Release Notes
KeyTypeStatusSummaryDescriptionVersionsFixversions
Known Bugs
KeyTypeStatusSummaryDescriptionAffects versionsFixversionsSCFB-53ClosedFixing the vulnerability CVE-2024-57699Please update to the version 5.0.1. Because this version contains the vulnerability CVE-2024-57699. This vulnerability occurs because the library json-smart-2.5.1.jar which was shipped and used in earlier versions. This version contains json-smart-2.5.2.jar.SCFB-51ClosedFixing the vulnerability CVE-2023-1370Jira actions are performed with a JSON payload. In this case the libray "net.minidev-json-smart", which is affected by CVE-2023-1370, was used to create this payload. However, the critical functionality had no negative impact on the add-on. Nevertheless, the library was updated. SCFB-47ClosedFixing the vulnerability CVE-2021-27568Please update to the version 3.0.5. Because this version contains the vulnerability CVE-2021-27568 . This vulnerability occurs because the library json-smart-1.1.1.jar which is shipped and used with this version. SCFB-42ClosedHook is not working if the header option as not been set.If the option "Enable or disable the Jira comment header" is initially not set, the hook runs into a exception case an do not continue the processing of the smart actions.SCFB-41ResolvedWorklog will not be createdEven the worklog action is enabled ("Work logs - add work logs to issues"), a worklog will not be created. A worklog will only be created if the option is enabled in combination with a further option ("Time tracking - return the time tracking values")