IMPORTANT: To fully logout a user should quit their browser session fully.
We are aware of a known issue regarding the Shibboleth extentions in use with Confluence. We apologize for this inconvinence and wil continue to track the issue with the developers involved.
"Logout may not work properly. A workaround is to alter the logout page to indicate that the user must completely close the browser application to logout." - source
Heartbleed / Open SSL
Information has been released about a new OpenSSL vulnerability (CVE-2014-0160) and we were using an affected version of OpenSSL until April 10, 2014, 10 AM PT. We have updated our servers now to the latest version of OpenSSL that includes a patch for the vulnerability, revoked the old SSL keys/certificates, and reissued new SSL certificates.