We are pleased to announce Kantega SSO Enterprise 5.5.
Read the upgrade notes for important information about the updating to version 5 (and you are upgrading from 4.x), and see the full changelog below.
Compatible applications
Application | Compatible from version |
---|---|
Bamboo | 7.0.1 |
Bitbucket | 7.0.0 |
Confluence | 7.4.0 |
Jira | 8.8.0 |
Kantega SSO Enterprise for Bamboo Data Center May 2022
We are happy to announce that Kantega SSO Enterprise will be release for Bamboo Data Center this spring. The version is planned for release during May, when the Atlassian certification is completed. Data Center customers will be required to purchase a Data Center app license upon their next renewal.
Changelog
Security patches and bug fixes and GUI improvements.
Changes in 5.5.0
Improvements
SAML/OIDC The setup wizard has been refactored with more a new, faster form system and state management
Migrate usage of a deprecated SAL UserManager methods for obtaining UserProfile
More consistent with external link symbol for links pointing outside the product
Bug fixes
SAML/OIDC Fix poor handling of Websudo / Secure Administration Session timeout Setup wizard
SAML/OIDC Instant redirect didn’t show text on dashboard page in Jira
KSSO FOR BITBUCKET Nullpointer exception introduced in 5.4.0 in referer header check in servlet filter chain for REST endpoints
Changes in 5.5.2
Improvements
GLOBAL CONFIGURATION Added a toggle so it is an option to turn off the CSRF Origin Header check that was introduced in built-in to version 5 of Kantega SSO Enterprise if your system encounters issues with headers. The feature acts like ‘Disable Basic Auth’, and can be disabled also by removing a file on the application server. It is recommended to keep this check turned on for security reasons.
SAML/OIDC Updated Bouncy Castle bcpkix dependency in SAML component
KERBEROS Updated Bouncy Castle bcprov dependency in Kerberos component
Deprecated javascript resource
com.atlassian.auiplugin:dialog2
migrated tocom.atlassian.auiplugin:aui-dialog2
Bug fixes
SAML/OIDC Fixed redirect to Jira Service Management (JSM/JSD) not working
SAML/OIDC Fix metadata URL hint missing for Keycloak in IDP setup wizard
SAML Innacurate / incorrect test result text in SAML login test results for Missing User Info status
Dependency updates
Dependency | Updated from version | Updated to version | Description |
---|---|---|---|
bouncycastle.bcprov | bouncycastle.bcprov-jdk15@140 | org.bouncycastle.bcprov-jdk15to18@1.70 | Dependency in Kerberos component of Kantega SSO Enterprise, org.simplericity.serberuhs. Our internal managed fork of serberuhs contains the new updates. |
org.bouncycastle.bcpkix | bcpkix-jdk15on@1.59 | org.bouncycastle.bcpkix-jdk15to18@1.70 | Dependency in SAML component of Kantega SSO Enterprise |
Security vulnerabilities fixed
The dependency patching resolved the following vulnerabilities:
Vulnerabilities | Vulnerable dependency | Fix dependency |
---|---|---|
CVE-2013-1624 | bouncycastle.bcprov-jdk15@140 in org.simplericity.serberuhs | org.bouncycastle.bcprov-jdk15to18@1.70 |
CVE-2020-26939, | bcpkix-jdk15on@1.59 | org.bouncycastle.bcpkix-jdk15to18@1.70 |
CWE-200 | commons-codec:commons-codec@1.3 in org.simplericity:serberuhs | commons-codec:commons-codec@1.15 |
Changes in 5.5.3