Release Notes for Allegra Release 8.1.7
by Administrator
Small Improvements and Bug Fixes
The Allegra Development Sprint 8.1.7 includes improvements, bug fixes, and security corrections completed during this sprint.
Important: After the update, please clear your browser cache to ensure that all changes are loaded correctly.
Improvements
- [29445] Sprint-specific creation of recurring tasks
- [29338] Links to wiki documents now open directly in the wiki, where possible
- [29351] Script management: administrators can now see which scripts are being used
- [29424] GitLab integration: improved handling of deleted repositories
- [29435] Adjustment of label text for observer message selection
- [29439] [Webhook] Support exclusively for POST requests
- [29441] Improved download speed for Allegra WAR from allegra.com
- [29568] Revision and optimization of GitLab synchronization
- [29584] Added comment parameter for the REST endpoint
/executeQueryByID/{queryID}
- [29620] Global search added to the Scrum application
- [29681] Inline links to attachments are now always saved in documents
- [29339] Selection of organizational units in LDAP connections (a user can belong to only one unit)
Bug Fixes
- [29178] Issue browser occasionally lost column styling for status
- [29337] Missing German translation for “Request raised on behalf of”
- [29416] Corrected default avatar for client users in dark mode
- [29582] Prevented multiple simultaneous auto-scrolls in the card view
- [29595] Fixed error when importing custom lists
- [29604] Privacy policy and imprint URL on the login page can now be hidden
- [29628] Fixed lost attachment references after changes to the document structure
- [29639] Updating dependencies for the rich text editor in the issue form now works correctly
- [29675] Fixed crash when exporting from the issue navigator
- [29432] Restored automatic vertical scrolling in the issue navigator’s filter view
- [29691] User creation no longer fails due to a JavaScript error
Security Fixes
CVE/ZDI CAN | Affected Products | CVSS Score + Vector | Description |
---|---|---|---|
[29621], No CVE assigned | Allegra versions 8: less than 8.1.7 Allegra versions 7: less than 7.5.2.84 |
7.2 – High: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
An authenticated administrator is able to upload specially crafted ZIP files that include path-traversal entries. This way an attacker can execute arbitrary code remotely and gain access to sensitive information. Credits: Swagat Kumar Mishra (ZDayLabs) |