bitvoodoo Advisories BVADVIS

Communcation by Vendor

On Smartbear released a new version of Zephyr Squad to fix security vulnerabilities in their app related to Log4Shell (CVE-2021-44228). We urge our customers to update to the latest available version of Zephyr Squad.

Version 6.2.6.62609511  Released 2021-12-17  Supported By SmartBear  Paid via Atlassian  Commercial

This release addresses the security vulnerability reported against log4j2 library. In order to fully mitigate the vulnerability exposed by log4j2 please also update to the latest version of ZBOT in case you are using Test Automation and have ZBOT configured.

Bug Fixes

  • Fixed an issue with Zephyr Squad Expired app was breaking Advanced Road Maps feature.
  • Updated the cycle API to provide the Display name details along with ModifiedBy and CreatedBy fields.
  • Fixed the issue with Export to Excel where the column data was merged with large data sets.

For a complete list of bug fixes please refer to our release notes.

Date

 

Product

Zephyr Squad

VulnerabilityCritical
CVECVE-2021-44228
Marketplace link

https://marketplace.atlassian.com/apps/1014681/

Base productJira
VendorSmartbear

Recommendation by bitvoodoo

  • If you use Jira 8.x.x update Zephyr Squad to version 6.2.6
  • If you use Jira 7.x.x update Zephyr Squad to version 4.8.5


Support

If you need any assistance please contact the bitvoodoo support via support.bitvoodoo.ch.


bitvoodoo Advisories BVADVIS