You are viewing a plain text version of this content. The canonical link for it is here.

Posted to announce@apache.org by Leonardo Uribe <lu...@apache.org> on 2010/06/11 18:41:11 UTC

[ANNOUNCE] MyFaces Core v1.1.8 Release

The Apache MyFaces team is pleased to announce the release of MyFaces 
Core 1.1.8.

MyFaces Core is a JavaServer(tm) Faces 1.1 implementation as specified 
by JSR-127.  MyFaces Core has passed Sun's JSR-127 TCK and is 100% 
compliant with the JSR-127 specification.

Please note this release also contains a fix for:

MYFACES-2749 Encrypted View State does not include Message 
Authentication Code (MAC)

This fix prevents padding oracle attack on view state when client side 
state saving is used.

MyFaces Core 1.1.8 is available in both binary and source distributions.

    * http://myfaces.apache.org/download.html

MyFaces Core is also available in the central Maven repository under 
Group ID "org.apache.myfaces.core".

Release Notes - MyFaces Core - Version 1.1.8

Bug

    * [MYFACES-2006] - getTableIndex: Integer to String (ClassCastException)
    * [MYFACES-2382] - Duplicate id exception when weblogic portal and 
jsf native portlet (faces-adapter.jar) is used
    * [MYFACES-2525] - Split javax.faces package in OSGi
    * [MYFACES-2566] - HTMLEncoder requiring StringBuilder class from JDK 5
    * [MYFACES-2684] - UIComponentBase.saveAttachedState save transient 
elements as null values on List case
    * [MYFACES-2726] - CommandLink renderer do not escape \ characters 
in generated javascript
    * [MYFACES-2749] - Encrypted View State does not include Message 
Authentication Code (MAC)

Improvement

    * [MYFACES-2680] - Cache renderKit used
    * [MYFACES-2691] - Enhance MessageUtils adding methods when custom 
library bundle should be scanned
    * [MYFACES-2737] - Cache FacesContext on UIComponentBase instances

Enjoy!

regards

Leonardo Uribe