Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Version 3.5.13

XSS vulnerability resolved 

A cross-site scripting (XSS) vulnerability in the activity stream is identified and resolved. Affected versions are RefinedWiki Original Theme 3.x - 4.0.x. We recommend you to upgrade to this version: 3.5.13. Fixes are also included in version 4.0.12 and version 4.1.

Our thanks to Manuel Hofer (SEC Consult Vulnerability Lab) who reported the XSS vulnerability.

Risk Assessment

The cross-site scripting (XSS) vulnerability affect Confluence instances, including publicly available instances (that is, internet-facing servers), if the attacker is allowed to edit pages. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about XSS attacks at  cgisecurity.com (http://www.cgisecurity.com/articles/xss-faq.shtml )

Version 3.5.12

Introducing a support file exporter

We've included a support file exporter to provide faster and better support. It's located in the right column of the theme configuration page.

Version 3.5.11

Improved caching in RefinedWiki Original Theme 3.5.11

We've improved the caching of resources in RefinedWiki Original Theme 3.5.11. 

Using a custom design?

To activate the improved caching for a custom design you need to:  Go to the design, click edit and save the design directly. This will force the design to recalculate its resource paths. 

Version 3.5.10

  • Compatible with Confluence 5.3

Version 3.5.9

  • Bug fixes

Version 3.5.8

  • Bug fixes

Version 3.5.7

  • Bug fixes

Version 3.5.6

  • Bug fixes

Version 3.5.5

  • Compatible with Confluence 5.2

Version 3.5.4

  • Bug fixes

Version 3.5.3

Twitter shuts down all access to its REST API v1

This affects the RefinedWiki Twitter API which uses the Twitter API v1 to present tweets integrated together with confluence statuses. Thus, for the time being, we have decided to remove the twitter macro from both Original Theme and Mobile Interface, until we have a solution which is convenient and easy to use for both administrators and users.

The Twitter Macro will continue to display status updates from Confluence, but it will not display any tweets.

We are also including a new Status Updates Macro which will replace the twitter macro.

For more information about the shut down of the twitter API please read this blog: Twitter shuts down all access to its REST API version 1

Bug fixes

Version 3.5.2

  • Bug fixes

Version 3.5.1

  • Bug fixes

Version 3.5

Read more.

Version 3.4.5

1. Support for Confluence 5.1

2. Adding Space Shortcuts to the  Page Tree Macro

A new parameter to include space shortcuts is added to the Page Tree Macro. For more information please read the  Page Tree Macro documentation. 

 

3. Global space layout change

Space shortcuts are added to the global space layout (Only for Confluence 5.0 and above). E.g. The  Page Tree Macro is using the new spaceShortcuts parameter.

4. Bug fixes

Version 3.4.4

  • Bug fixes

Version 3.4.3

Resizable left column with a collapsed mode ( Only Confluence 5 )

Change the width of the left column by dragging. When the left column is collapsed,  icons will be visible instead of the fully rendered macros. Macros that can't be viewed in the collapsed mode are not visible.  When the left column is collapsed it's also fixed, it will be in the top left corner even when you have scrolled down on a page. The default confluence 5 sidebar is also compatible with the collapsed mode. 

  •  Bug fixes

Version 3.4.2

  • Bug fixes

Version 3.4.1

  • Bug fixes

Version 3.4

Read more.

Version 3.3.6

  • Bug fixes

Version 3.3.5

  • RefinedWiki Original Theme is now available on the Atlassian Marketplace. 

Version 3.3.4

  • Bug fixes

Version 3.3.3

  • Bug fixes

Version 3.3.2

Minor security fixes

A bug in rw-pagetree macro is resolved. Links to restricted pages was viewable in the child listing when the root parameter was specified. Please note that the page was newer viewable, just the link to it.

Bug fixes

Version 3.3.1

  • Bug fixes

Version 3.3

Read more.

Version 3.2.8

  • Bug fixes

Version 3.2.7

  • Bug fixes

Version 3.2.6

1. Security update

A Cross Site Scripting(XSS) bug is resolved in the popular feed of the Activity stream macro.

This bug affects instances using Confluence 4.2.x and above.

We recommend you to upgrade to version 3.2.6 of the RefinedWiki Original Theme.  

2. Minor UI improvement for the Edge design

The notification button is now using the correct menu style. 

Version 3.2.5

  • Support for Confluence 4.3

Version 3.2.4

  • Bug fixes

Version 3.2.3

  • Bug fixes

Version 3.2.2

  • Improved blog post excerpt. The blog post excerpt in rw-news macro and in blog mode are now rendering links and displaying the first occurred image in the post.

  • Bug fixes

Version 3.2.1

  • Bug fixes

Version 3.2

Read more.

Version 3.1.5

  • Bug fixes

Version 3.1.4

  • Bug fixes

Version 3.1.3

  • Bug fixes

Version 3.1.2

  • Bug fixes

Version 3.1.1

  • Bug fixes

Version 3.1

Read more.

Version 3.0.8

  • Minor bug fixes

Version 3.0.7

Performance improvements for Confluence 3.x users

The Spaces in categories macro is improved. The closed=true parameter now only loads categories. This improves the performance of the dashboard a lot if you have a big instance with many spaces, users and groups.

Minor bug fixes

Version 3.0.6

1 Support for Confluence 4.2

RefinedWiki Original Theme 3.0.6 for Confluence 4.x is compatible with Confluence 4.2

2 Performance improvement

Performance improvements for large instances. Improved caching of viewable categories for logged in users. Viewable categories are now only calculated when something in the category hierarchy has been changed.

3. Minor bugfixes

Version 3.0.5

Minor security fixes

A bug in our category / space cache is resolved. On large wiki instances with high load, space links belonging to an other user could appear in the spaces-in-category macro. Note: This situation occurred very rarely. An actual space was never viewable for an unauthorized user, only the link to it.

Minor bug fixes

Version 3.0.4

  • 1. Support for Confluence 4.1

  • 2. Minor bug fixes

Version 3.0.3

  • Minor bug fixes

Version 3.0.2

  • Bug fixes

Version 3.0.1

Introducing dutch language support

Big thanks to The Courseware Company for helping us with the dutch translation.

Resolved Bugs:

  • rw-news macro label bug

  • Design editor: $imagePath/ is now working in top and bottom section

  • Improved support for Ad Hoc Workflows 3.2

  • Minor bug fixes

Version 3.0

Read more.

  • No labels