JIRA 4.3 : JIRA 4.1.1 Upgrade Guide
This page last changed on Sep 14, 2010 by ggaskell.
On this page:
Upgrade NotesJIRA 4.1.1 fixes several security vulnerabilities in JIRA. Patches that fix these vulnerabilities in earlier versions of JIRA are also available. Please refer to the JIRA Security Advisory 2010-04-16 or JIRA issue JRA-21004 for more information about these vulnerabilities and links to these patches. Please be aware that these fixes have resulted in the following changes to JIRA's behaviour. Setting File Paths via the Administration User InterfaceJIRA now recognises a new variable called jira.paths.set.allowed in the jira-application.properties file (located in your JIRA Installation Directory). By default, the value of this variable is set to false, such that it appears as jira.paths.set.allowed=false in the jira-application.properties file.
and the following JIRA screens: will display this message:
Changing JIRA's File Path SettingsIf you want to change the locations for storing file attachments, backups, etc, you will need to do the following:
Upon setting the value of the jira.paths.set.allowed variable to true in jira-atlassian.properties, this message is displayed in the screens above:
'Contact Administrators' LinkFor security reasons, the list of JIRA administrators, which can be accessed via the 'Contact Administrators' link in the JIRA footer, will be blank unless jira.paths.set.allowed is set to true (which is not recommended — see above). Backing Up Data to XMLJIRA now recognises another new variable called jira.paths.safe.backup.path in the jira-application.properties file (located in your JIRA Installation Directory). By default, this variable is present in the jira-application.properties file, but it is disabled ('commented-out') and its value is an example directory path value only. If you enable the jira.paths.safe.backup.path variable and set its value to a valid directory, the following screen in JIRA: .../secure/admin/XmlBackup!default.jspa (see Backing Up Data for more information) will display this message:
Otherwise, this message is displayed:
Announcement BannerFor security reasons, the ability to preview the Announcement Banner has been disabled. Data for Support RequestsFor security reasons, we no longer attach XML backups and logs to the emails generated by the Support Request page. Differences between JIRA 4.1.1 and the Security Patches for Earlier JIRA VersionsThe main purpose of the JIRA 4.1.1 point release was to fix several security vulnerabilities in JIRA. (Patches to fix these vulnerabilities in earlier versions of JIRA can be obtained via the JIRA Security Advisory 2010-04-16 or JIRA issue JRA-21004.) However, that there are some differences in behaviour between JIRA 4.1.1 and the patches applied to earlier JIRA versions:
Developers NoteWhen using the Atlassian SDK, the correct JIRA version to reference is 4.1.1.1 (not 4.1.1). See the Atlassian Plugin SDK 3.1.2 Release Notes for details. Upgrading from JIRA 4.1 to 4.1.1Please follow the JIRA general upgrade instructions. Upgrading from JIRA 4.0.x and EarlierIn addition to the above, please read the JIRA 4.1 Upgrade Guide and the Upgrade Guide for every version you are skipping during the upgrade. The complete list of Upgrade Guides is available here. |
![]() |
Document generated by Confluence on Mar 27, 2011 18:40 |