The Data Center`s future in the hands of community
By in

The Data Center`s future in the hands of community

Will Jira Data Center end up like Jira Server? Perhaps this question would not have appear in the user`s minds if it wasn`t for the Atlassian Community. After the last two-day conference Team’22, where there was no mention of Data Center further development, Rodney Nissen (aka The Jira Guy) wrote a great critique, with even better title: “Atlassian, we need to talk about Data Center”. See what happened next.

(more…)

Bitbucket and Confluence DC critical vulnerability
By in

Bitbucket and Confluence DC critical vulnerability

Bitbucket Data Center and Confluence Data Center are vulnerable to Java deserialization attacks (CVE-2016-10750). It`s because of Hazelcast, third-party software, which Attlassian DC appliations use for running as a cluster. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted JoinRequest, resulting in arbitrary code execution. You should upgrade your instances to the safe version or use a provided workaround as soon as possible. More info HERE.