New features and improvements

New features

• Prepare for Jira 10
• Support of Dark Theme setting in Jira 10
• Allow to perform server key verification against arbitrary email address
• S/MIME: CRL revocation checks configurable

Improvements

• Stricter password reset email recognition to prevent false exemption
• Include sender address check when validating email signatures
• S/MIME: check if user uploaded certificate was issued for encryption purposes
• S/MIME: include all leaf and intermediate certificates in the signature
• S/MIME: display certificate serial number in both decimal and hex for easier comparison
• PGP: remove PGP version tag as recommended in OpenPGP crypto refresh documentation
• Allow to configure external LDAP referral behavior independent from LDAP user directory
• Updated crypto library to BouncyCastle 1.78.1 with several fixes and improvements
• Add more info to test email to avoid confusion

Fixes

• S/MIME: signature validation incorrectly failed when separate certificates are used for signing and encrypting
• S/MIME: signature validation incorrectly failed due to missing AKI (Authority Key Identifier) in certificate
• PGP: signature validation with unknown key used wrong indicator image
• Fix some accessibility issues