. One of our users provided one (in the previous link too) but it comprises app security signature in exchange, which is just trading one risk for another.

Regards,

Ana

View More Comments
Dan Lipofsky
Dan Lipofsky May 15, 2017

As many people have pointed out in the other threads (with no response from Atlassian), asking people to upgrade their OS is not a reasonable response to a critical security flaw in your product. It's a major undertaking in time and effort, it has the potential to break other products that are being used, and may not even be possible based on hardware or corporate policy.

Yosemite (OSX 10.10) is not end of life, and Apple is still releasing security updates for it. It's less than 3 years old. It's really just feels like Atlassian does not give a sh*t about security.

Like
TJ-Terry
TJ-Terry
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 11, 2019

Jumping on this in 2019... Guys just update your OS.. ive been using Mojave for nearly a year now..

 

Its a good idea to refresh your workspace once in a while (at least once a year).. that way the 2500 you dropped on your fancy macbook will be worthwhile...


Healthy body healthy mind guys.. 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Sourcetree
Sourcetree
TAGS
AUG Leaders

Atlassian Community Events

    See all events