Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

We are pleased to announce Kantega SSO Enterprise 5.5.

Read the upgrade notes for important information about the updating to version 5 (and you are upgrading from 4.x), and see the full changelog below.

Compatible applications

Application

Compatible from version

Bamboo

7.0.1

Bitbucket

7.0.0

Confluence

7.4.0

Jira

8.8.0

Kantega SSO Enterprise for Bamboo Data Center May 2022

We are happy to announce that Kantega SSO Enterprise will be release for Bamboo Data Center this spring. The version is planned for release during May, when the Atlassian certification is completed. Data Center customers will be required to purchase a Data Center app license upon their next renewal.

Changelog

Security patches and bug fixes and GUI improvements.

Changes in 5.5.0

Improvements

  • SAML/OIDC The setup wizard has been refactored with more a new, faster form system and state management

  • Migrate usage of a deprecated SAL UserManager methods for obtaining UserProfile

  • More consistent with external link symbol for links pointing outside the product

Bug fixes

  • SAML/OIDC Fix poor handling of Websudo / Secure Administration Session timeout Setup wizard

  • SAML/OIDC Instant redirect didn’t show text on dashboard page in Jira

  • KSSO FOR BITBUCKET Nullpointer exception introduced in 5.4.0 in referer header check in servlet filter chain for REST endpoints

Changes in 5.5.2

Improvements

  • GLOBAL CONFIGURATION Added a toggle so it is an option to turn off the CSRF Origin Header check that was introduced in built-in to version 5 of Kantega SSO Enterprise if your system encounters issues with headers. The feature acts like ‘Disable Basic Auth’, and can be disabled also by removing a file on the application server. It is recommended to keep this check turned on for security reasons.

  • SAML/OIDC Updated Bouncy Castle bcpkix dependency in SAML component

  • KERBEROS Updated Bouncy Castle bcprov dependency in Kerberos component

  • Deprecated javascript resource com.atlassian.auiplugin:dialog2 migrated to com.atlassian.auiplugin:aui-dialog2

Bug fixes

  • SAML/OIDC Fixed redirect to Jira Service Management (JSM/JSD) not working

  • SAML/OIDC Fix metadata URL hint missing for Keycloak in IDP setup wizard

  • SAML Innacurate / incorrect test result text in SAML login test results for Missing User Info status

Dependency updates

Dependency

Updated from version

Updated to version

Description

bouncycastle.bcprov

bouncycastle.bcprov-jdk15@140

org.bouncycastle.bcprov-jdk15to18@1.70

Dependency in Kerberos component of Kantega SSO Enterprise, org.simplericity.serberuhs. Our internal managed fork of serberuhs contains the new updates.

org.bouncycastle.bcpkix

bcpkix-jdk15on@1.59

org.bouncycastle.bcpkix-jdk15to18@1.70

Dependency in SAML component of Kantega SSO Enterprise

Security vulnerabilities fixed

The dependency patching resolved the following vulnerabilities:

Vulnerabilities

Vulnerable dependency

Fix dependency

CVE-2013-1624

bouncycastle.bcprov-jdk15@140 in org.simplericity.serberuhs

org.bouncycastle.bcprov-jdk15to18@1.70

CVE-2020-26939,
CVE-2020-15522
CVE-2020-26939
CVE-2018-1000180,
CVE-2018-1000613

bcpkix-jdk15on@1.59

org.bouncycastle.bcpkix-jdk15to18@1.70

CWE-200

commons-codec:commons-codec@1.3 in org.simplericity:serberuhs

commons-codec:commons-codec@1.15

Changes in 5.5.3

  • No labels