3.6.5 (Security fix)
- The packed SQL+JQL Driver has been upgraded (+9.7.0) to fix a critical vulnerability. Please upgrade the SQL+JQL Driver on Jira ASAP (it might require to upgrade the JDBC driver to access remotely)
3.6.4 (Security fixes)
- As a result of deep research to find security vulnerabilities in the app some URLs have been fixed to avoid potential XSRF attacks to Jira administrators. Read more...
- In addition, the packed SQL+JQL Driver has been updated to the 9.6.0 version which also fixes critical vulnerabilities in the Driver.
3.6.3 (Security fix)
- FIX: It was possible to perform an XSS attack from one URL. Credits for Ivan Rumak and Alexey Rumak that reported it via https://detectify.com/. Thank you!
3.5.4
- Eclipse BIRT remains 100% free at no cost. But the Driver has a dual license (free and commercial) until Jira 9 when only the commercial version will be supported. This version of Eclipse BIRT upgrades the Driver to the 8.0.2 version (← COMMERCIAL!. If you want to run the free version of the Driver, please downgrade it to the latest 7.x version). Of course, if your BIRT reports do not use the SQL+JQL Driver as a data source you are not impacted by this.
3.5.3
- SQL+JQL Driver upgraded to 7.17.0 version. Please read more details from here.
3.5.0
- IMPROV: Support for a new WEB location that allows sharing the BIRT report URL and embedding it into an iframe.
- IMPROV: New action to run reports from the administrator's report listing.
...
- Security fix: only Jira administrators and explicitly granted users and groups can upload BIRT reports. This is a critical security threat and you must upgrade to this version ASAP. Please read more about this Security Thread Alert!Bulletin
- Rebranding: after contacting to Eclipse.org, our previous app logo and name was not compliant with the Guidelines for Eclipse Logos and Trademarks. So, we have modified them according their instructions.
...