Git Integration for JIRA Server/Cloud
Security

Communication of Security Advisories

When a critical severity security vulnerability in a BigBrassBand product is discovered and resolved, BigBrassBand will inform customers through the following mechanisms:

  • We will post a security advisory on https://bigbrassband.com/security at the same time as releasing a fix for the vulnerability on the Atlassian Marketplace.
  • When a fix for the vulnerability is available on the Atlassian Marketplace – an email will be sent to all add-on watchers with "Security Update" in the email subject line.  To receive this email and new version announcements, you must "Watch" the Git Integration for JIRA" add-on via JIRA Administration > Manage add-ons > scroll to Git Integration for JIRA.  Customers can also "Watch" from the Marketplace listing: https://marketplace.atlassian.com/plugins/com.xiplink.jira.git.jira_git_plugin/cloud/overview.
  •  

     

Reporting Vulnerabilities

To report a security vulnerability in our products, email us at security@bigbrassband.com. Thank you in advance!

When a critical security issue is discovered or reported, BigBrassBand will include the fix in the next scheduled maintenance release.

Customers should upgrade to a newer version in order to fix the vulnerability.