Posted on 2025-05-22 by Anna Vetcininova
Hello SCM-Manager Community,
In our previous post, we addressed a vulnerability in the CAS plugin. During our follow-up review, we discovered the same issue in the LDAP plugin.
We’ve released an update that not only patches this vulnerability but also enhances overall access…
Posted in scm-manager, security
Posted on 2025-05-21 by Florian Scholdei
Hey SCM-Manager Community,
we have discovered a vulnerability in the CAS plugin that could potentially lead to unauthorized access to user accounts. Under certain conditions, it would have been possible to perform actions on behalf of other users. We immediately reworked the…
Posted in scm-manager, security
Posted on 2025-04-17 by Thomas Zerr
Dear SCM-Manager Community,
today we released version 3.8.0 of the SCM-Manager. In this release cycle, we focused on finishing the implementation for the SQLite support mentioned in our previous blog post here. We also reimplemented parts of the Pushlog Plugin, so it now uses…
Posted in scm-manager, release, plugins
Posted on 2025-03-11 by Florian Scholdei
With the next minor release, we are introducing some exciting changes, particularly regarding JWT (JSON Web Token) configuration and Javadoc. We would also like to give you an outlook on what lies ahead regarding SQLite.
You will be able to…
Posted in scm-manager
Posted on 2025-01-24 by Thomas Zerr
Dear SCM-Manager Community,
today we released the new version of the SCM-Manager 3.7.0. In this release cycle, we focused on improving the handling of git repositories by optimizing the performance of git modifications via UI and enabling the usage of partial clones and fetches…
Posted in scm-manager, release, plugins
Posted on 2025-01-17 by René Pfeuffer
We found a potential risk that could reveal details about user passwords in the trace log. Passwords or parts of them have never been logged in plain text, though.
To fix this issue, we released new versions of SCM-Manager:
Posted in release, security, scm-manager
Posted on 2024-12-06 by Thomas Zerr
Dear SCM-Manager Community,
today we released the new version of the SCM-Manager 3.6.0. In this release cycle, we focused on improving upon already implemented features. For example, we worked on the layout of the changeset and diff view, the editing experience of markdown…
Posted in scm-manager, release, plugins
Posted on 2024-10-10 by Thomas Zerr
Dear SCM-Manager Community,
today we released the new version of the SCM-Manager 3.5.0. In this release cycle, we continued on improving the user experience of working with pull requests and changesets. Furthermore, this release also provides new features and bugfixes in the core…
Posted in scm-manager, release, plugins
Posted on 2024-08-22 by Thomas Zerr
Dear SCM-Manager Community,
today we released the new version of the SCM-Manager 3.4.0. In this release cycle we put a huge emphasis on improving the user experience of working with pull requests and changesets. Additionally this release contains multiple new features and various…
Posted in scm-manager, release, plugins
Posted on 2024-07-08 by Thomas Zerr
Dear SCM-Manager Community,
today we released the new version of the SCM-Manager 3.3.0. This release focuses primarily on an important vulnerability bugfix, that prevents users from escalating their privileges in a namespace of repositories. Additionally, some new features and…
Posted in scm-manager, release, security