This page last changed on Feb 20, 2008 by christopher.owen@atlassian.com.

24 January 2008

Presented with pleasure by the Atlassian Confluence team: Confluence 2.7.1 is a recommended upgrade which fixes a security flaw and other bugs, and brings a couple of improvements.

We have identified and fixed an XSS (cross-site scripting) security flaw which may affect Confluence instances in a public environment. For details, please refer to the security advisory.

Recording of authorship and history for page attachments is improved, so that attachment history is now retained after operations such as editing the attachment or moving it to a new page.

A new option on the Export Space screen allows administrators to export all pages to XML even when page-restrictions deny the administrator access to some of the pages.

This release also fixes problems in the following areas:

  • The SOAP API, which was broken in Confluence 2.7.0.
  • Logging.
  • Internationalisation (support for different languages).
  • Case-sensitivity for usernames and group names when using LDAP integration, and problems with upper-case letters in usernames when applying space permissions.

There's a complete list of fixes below. Click a specific issue to see details of the fix, and to download any patches where relevant.

Confluence 2.7.1 is available from the download centre.

Upgrading from a previous version of Confluence

Upgrading Confluence should be fairly straightforward. Please read the upgrade instructions. We strongly recommend that you back up your confluence.home directory and database before upgrading!

Updates and fixes in this release

Atlassian JIRA (26 issues)
T Key Summary Pr Status Res
Task CONF-10436 Document update to attachment details Major Closed FIXED
Task CONF-10434 Document update to export space screen Major Closed FIXED
Improvement CONF-10392 Confluence javac should not fork Major Closed FIXED
Bug CONF-10359 http.proxyPort System property is ignored Critical Resolved FIXED
Improvement CONF-10311 Improve WebLinks in Confluence to allow for customizing the baseURL Major Resolved FIXED
Bug CONF-10302 Poor handling of null request in DashboardMacroSupport.getRequestParameter() during exports (such as HTML and PDF) Minor Resolved FIXED
Bug CONF-10289 Security vulnerability with Dashboard spacesSelectedTab Blocker Resolved FIXED
Bug CONF-10269 ContentEntityObject.getAttachmentNamed() doesn't return the latest version of attachment Major Resolved FIXED
Bug CONF-10268 Hibernate SQL logging does not show up on confluence 2.6.2 and 2.6.1 Critical Closed FIXED
Bug CONF-10245 {note} {warning} {info} {tip} macros do not display a standard width when using Classic Theme Minor Closed FIXED
Bug CONF-10235 Confluence 2.7 SOAP API is broken Major Closed FIXED
Bug CONF-10213 XML RPC server uses platform default character encoding to decode requests Major Resolved FIXED
Bug CONF-10201 "org.apache.commons.logging.impl.Jdk14Logger does not implement Log" on Websphere due to commons-logging-1.0.jar Major Resolved FIXED
Bug CONF-10140 XML-RPC does not handle Japanese characters in page title and content Major Resolved FIXED
Bug CONF-9923 Cannot switch to english language after upgrading to 2.6.0 from 2.5.4 with german language pack Major Resolved FIXED
Bug CONF-9867 Entering invalid space key in URL allows setting of invalid global permissions Major Resolved FIXED
Bug CONF-9609 Space key with "-" (hyphen) thows exception Minor Resolved FIXED
Bug CONF-9488 The Recently Updated Content Macro fails to export to HTML Minor Closed FIXED
Bug CONF-9469 Upper case letters in user names don't work with space permissions Major Resolved FIXED
Bug CONF-9265 Attachment history gets lost Minor Resolved FIXED
Improvement CONF-8863 Retain the Original Create Date on Attachments despite Edits to FileName, Comment Type, Content Type, or Page location Major Resolved FIXED
Bug CONF-8848 Editing an attachment to removes author and date information from previous versions Critical Resolved FIXED
Bug CONF-8475 Missing localisation in attachments macro Minor Resolved FIXED
Bug CONF-7342 Confluence uses user.language and user.country to choose default language Minor Resolved FIXED
Bug CONF-7283 Space export does not export restricted pages. Critical Resolved FIXED
Bug CONF-3504 A Space belonging to an old session is sometimes being cached. Major Closed CANNOT REPRODUCE

Document generated by Confluence on Aug 07, 2008 19:06