Allegra Release Notes

Release Notes for Allegra Release 8.1.4 and Release 7.5.2.70

by Administrator

Important Security Improvement and Bug Fixes

Allegra version 8.1.4 introduces new features, important improvements, and bug fixes.

Please remember to clear your browser cache after the upgrade to ensure all changes are loaded correctly.

Improvements

  • [27171] Filter by deputy users
  • [27229] Linked Items in context for HLX templates
  • [28088] Documentation implemented for REST endpoint for child items
  • [28097] Migration of system settings to user settings for "Related Items," with the same default values
  • [28361] Project view items can be configured in detail again
  • [28474] Project-specific Item ID for time tracking as in version 7
  • [27732] Reject emails based on keywords in the text
  • [28401] Burn-down chart now supports decimal values

Bug Fixes

  • [28380] Line numbers calculated incorrectly, even with inline filtering
  • [28386] NullPointerException (NPE) during search
  • [28387] Auto-jump/scroll when editing comments
  • [28388] Item Navigator: Null labels in the filter area
  • [28389] Attachments always open in a new tab
  • [28396] NPE in full-text search when hit occurs in a versioned document (not the header)
  • [28397] Velocity chart NPE fixed
  • [28400] Corrected alignment of tooltip series in cockpit charts
  • [28402] Item Navigator: Corrected case sensitivity of releases
  • [28458] Default item type change no longer resets release flag
  • [28460] Incorrect chart for "Status over Time" in Scrum cockpit
  • [28462] Time interval in burn-down chart adjusted
  • [28465] UI bug in the filter editing dialog fixed
  • [28596] Grammar error corrected in "Work in work hours/work days"
  • [28614] Cockpit tile "Time to First Answer" no longer causes high CPU usage

Allegra Versions 8.1.4 and 7.5.2.70 include fixes for the following issues:

ZDI CAN Affected Products CVSS Score + Vector Description
ZDI-CAN-27104 Allegra versions 8 older than 8.1.24

and Allegra versions 7 older than 7.5.2.70

 9.8 – Critical: CVSS:AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H An attacker can exploit a vulnerability in the password recovery function to take over any user account — including administrator accounts. The generated reset token is based on predictable time values, making brute-force authentication bypass possible.

Back to overview

Contact us!