Skip to main content
Version: TeamForge 24.1

TeamForge 24.1 Update 2 Release Notes

Release Information

VersionReleased On
GA Version: 24.1.0.146Jan 31, 2025
Update 2: 24.1.0.157Jul 25, 2025
Update 2: 24.1.0.166Nov 13, 2025

Issues Fixed in Teamforge 24.1 Update 2 Release

  • Fixed an issue where the top navigation showed the Menu label instead of the project name on document edit and view pages. The correct project name now displays as expected throughout document workflows.
  • Fixed an issue that allowed the Document Review Initiator to be assigned as a Required or Optional Reviewer, which violates maker-checker principles. Validation now prevents initiators from reviewing their own document reviews, including cases set via default reviewers or REST API submissions.
  • Fixed an issue where users with Document Admin permissions were unable to close document reviews unless they were also granted Project Admin access. Document Admins can now close reviews as expected.
  • Resolved an issue in the Close Document Review REST API where any user with Document Edit permissions was able to close a document review. Proper permission validation now ensures only authorized users can close reviews, and unauthorized attempts return a 403 Forbidden response.
  • Fixed an issue where users with SCM permissions granted via a global role were unable to view the Association tab in artifacts when Gerrit reviews were associated. Users with global roles that include SCM permissions can now properly access artifact associations containing Gerrit review links.

TeamForge now implements industry-standard security attributes for all application cookies to strengthen session management and mitigate common web vulnerabilities.

Implemented Security Attributes:

  • Secure — Restricts cookie transmission to HTTPS connections only, preventing interception over unsecured channels
  • HTTPOnly — Blocks client-side script access to cookies, mitigating cross-site scripting (XSS) attacks
  • SameSite — Prevents cross-site request forgery (CSRF) by controlling cookie transmission in cross-origin requests

These enhancements align with OWASP security best practices and strengthen protection against session hijacking, XSS, and CSRF attack vectors.

Apply Teamforge 24.1 Update 2

Teamforge 24.1 Update 2 is now available. Apply Teamforge 24.1 Update 2 on your site if you are on Teamforge 24.1.

TeamForge add-on packages can remain installed when you apply Teamforge 24.1 Update 2. No updates are required. However, you should verify the compatibility of Add-ons applied to your site as some may be more specific to your site.
If you have any questions regarding compatibility or updating a specific add-on, contact Digital.ai Support.

important

You must log in as a root user to apply Teamforge 24.1 Update 2.

  1. Stop TeamForge.

    note

    Stop TeamForge on all the servers in a distributed setup.

    teamforge stop

  2. Skip this step if your site has internet access. This step is to configure Teamforge 24.1 Update 2 installation repository on sites without Internet access.

    a. Contact the Digital.ai Support to get the auxiliary installer package for Teamforge 24.1 Update 2 disconnected installation and save it in /tmp.

    • Red Hat Enterprise Linux 8.10 64 bit RPM package: CTF-Disconnected-media-24.1.0.157-206.rhel8.x86_64.rpm

    b. Back up the old repo file.

    For example:

    mv /etc/yum.repos.d/CTF-Disconnected-media-24.1.0.157.repo /etc/yum.repos.d/CTF-Disconnected-media-24.1.0.157.repo.cn_backup

    c. Unpack the 24.1 Update 2 disconnected installation package.

    rpm -Uvh <package-name>

    d. Verify your yum configuration files.

    yum list httpd
    yum list apr

  3. Configure your TeamForge installation repository. This step is to configure Teamforge 24.1 Update 2 installation repository on sites with Internet access.

    a. Remove the existing TeamForge repository package.

    yum erase collabnet-teamforge-repo-24.1-0.noarch

    b. Contact the Digital.ai Support and download the Teamforge 24.1 Update 2 installation repository package to /tmp.

    c. Install the Teamforge 24.1 Update 2 installation repository package.

    yum install -y /tmp/collabnet-teamforge-repo-24.1-0.noarch.rpm

    d. Refresh your repository cache.

    yum clean all

  4. Install the Teamforge 24.1 Update 2.

    yum install teamforge

    The above command installs all the TeamForge updates available in the CollabNet yum repository for Teamforge 24.1.

  5. Check the /opt/collabnet/teamforge/var/scm/gerrit/gitroot directory. If it is empty, remove it manually.

    rm -rf gitroot

  6. Deploy services.

    teamforge provision

  7. Update file permissions on your site's data.

    important

    Do this if and only if you are upgrading from TeamForge 17.1 (or earlier) to 24.1 on a new hardware.

    teamforge apply-permissions
    note

    This process can take a long time on sites with a lot of data.

  8. Restart TeamForge.

    teamforge restart