Blog

Blog

  • 2024
  • 2023
  • 2022
  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013
  • 2012

New Year, new Plans - projectdoc Toolbox 5
Robert Reiner posted on Dec 29, 2021

We continue with the migration of the projectdoc Toolbox for Confluence Server to Confluence Data Center.

Our plan has been to provide a data center approved version of the projectdoc Toolbox in 2021. We decided to change the representation of projectdoc documents in the backend to cope with expected larger user bases. This implied that we need to migrate the data in a reasonable time and provide some tooling in case a migration fails. Besides other items on our todo list this has required more time than we originally expected. So we can say that we have released an alpha version of the projectdoc Toolbox and are about to release its beta version with all the features required for data center. After this beta release we will continue with the Atlassian Approval Process.

We are planning to provide a Data Center version of the projectdoc Toolbox in the second half of 2022.

If you would like to take part in the beta test of the projectdoc Toolbox 5, please get in touch!

If you want to learn more about the projectdoc Toolbox and how it helps to create good project documentation, please refer to the introduction video!

The following image is a link to a video on YouTube. When you click the link your browser will serve a page from youtube.com.

This image is a link to a video on YouTube. When you click the link your browser will serve a page from youtube.com.Very interesting, but way too fast?
Step through at your own pace with with our Prezi Presentation (external link to prezi.com)!

In the Online Manual you’ll find additional video material that introduces you in the concepts of the projectdoc Toolbox.

Refer to use cases and show cases for information on how to use the projectdoc Toolbox.

Not Subject to the Log4J Vulnerability
Robert Reiner posted on Dec 22, 2021

Vulnerabilities to the Log4J library have been reported recently that may be exploited by attackers to get full control over the affected system.

The projectdoc Toolbox has no direct dependency to Log4J and does not add any configuration that would make the Confluence system vulnerable. It uses the logging service provided by Confluence through the SLF4J interface.

Summary

 

The projectdoc Toolbox is not vulnerable to the following CVEs:

In more Detail

Based on the information provides by Atlassian, the projectdoc Toolbox is not affected by the reported CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105:

The projectdoc Toolbox does not configure or add Log4J libraries.

CVE-2021-4104 - “Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default.“.

The projectdoc Toolbox does not configure the logging system and therefore is not affected.

References

Detailed information related to security issues with Log4j are available at Apache Log4j Security Vulnerabilities.

Information provided by SLF4J regarding the CVEs on Log4J are available at Comments on the log4shell (CVE-2021-44228) vulnerability.

About

This site is maintained by smartics.

Imprint / Impressum

Data Privacy / Datenschutz 

End User License Agreement (EULA)


To get in touch please send us an e-mail!

smartics email

Keep up-to-date!

Read our

smartics Blog

Follow us on

Twitter YouTube Prezi

Find us on

Bitbucket GitHub Atlassian Marketplace

Powered by




© 2001-2023 smartics - Kronseder & Reiner GmbH