Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In general, the latest version of Kantega SSO Enterprise is compatible with the oldest version that has not been ended of life. See Atlassian’s End-of-life (EOL) policy to get an overview of versions and EOL dates.

Application

Compatible from Server version

Compatible from Data Center version

Bamboo

7.2.1

8.0.0

Bitbucket

7.6.0

7.6.0

Confluence

7.8.0

7.8.0

Jira

8.12.0

8.12.0

Changelog

Kantega SSO is getting a new large improvement under the hood, laying the foundation for future functionality and steps to support newer version of Java runtimes that is coming in future Data Center releases.

Insert excerpt
Kantega SSO Enterprise 6.0.x release notes
Kantega SSO Enterprise 6.0.x release notes
nopaneltrue

Excerpt
hiddentrue

Changes in 6.0.1

13:30

Security update to patch CVE-2022-42889

Security patches

Update apache sommons-text to 1.10.0 to patch vulnerability in CVE-2022-42889:https://nvd.nist.gov/vuln/detail/CVE-2022-42889

Changes in 6.0.0

15:00 - 11:30

Under-the-hood changes, Teams SSO, JSM signup, name attibutes and dependencies

Features

  • Status
    colourGreen
    titleglobal config
    Microsoft Teams SSO. When an Atlassian product is embedded as an iframe app in Teams, Kantega SSO supports relaying the identity from the Identity Provider.

  • Status
    colourBlue
    titlejsm
    Status
    colourGreen
    titleglobal
    Email domain allowlist for signup of user in Jira Service Management (JSM).

  • Status
    colourPurple
    titleSAML/OIDC
    Map separate firstName / lastName claims to the Name attribute for Just-in-time user provisioning

Improvements

  • Under-the hood update of the OSGI plugin version. This has lead us to change annotations and maven scopes for certain dependencies. This will hopefully offer more stability and lay the foundation for future development.

  • Status
    colourRed
    titlescim
    Allow more special characters in group names during SCIM sync

Bug fixes

Dependency updates

Diff from org.kantega.atlaskerb, higlighting the most relevant changes:

Code Block
languagediff
--- a/pom.xml
+++ b/pom.xml
@@ -118,12 +118,12 @@
       <plugin>
         <groupId>com.github.spotbugs</groupId>
         <artifactId>spotbugs-maven-plugin</artifactId>
-        <version>4.5.0.0</version>
+        <version>4.7.2.0</version>
         <dependencies>
           <dependency>
             <groupId>com.github.spotbugs</groupId>
             <artifactId>spotbugs</artifactId>
-            <version>4.5.2</version>
+            <version>4.7.2</version>
           </dependency>
         </dependencies>
         <configuration>
@@ -151,7 +151,7 @@
       <plugin>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-maven</artifactId>
-        <version>6.5.1</version>
+        <version>7.2.1</version>
@@ -797,13 +797,13 @@
     <dependency>
       <groupId>org.assertj</groupId>
       <artifactId>assertj-core</artifactId>
-      <version>3.10.0</version>
+      <version>3.23.1</version>
       <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>junit</groupId>
       <artifactId>junit</artifactId>
-      <version>4.12</version>
+      <version>4.13.2</version>
       <scope>test</scope>
     </dependency>
@@ -839,7 +839,7 @@
     <dependency>
       <groupId>org.json</groupId>
       <artifactId>json</artifactId>
-      <version>20210307</version>
+      <version>20220320</version>
     </dependency>
@@ -1031,7 +1031,7 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk15to18</artifactId>
-      <version>1.70</version>
+      <version>1.71</version>
     </dependency>
@@ -1114,7 +1114,7 @@
     <dependency>
       <groupId>com.google.guava</groupId>
       <artifactId>guava</artifactId>
-      <version>31.0.1-jre</version>
+      <version>31.1-jre</version>
       <scope>provided</scope>
     </dependency>
     <dependency>
      <groupId>com.atlassian.sal</groupId>
      <artifactId>sal-api</artifactId>
-     <version>3.1.2</version>
+     <version>4.2.0</version>
      <scope>provided</scope>
    </dependency>
     <dependency>
-    <fasterxml.jackson.version>2.13.3</fasterxml.jackson.version>
+    <fasterxml.jackson.version>2.13.4</fasterxml.jackson.version>
-    <activeobjects.version>3.0.0</activeobjects.version>
+    <activeobjects.version>3.2.4</activeobjects.version>
-    <amps.version>8.0.0</amps.version>
+    <amps.version>8.2.3</amps.version>

Changes in 6.0.1

13:30

Security update to patch CVE-2022-42889

Security patches

Update apache sommons-text to 1.10.0 to patch vulnerability in CVE-2022-42889:https://nvd.nist.gov/vuln/detail/CVE-2022-42889