Apache
/
archiva
mirror of https://github.com/apache/archiva.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update release notes 

git-svn-id: https://svn.apache.org/repos/asf/archiva/branches/archiva-1.3.x@1429742 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Brett Porter 2013-01-07 10:40:44 +00:00
parent b614525547
commit 9622db6f40
2 changed files with 21 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
archiva-docs/src/site/apt/release-notes.apt
View File

@ -1,10 +1,10 @@
----- -----
Release Notes for Archiva 1.3.5 Release Notes for Archiva 1.3.6
----- -----
Release Notes for Archiva 1.3.5 Release Notes for Archiva 1.3.6
The Apache Archiva team would like to announce the release of Archiva 1.3.5. Archiva is {{{http://archiva.apache.org/download.html} The Apache Archiva team would like to announce the release of Archiva 1.3.6. Archiva is {{{http://archiva.apache.org/download.html}
available for download from the web site}}. available for download from the web site}}.
Archiva is an application for managing one or more remote repositories, including administration, artifact handling, browsing and searching. Archiva is an application for managing one or more remote repositories, including administration, artifact handling, browsing and searching.
@ -24,12 +24,15 @@ Release Notes for Archiva 1.3.5
* Security Vulnerabilities * Security Vulnerabilities
* A CSRF security vulnerability (CVE-2010-3449) is present in 1.3.2 and earlier. * A remote code execution (CVE-2010-1870) vulnerability has been reported against 1.3.5
and earlier versions.
* CSRF (CVE-2011-1026) and XSS security (CVE-2011-1077) vulnerabilities have been reported against 1.3.4
and earlier versions.
* An XSS security vulnerability (CVE-2011-0533) is present in 1.3.3 and earlier. * An XSS security vulnerability (CVE-2011-0533) is present in 1.3.3 and earlier.
* Additional CSRF (CVE-2011-1026) and XSS security (CVE-2011-1077) vulnerabilities have been reported against 1.3.4 * A CSRF security vulnerability (CVE-2010-3449) is present in 1.3.2 and earlier.
and earlier versions.
It is important that users using lower versions of Archiva upgrade to this version (or higher). It is important that users using lower versions of Archiva upgrade to this version (or higher).
@ -56,7 +59,15 @@ Release Notes for Archiva 1.3.5
* Release Notes * Release Notes
The Archiva 1.3.5 feature set can be seen in the {{{tour/index.html} feature tour}}. The Archiva 1.3.6 feature set can be seen in the {{{tour/index.html} feature tour}}.
* Changes in Archiva 1.3.6
Released: <<7 January 2013>>
** Bug
* [MRM-1738] - defaultStack requires a stronger blacklist of parameter names in the param interceptor
* Changes in Archiva 1.3.5 * Changes in Archiva 1.3.5

2
archiva-docs/src/site/site.xml
View File

@ -26,7 +26,7 @@
</bannerLeft> </bannerLeft>
<body> <body>
<breadcrumbs> <breadcrumbs>
<item name="1.3.5" href="/index.html" /> <item name="1.3.6" href="/index.html" />
</breadcrumbs> </breadcrumbs>
<menu name="Introduction"> <menu name="Introduction">