This is the first of our monthly recurring blog post covering the highlights of Atlassian Server and Data Center product updates. For each product, we made a selection of the most interesting new features, bug fixes and security advisories that have been released in the last month.
Because this is the first, we also provided an overview of what has changed in the last 6 months for each product.
As TMC ALM, we provide services for keeping your products up-to-date. We have a lot of experience with upgrading Atlassian environments in a safe and secure manner. Your data and business continuation has our top priority!
For more information, please check out our services page or contact us.
Jira’s June Release Highlights
Atlassian released Jira 8.2.2 and Jira Servicedesk (JSD) 4.2.2 in June. Both are bugfix releases without any new features.
The most important bugs fixed in these releases include:
- When configuring a Kanban Board column to use multiple statuses, they will not all appear when having a list of issues longer than the page, and then try to transition the issue (JSWSERVER-20031).
- Editing multiple different projects at the same time and assigning the same IssueTypeSchema (ITS) to them, may cause data loss for other projects using the same ITS. (JRASERVER-66625).
- Jira creates duplicated jobs for Bamboo’s “PlanStatusUpdateJob” scheduler every time Jira is restarted. This problem even happens to Jira instances where Bamboo is not used.
This can have a huge impact on the job scheduler, which could crash. Resulting in notifications not being sent anymore, as well as Jira itself crashing on a regular basis (JRASERVER-66593).
On 17 Jun 2019, Atlassian also released bugfix release Jira (Software) 7.13.4 and JSD 3.16.4 for its Enterprise Releases.
Important bug fixes for this release include:
- DailyAlertAnalyticsJob loads all alerts from a given day into memory causing high pressure on the JVM’s garbage collection, eventually leading to Out of Memory exceptions on big instances (JRASERVER-69138).
- Editing multiple different projects at the same time and assigning the same IssueTypeSchema (ITS) to them, may cause data loss for other projects using the same ITS. (JRASERVER-66625).
Our Opinion
If you are suffering from the duplicated jobs for “PlanStatusUpdateJob” bug in the Jira Schedular (JRASERVER-66593), this is a must upgrade! No matter what version you are on. If you are affected, a large number of “PlanStatusUpdateJob”-jobs in Jira’s Scheduler are visible, when there should only be a single one.
Still using Jira 7? Then Jira 8 will show a major performance improvement for both users and administrators. In later Jira 8 releases some nice features have been added as well, read more about them here. In either case we suggest upgrading to Jira (Software) 8.2.2 or in case of Jira Service Desk to 4.2.2.
For large and/or mission critical instances that are still on the previous enterprise release, upgrading to Jira (Software) 7.13.4 or Jira Service Desk 3.16.4 is a must as well. The previous Jira Enterprise Release (7.6 and JSD 3.9) will be out of support in November 2019.
Jira’s feature release 8.3 will be available soon. Most important feature in this release is the official launch and support of the Jira Server Mobile app for iOS and Android. Unfortunately Jira Service Desk won’t be supported yet. Also support for Oracle’s 12c R2 database driver will most likely be included in this release (JRASERVER-67079). We’ll keep you updated!
Confluence’s June Release Highlights
Both Confluence 6.15.6 and 6.15.5 have been released in June without any new features. Please beware of the security advisories that have been published in March and April.
Confluence 6.15.5 contains a fix for bug CONFSERVER-52441, which fixes the emoticon macro changing to an image after saving/editing the page, but this release is withdrawn due to the resulting bug CONFSERVER-58490. Confluence 6.15.6 has been released on 24 Jun 2019and contains fixes for both the above bugs as well as these:
- Links in KB-articles result in a 404 (not found) error when clicking these in Jira Service Desk’s Customer Portal (CONFSERVER-58392).
- Cloud to Server migration results in the “executeClusteredJobWithRecoveryGuard Unhandled exception” error flooding the atlassian-confluence.log (CONFSERVER-51661).
- A MySQL issue that could result in database deadlocks when having multiple Confluence nodes (CONFSERVER-57375).
