Security Advisory Publishing Policy

Publication of Security Advisories

When a critical severity security vulnerability in a self-managed Atlassian product is discovered and resolved, Atlassian will inform customers through the following mechanisms:

We will post a security advisory on https://www.atlassian.com/trust/security/advisories at the same time as releasing a fix for the vulnerability.
We will send a copy of all critical security advisories to the 'Alerts' mailing list for the product concerned, excluding Sourcetree.
Note: To ensure you are on this list, please update your email preferences at https://my.atlassian.com/email.
If the person who reported the vulnerability wishes to publish an advisory through another agency, such as CERT/CC, we will assist in the production of that advisory and link to it from our Hall of Fame.

If you want to track non-critical severity security vulnerabilities, you need to monitor the issue trackers for the relevant products on https://jira.atlassian.com. For example, https://jira.atlassian.com/browse/JRACLOUD for Jira Cloud and https://jira.atlassian.com/browse/CONFSERVER for Confluence Server and Data Center. Security vulnerabilities in trackers will use the Public Security Vulnerability issue type. All security vulnerabilities will be listed in the release notes of the release where they have been fixed, similar to other bugs.

Funkciók

Jira Software

Confluence

Jira Service Management

Trello

Marketplace

Újdonságok

Iránytű

Jira Product Discovery

Hasznos lehet

Funkciók

A munka irányítása

IT-szolgáltatásmenedzsment

Agile és DevOps

Csapatméret szerint

Csapatfunkció szerint

Iparág szerint

Újdonságok

Atlassian együtt

Hasznos lehet

Tanuld meg használni

Támogatás

Összekapcsolás

Újdonságok

Atlassian Presents: Unleash

Security Advisory Publishing Policy

Publication of Security Advisories