Download
Changelog and downloads for version 2.29.1
This page does not refer to the most recent version of SCM-Manager.
Go to the download of the latest VersionYou never want to miss a release again? Subscribe to our release feed
2.29.1 - (2022-01-17)
This version contains several known security vulnerabilities.
Expat vulnerability (core >=2.0.0 <=2.30.1)
Your instance is affected if you have the PlantUML-Plugin installed.Potential leak of password details in trace log (core >=3.0.0 <=3.6.0 || <2.46.5 || >=2.47.0 <2.48.4)
There is a potential leak that can give hints to passwords if the trace log is activated.CAS plugin account hijacking vulnerability (core >=2.5.0 <=3.3.0)
We found a vulnerability that allows hijacking another user account.LDAP plugin account hijacking vulnerability (core <=3.1.0)
We found a vulnerability that allows hijacking another user account.
If you are looking for an other version of SCM-Manager, please have a look at the archive.
Packages
Debian/Ubuntu users:
You can use our apt repository for Debian based distributions.
Kubernetes users:
You can use our Helm repository for Kubernetes installations.
Red Hat/Centos/Fedora users:
You can use our yum repository for Red Hat based distributions.
Generic Linux/Unix users:
Download the package and follow the installation instructions.
Checksum (SHA256):
375685f7e57ead6fb28226f538c098c3c71c6b1985c535b36065aa1b157ef115
Windows users:
Download the package and follow the installation instructions.
Checksum (SHA256):
2dc56773e386fce63983b596d59be646b46fe97c21751ac43b1bfc32a276a3be
Changelog
Fixed
- Path traversal vulnerability