The latest Enterprise Release is 6.13.5 and was released on 03 Jun 2019.
Our Opinion
The most important factor for considering upgrading Confluence is whether or not you are on a release that has security vulnerabilities. The following releases include fixes for all known critical security vulnerabilities in Confluence:
● 6.6.13, 6.6.14
● 6.12.4
● 6.13.4, 6.13.5
● 6.14.3
● 6.15.2 or higherWhen your Confluence version is not equal to any of the above releases, then upgrading to version 6.15.2 or higher should be a top priority.
Feature-wise, Confluence 6.14 includes some great improvements to the editor and quick search functionality. Unfortunately, the latest Enterprise Release (6.13.5) does not include these improvements.
A platform update is around the corner for Confluence. Confluence 7 promises improvements on the search results, an updated User Interface and support for Java 11. If you are already on one of the above-mentioned versions and are not in a hurry, it might be wise to wait for at least Confluence 7.1.1
Bitbucket’s June Release Highlights
On 18 Jun 2019, Atlassian released a new feature release; Bitbucket, 6.4.0. Together with bugfix release 6.3.2, released earlier this month, the following features and bugfixes are included:
- Announcement Banner built-in
With Bitbucket 6.4 it’s a lot more user-friendly to communicate scheduled downtime, upcoming maintenance periods, and other important info with the built-in announcement banner. It appears at the top of Bitbucket Server. Check here how to use it. - Git LFS locked file indicator
Bitbucket 6.3 introduced support for Git LFS file locking, which allows locking files to stop them from being edited while being worked on, which helps avoiding merge conflicts. With Bitbucket 6.4 it’s now also indicated with a lock icon next to the filename of locked files. When hovering over the lock icon, you can see who locked it when. - Merge check for duplicate open pull requests
Bitbucket now blocks a pull request from being merged if it has duplicate open pull requests. - Git 2.22 official support
- Bitbucket now retains Jira default field values
When creating a Jira issue from Bitbucket Pull Request, Bitbucket does not retain the default field values for standard or custom fields (BSERV-11696). - Public flag for repositories now synced to mirrors (Datacenter)
When the Public flag is enabled/disabled for a mirrored repository, it doesn’t sync on corresponding mirrors (BSERV-11792).
Our Opinion
Though this is an interesting release, we would recommend updating to Bitbucket 6.3.2 or wait for the first bugfix release for 6.4.0 only if you are on Bitbucket Server 6.1.2 or lower.
In general, Bitbucket Server has received some nice new features and a lot of bug fixes since 5.16. Check out our Release History Highlights to find out if upgrading is worth your time and effort.
Bamboo’s June Release Highlights
Bamboo 6.9.1 and 6.8.3 have been released on 04 Jun 2019. The 6.9.1 release contains 2 minor bugfixes and 1 major bugfix (backported to 6.8.3 as well) concerning Bamboo integration with Bitbucket Cloud which was caused by a Bitbucket Cloud REST API change. This results in an authentication error noticed in the user interface and thus affecting all versions before 6.9.1 and 6.8.3.
Our Opinion
If you didn’t integrate Bamboo with Bitbucket Cloud, there is really no reason to do a small upgrade to either Bamboo 6.9.1 (or 6.8.3). This is of course unless you are Bamboo 6.6 or lower. Bamboo 6.6 is already one year old this month.
Do note that Bamboo 6.8 introduced the new look and feel matching the other Atlassian tooling and also improved significantly on the Deployment side of Bamboo. With release 6.9, Atlassian improved a lot on the Bamboo Specs feature. If these are features that are heavily used in your instance, you should definitely upgrade.
Jira’s Release Highlights Recap
n February 2019 the new Jira 8/JSD 4 platform was released. The most notable update is the significant performance increase. These include viewing boards and backlogs, searching with JQL, browsing boards and re-indexing issues. For JSD performance increase is most notable in viewing queues, opening the customer page and project creation.
