merge back release notes from branch

Signed-off-by: Olivier Lamy <olamy@apache.org>
This commit is contained in:
Olivier Lamy 2022-10-10 08:16:50 +10:00
parent 9cc969ac9a
commit 115383d41e
No known key found for this signature in database
GPG Key ID: 873A8E86B4372146
1 changed files with 15 additions and 1 deletions

View File

@ -52,11 +52,25 @@ Release Notes for Archiva ${project.version}
** Bug/Security Fix ** Bug/Security Fix
* CVE-2022-29405 Apache Archiva Arbitrary user password reset vulnerability * [MRM-2051}: upgrade dom4j (v2 branch)
* upgrade spring 4.2.9
* [MRM-2050]: upgrade commons-fileupload and commons-io due to cves
* [MRM-2049]: upgrade httpclient due to cves
* [MRM-2048]- upgrade xerces due to CVE
Previous Release Notes Previous Release Notes
* Release Notes for Archiva 2.2.8
Apache Archiva 2.2.8 is a security fix release:
Released: 2022-05-25
88 Bug/Security Fix
* CVE-2022-29405 Apache Archiva Arbitrary user password reset vulnerability
* Release Notes for Archiva 2.2.7 * Release Notes for Archiva 2.2.7
Apache Archiva 2.2.7 is a security fix release: Apache Archiva 2.2.7 is a security fix release: