Archives for the tag: security

Working with you to beat password re-use

The Atlassian Security team is dedicated to protecting our customers' data. We think a lot about the impact of potential cyber intrusions and know that the way we shield customers against attacks impacts their data, privacy, content, source code, and reputation with their customers. We are constantly on high alert; modelling, monitoring, and responding to security threats of all types. And we've invested in building a Security Intelligence capability that helps us do just that. Managing passwords

Continue reading »

Atlassian Trust Center We have launched our new Trust @ Atlassian site to make it easier to find the information you need to trust Atlassian products and cloud services.  We have Security at the heart of that trust relationship but also know that Quality, Availability, Privacy and Compliance are important.  We have detailed information about our Security program, including how we run our Security Management Program, updated Privacy information, and, for the first time, have published our Atlassian

Continue reading »

We have reviewed the issues described in the Git vulnerabilities CVE‑2016‑2315 & CVE-2016-2324 and released updates to affected products to fix the vulnerabilities. The following products were affected SourceTree for Windows. Update to version 1.8.3 or later for a fix. You can find the latest version at https://www.sourcetreeapp.com/download/. SourceTree for Mac. Update to version 2.2.4 or later for a fix. You can find the latest version at https://www.sourcetreeapp.com/. Bitbucket

Continue reading »

CVE-2015-7547 Advisory

We have reviewed the issues described in Google's CVE-2015-7547 Advisory from February 17 and found that a very small part of our environment was affected. Within the Atlassian Cloud (including HipChat and Bitbucket) the small number of Atlassian systems affected have been upgraded to remove the vulnerability. For those using HipChat Server on their systems we have released an update and notified all customers impacted. If you have any questions, please contact Atlassian Support.

Continue reading »

OpenSSL Security Advisory

Following on from the announcement from the OpenSSL team today, we have been assessing the impact to Atlassian Cloud, and our customers, and are deploying updated SSL versions as needed. Our current state is as follows: Bitbucket - Not affected but patch deployment is complete HipChat - Not affected but have patched appropriate systems. Atlassian Cloud -Not affected but patch deployment complete. For those who run our Server versions, we recommend you deploy the supported patches

Continue reading »

The maintainers of the Git and Mercurial open source projects have identified a vulnerability in the Git and Mercurial clients for Macintosh and Windows operating systems that could allow critical files to be overwritten with unwanted files, including executables. We recommend that all client users of Git and Mercurial, including FishEye, Crucible, and SourceTree users, update their Git client with one of the published Git maintenance releases (1.8.5.6, 1.9.5, 2.0.5, 2.1.4 and 2.2.1) or

Continue reading »