For more details read our blog post: Test driving the new JIRA 8.x
Jira (Core + Software) – Interesting features and updates
- Support for AdoptOpenJDK 8
Oracle stopped providing public updates for Oracle JDK 8 in January. This means that only Oracle customers with a paid subscription or support contract will be eligible for updates. Atlassian made Confluence compatible with AdoptOpenJDK 8, which is free to use and provides regular maintenance and security updates. - Improved Scrum and Kanban boards and backlogs
- Better email notifications
From Jira 8.0 onwards, it is possible to batch events that occur close together and receive them in a single email. Every email like that groups events that occurred in a single issue within the 10-minute window, and is very helpful when you’re doing any bulk updates, or when your teammates create issues and fill them in in one go. - New priority icons
- New options in the advanced search
It’s now possible to search for contributors (updatedBy) and issue link types (issueLinkType). - Managing old components
From Jira 8.1 onwards it’s possible to archive components. When a component is no longer needed, you can archive it. It will be tagged as “Archived” and as such will disappear from selection options. - Development info on issue cards
Now you can add the development tool info directly to your Board’s cards by adding the Development field to your Card layout. - New colors of issue statuses
To bring more consistency between the Jira Server and Jira Cloud applications, and to move another step closer to the new Atlassian Design direction, Atlassian updated the colors of issue statuses. - Java 11 support
From Jira 8.2.2 onwards Java SE 11 is officially supported. This is the latest Long-Term-Support release, so you’ll be able to get updates and fixes for longer. - Microsoft SQL Server 2017 support
It’s about time Atlassian started support Microsoft SQL Server 2017. You can find more info here… - Updating Apps won’t freeze or crash Jira anymore
The plugin manager is updated so that freezes or crashes of the Jira after trying to update an app won’t happen anymore. Atlassian promises that even for large instances, app updates can be performed whenever without any impact on the Jira instance. Before Jira 8.2 or JSD 4.2 it was advised to only update apps on large instances when the load was very low (JRASERVER-64908).
Jira Service Desk – Interesting features and updates
On top of the Jira Core features and updates, JSD received some specific features and updates on its own:
- Customer portal look and feel
From JSD 4.1 onwards there are more ways to customize your help center and portals, alongside a fresh new modern look. Check out Atlassian’s Blog post to find out more… - Smarter automation webhooks
It’s now possible to send custom payloads to third-party web services, with the new and improved automation webhooks in JSD. For example, post a message in a Slack channel when an SLA is about to be breached, or SMS a team lead when a major incident takes place. - Pasting screenshots bug finally fixed!
Before, attaching screenshots with the same filename or pasting multiple screenshots to a request in the customer portal, rendered duplicate images. With JSD 4.1 this is fixed. Now a suffix is appended to every filename to avoid duplication (JSDSERVER-5054). - Custom fields editable by Automation
From JSD 4.2 onwards it’s possible to create an automation rule that edits an issue’s custom field when a certain trigger takes place. Before it was only possible to edit the Jira default fields with Automation. - Improved Knowledgebase
When searching for an article on the help center, customer portal, or when you create a request, now a complete list of results is returned (with pagination even) instead of just the top 3. Also, a search help link is added to improve self-service for customers when using the search. - Knowledgebase reporting extended
Reports now include how many requests were resolved by agents sharing articles and how many without an article.
Confluence’s Release Highlights Recap
Important security advisories
Three critical security advisories for Confluence have been published in the last 6 months. This is quite uncommon as the previous one was published on 19 Apr 2017. The most critical one of the three is CVE-2019-3396 which allows an attacker to achieve server-side template injection, path traversal and remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. This issue has been heavily exploited with instances that are exposed to the internet, resulting in ransomware, trojans, and botnets being installed with all the consequences these entails.
Security fix releases have been made available for several Confluence versions. Our advice is to upgrade immediately. If you need help with your upgrade, please contact us.
