This page last changed on Oct 13, 2008 by smaddox.

14 October 2008

Confluence 2.9.2 is a recommended upgrade which fixes some security flaws and other issues.

Please refer to the security advisory for details of the security vulnerabilities, risk assessment and mitigation strategies.

You can now view the Wiki Markup code for previous versions of a page as well as the current version. Open a previous version from the page history, then select 'View Wiki Markup' from the 'Tools' menu. Previously, a bug caused Confluence to show the Wiki Markup only for the current version of the page.

Another bug caused an error to occur when you copied a page and tried to add an attachment before saving the page. This is now fixed, along with a number of other issues.

Don't have Confluence 2.9 yet?

Take a look at the new features and other highlights in the Confluence 2.9 Release Notes.

Upgrading from a Previous Version of Confluence

Upgrading Confluence should be fairly straightforward. Please read the Confluence 2.9.2 Upgrade Notes. We strongly recommend that you back up your confluence.home directory and database before upgrading.

Updates and Fixes in this Release

JIRA Issues (29 issues)
Type Key Summary Priority Status Resolution
Bug CONF-13043 XSS in pagetree plugin Blocker Resolved Fixed
Bug CONF-13041 XSS in bookmarks plugin Critical Resolved Fixed
Bug CONF-13092 Provide Patch for XWork ParametersInterceptor attacks Critical Resolved Fixed
Bug CONF-13039 Privilege escalation: User is able to add a page to his watchlist without having the permission Critical Resolved Fixed
Bug CONF-13042 XSS in RSS feed creation Critical Resolved Fixed
Bug CONF-12940 Permission problem in preview blog post Critical Resolved Fixed
Bug CONF-13040 Stored XSS in wiki macro search Critical Resolved Fixed
Bug CONF-12944 XSS in site search action Major Resolved Fixed
Bug CONF-11640 Errors retrieving mail from Microsoft Exchange: "Unable to load BODYSTRUCTURE" Major Resolved Fixed
Bug CONF-12920 Paging on Undefined Pages does not work with Auto Html Encoding Major Resolved Fixed
Bug CONF-12827 Paging does not work on People Directory with Auto Html Encoding Major Resolved Fixed
Bug CONF-12825 Exclamation marks in comments encoded when collapsed Major Resolved Fixed
Bug CONF-12921 Paging on Orphaned Pages does not work with Auto Html Encoding Major Resolved Fixed
Bug CONF-12922 Paging on Restricted Pages does not work with Auto Html Encoding Major Resolved Fixed
Bug CONF-12291 Avalon Logkit library is missing. Major Resolved Fixed
Bug CONF-11022 Saving a copied page with attachments added to draft fails with NullPointerException Major Resolved Fixed
Bug CONF-13035 View Page History link broken when viewing the latest version Major Resolved Fixed
Bug CONF-13051 View Source only shows the latest version Major Resolved Fixed
Bug CONF-12727 When viewing diffs between pages, there is no longer the option to page between them (link missing) Major Resolved Fixed
Bug CONF-11854 c3p0-0.9.1.2: Built-In JMX-Service incompatible with Websphere 6.1.0.9 Major Resolved Fixed
Bug CONF-11324 Session isn't invalidated on logout Major Resolved Fixed
Bug CONF-12799 SearchBean pagination does not check the sanity of the start index Major Resolved Fixed
Bug CONF-12889 Creating a new user macro with the same name name as an existing one silently clobbers the old macro Major Resolved Fixed
Bug CONF-12826 Paging on Mail does not work with auto Html Encoding Major Resolved Fixed
Bug CONF-13003 Deleting a label takes you to the top of a page Minor Resolved Fixed
Bug CONF-9563 Classpath Duplication Check fails on Resin 3 Minor Resolved Fixed
Bug CONF-10580 Confluence uses a version of HSQLDB that sometimes returns results in wrong order Minor Resolved Fixed
Bug CONF-10364 Page titles with two hyphens in it "--" cause html "end comment tags" ("-->") between page comments Minor Resolved Fixed
Bug CONF-12816 ConvertedPath class uses a VelocityEngine that doesn't know about Atlassians velocity.properties file Minor Resolved Fixed

Document generated by Confluence on Nov 05, 2009 23:28