6.7.3 Release Notes



23 December 2020

Botron team is happy to announce the release of Configuration Manager for Jira 6.7.3!

Upgrading to Configuration Manager for Jira 6.7.3 is free for all customers.




Updates and Resolved Issues




  • Fixed possibility for XML External Entity attacks and Server-Side Request Forgery if a snapshot file is compromised - CVE-2020-35543.

  • Fixed possibility for Cross-Site Scripting (XSS) attack in the project name validation when deploying snapshots - CVE-2020-35544.

  • Fixed a problem where some properties of an existing user are shown to be modified during deployment even though they wouldn’t be.

  • Fixed a problem where a request type assignee field preset value is missing after deployment.

  • Fixed JSD Email Channel NoSuchMethodError on JSD 4.5.9.

  • Fixed problem with model migration not working with binary snapshots with dates.

  • Fixed a problem with partially failing ranking due to an unexpected database exception.

  • The deleteConfiguration method of the Custom Fields SPI was not called when a custom field was deleted in restore mode.

More improvements and bug fixes will be coming soon. Thanks! Submit your suggestions for improvements to Botron Support Portal. We value your feedback!