Interesting features and updates
- NEW Enterprise Release
Confluence 6.13 supersedes Confluence 6.6 as the latest Confluence Enterprise Release. Our advice is to upgrade to the latest bugfix release of this version as soon as possible. - Delete user accounts (GDPR)
The ability to permanently delete a user account and anonymize much of the personally identifiable information associated with it has been added to Confluence. Beware that there are some limitations. Please contact us if more information regarding GDPR in relation to Atlassian tools is required. - PDF export improvements
Several PDF export bugs have been fixed and some visual improvements have been added, like improved tables, heading styling and macro export more consistant, Confluence pages tart on a new page and word-wrapping has been improved. - Support for AdoptOpenJDK 8
Oracle stopped providing public updates for Oracle JDK 8 in January. This means that only Oracle customers with a paid subscription or support contract will be eligible for updates. Atlassian made Confluence compatible with AdoptOpenJDK 8, which is free to use and provides regular maintenance and security updates. - Migration Assistant for Confluence
The Cloud Migration Assistant for Confluence is now bundled with Confluence. Use it to analyze the amount of content in a server instance and make plans to move spaces to a cloud site. - Improved search UI
Starting from Confluence 6.14 the quick search has been replaced with an expanded search view displaying more results and filter options. As you type, Confluence now performs a full search of your site content, so you’re more likely to find a match first go. - Editor upgrade
A huge number of improvements have been made to the editor, including solving common frustrations relating to table cells, bullet points, and cursor behaviour, especially when copying and pasting content. The look of the editor hasn’t changed, the improvements are all under the hood. - Delete a user’s profile picture (GDPR)
Administrators can now delete a user’s profile picture. This will delete both their current profile picture, and any others they may have uploaded in the past. - Add page numbers to PDF exports the easy way
When you export a space to PDF, Confluence 6.14 onwards now enables you to add page numbers with just one click. Numbers will be placed in the centre of the footer on the PDF file. - Filter search by space category
“Space categories” is added as a search filter, also for the quick search. - Changes to the backup and restore screen
The Backup and Restore screen have been updated to help admins prevent common problems, such as accidentally kicking off a full site re-index during a peak time, or locking themselves out after a site import.
Withdrawn Confluences releases
Below is a list of Confluence releases that have been withdrawn in the last 6 months. This is done mainly because these releases contain bugs that could lead to system instability, dysfunction or even crashes.
If you are running one of these releases on your production environment please contact us to help you analyze the possible consequences.
● Confluence 6.15.3
● Confluence 6.15.5
Bitbucket’s Release Highlights Recap
Atlassian launched the Bitbucket 6 platform release in February 2019. Most notable updates are the support for Java 11 and AJP connectors. Also, a lot of APIs, that were marked as deprecated in Bitbucket Server 5, have now been removed. Full details of which classes, interfaces, and methods have been removed can be found in the API changelog.
Important security advisories
On 22 May 2019, a security advisory was published regarding Bitbucket Data Center. If you use Bitbucket Data Center and are not on any of the following versions, please update immediately to version 6.1.2 or higher, or contact us on how to proceed.
● 5.13.6
● 5.14.4
● 5.15.3
● 5.16.3
● 6.0.3
● 6.1.2 or higher
Interesting features and updates
- Anonymize deleted user accounts (GDPR)
The delete user functionality is expanded with the ability to anonymize deleted user accounts. Non-attributable aliases will be used for the username, mentions, and personal projects. Also avatars, SSH-keys and permissions will be removed immediately. Comments, pull requests, and user data in Git history is the only thing that will remain. - Bitbucket Data Center in Azure
A reference implementation template to help deploy Bitbucket Data Center to Azure is made available. The template can be modified and is deployable through the Azure Marketplace or using the CLI. - Built-in commit graph
With version 6.1 Atlassian introduced a built-in commit graph to make it easier to find commits, understand the relationships between them, and visualize an entire repository.
