This page last changed on Aug 07, 2007 by smaddox.

Confluence 2.5.6 is a recommended upgrade that resolves a number of security bugs and other issues you may have encountered in Confluence 2.5.5 or earlier.

As such this release is a recommended upgrade for all customers.

Confluence 2.5.6 can be downloaded from http://www.atlassian.com/software/confluence/ConfluenceDownloadCenter.jspa, and is a free upgrade for all customers who purchased their Confluence license or maintenance renewal after August 8th 2006.

Upgrading to Confluence 2.5.6

Upgrading Confluence should be fairly straightforward. You can find instructions here. We strongly recommend that you backup your confluence.home directory and database before upgrading!

Changes in 2.5.6

  • For details about the security fixes, please see the security advisory.
  • CONF-8944 resolves a Crowd integration issue for Confluence 2.5.6 and later.
  • The Crowd integration fix will be ported to previous Confluence versions in the near future - please see CONF-9122.

Here's a complete list of the bug fixes in Confluence 2.5.6:

Errors were reported by the JIRA trusted connection.

  • APP_UNKNOWN; Unknown Application: {0}; ["confluence:4557196"]
JIRA Issues (19 issues)
Type Key Summary Priority Status Resolution
Task CONF-9073 Changes to Crowd and Confluence integration instructions Major Resolved Fixed
Bug CONF-9067 Division by zero in SnipSnapImporter Minor Resolved Fixed
Bug CONF-9060 Missing text in breadcrumbs when viewing changes since last login Minor Resolved Fixed
Bug CONF-9000 OutOfMemoryError's during indexing Major Resolved Fixed
Bug CONF-8993 Reflected XSS Vulnerability in the Feed Builder Critical Resolved Fixed
Improvement CONF-8989 Index rebuild tasks involving an index optimization produce an OutOfMemoryError when there are many large textual attachments Major Closed Incomplete
Bug CONF-8980 XSS vulnerability at "Edit Space Permissions" Critical Resolved Fixed
Bug CONF-8979 Vulnerability against DoS attack at permission setting Critical Resolved Fixed
Bug CONF-8978 Vulnerability against DoS attack via labels Critical Resolved Fixed
Bug CONF-8956 stored XSS vulnerability in app/themes/leftnavigation/configuretheme.action Critical Resolved Fixed
Bug CONF-8952 XSS vulnerability in app/pages/listpages-alphaview.action Critical Resolved Fixed
Bug CONF-8951 XSS vulnerability in app/spaces/editspace.action Critical Closed Duplicate
Bug CONF-8950 XSS vulnerability in app/spaces/listattachmentforspace.action Critical Resolved Fixed
Bug CONF-8944 Profile settings are lost when using Crowd with Confluence Major Closed Fixed
Bug CONF-8914 "Save" button mentioned as "Update" on change password screen Trivial Resolved Fixed
Bug CONF-8869 JavaScript error occurs when editing a page without having permission to restrict it Minor Resolved Fixed
Improvement CONF-8623 Improve and speed up plugin resource loading Major Resolved Fixed
New Feature CONF-7414 Officially support mySQL 5.0 Major Resolved Fixed
Bug CONF-3673 Page restrictions do not restrict Space Administrators Major Resolved Fixed

Document generated by Confluence on Jul 09, 2010 01:11