- Repository descriptions
From 6.2 onwards it’s possible to add short descriptions to each repository to provide additional context and make them easier to identify. This can be done when creating a repo or through the repository configuration. - Absolute timestamps
Finally, it is possible to view all timestamps in absolute format (e.g.: 23 June 2019 14:00), instead of relative format (e.g.: 2 days ago). Beware that this is a user setting, which can’t be enabled globally by default. - Delete confirmation check
When deleting repositories, you are served with an additional step to confirm the deletion. From Bitbucket 6.2 onwards entering the repository name is required to confirm the deletion. - Customizable support link
The ‘Contact Support’ link in the footer can be set to a custom URL, for example creating a Bitbucket ticket in a Jira Service Desk instance. - Support for Git LFS file locking
Support for Git LFS file locking has been added to Bitbucket 6.3, which allows locking files to stop them from being edited while being worked on, which helps avoiding merge conflicts. Very useful. - Compare commits
The commit compare feature has been updated. It’s now possible to select a commit and compare it to another commit, branch, or tag. The sidebar allows for quick comparison using the Compare option. Find out more about this feature here. - Disable ASCII art for blocked commits
A new config property has been introduced that allows the system administrator to disable the ASCII art when one of the branch permissions rejects a push. Starting from 6.3, you can disable the ASCII art by adding the following line to the bitbucket.properties file:plugin.ref-restriction.feature.ascii.art=false(BSERV-10697). - Re-indexation of Jira issue keys in commit messages
In certain conditions, the Jira indexes may become inconsistent leading to a difference in the Pull request overview in the Development Panel and the details. Bitbucket 6.3 adds support for a ?withCommits=true query parameter on the existing reindex URL. When set, pull requests are reindexed including Jira issues referenced in their commit messages. If withCommits=true is not specified, it still defaults to false; the existing behavior.
Bamboo’s Release Highlights Recap
No major releases on Bamboo in the last 6 months. There where however a few useful features added and bugs fixed. Here is a list of the most interesting ones:
- Bamboo’s new clothes
With Bamboo 6.8 the new look and fool, introduced for all the other Atlassian tools, has finally come to Bamboo as well. The color palette is updated, along with typography and icons, but site navigation hasn’t changed. - Deployment performance improvement
Several deployment performance problems have been tackled in Bamboo 6.8. For example, the deployment dashboard and deployment view page are fitted with infinite scroll and delayed data fetching, environments can be dragged to any position, instead of 1 up or down and the edit deployments feels a lot faster. - Final stages are here!
A new stage type called Final stages is added. The Final Stage will always be executed in a plan no matter whether any of the preceding stages were run successfully or not. Final stages can be used, for instance, to collect data regardless of the build results, or run clean up tasks. For more information about stages in Bamboo, check out Using stages in a plan. - Bamboo Specs YAML 2.0
As of Bamboo 6.9, Atlassian added support for deployments, deployments permissions, and Plan permissions in Bamboo Specs. They’ve also broadened the scope of plan definitions, added new tasks and simplified the Bamboo Specs YAML syntax as well as support for agent requirements in YAML. Last but not least you can use Bamboo sensitive data encryption before storing the confidential information in your code repository for either Java or YAML. Check out the renewed Bamboo Specs Reference documentation and Bamboo Specs encryption.
- Project View permission added
From Bamboo 6.9 onwards the Bamboo view permission is added and required to be able to view a project and accessing all its plans. This also means you will only see the projects you have access from the Projects menu. Check Configuring project permissions for more details. - Agent status notification
Notifications can be enabled for agents going on and/or offline starting from version 6.9. With the agent offline notification, the 3 last executed jobs will be included. You’ll need to manually add the notifications from the System notifications administrative overview. - Deployment creation covered by Project’s Create permission
- Users allowed to create Plans on Project level are from Bamboo 6.7.3 onwards also permitted to create Deployments on Project level. Before the Global Create permission was required for this.
- Finished jobs never finish and block the queue
With Bamboo 6.8.1 and higher this bug is finally solved. No longer will build agent and Bamboo server be out of sync concerning finished build jobs (BAM-13738).
