You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Felix Meschberger (JIRA)" <ji...@apache.org> on 2013/12/16 11:27:07 UTC

[jira] [Reopened] (SLING-3262) Upgrade embedded jackrabbit-jcr-server version in o.a.s.jcr.webdav

     [ https://issues.apache.org/jira/browse/SLING-3262?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Felix Meschberger reopened SLING-3262:
--------------------------------------


JCR-3209 added a LockTokenMapper class which is required to be embeded WebDAV bundle (the DavEx bundle already has it by embedding all of the webdav.jcr.* packages).

Need to update the WebDAV bundle to include all of the webdav.jcr.lock package.

> Upgrade embedded jackrabbit-jcr-server version in o.a.s.jcr.webdav
> ------------------------------------------------------------------
>
>                 Key: SLING-3262
>                 URL: https://issues.apache.org/jira/browse/SLING-3262
>             Project: Sling
>          Issue Type: Improvement
>          Components: JCR
>    Affects Versions: JCR Webdav 2.2.0, JCR DavEx 1.2.0
>            Reporter: Jukka Zitting
>            Assignee: Felix Meschberger
>             Fix For: Launchpad Builder 7, JCR Webdav 2.2.2, JCR DavEx 1.2.2
>
>
> The WebDAV functionality in Jackrabbit has improved since the 2.4.4 version currently included in the o.a.s.jcr.webdav bundle. Most notably JCR-3630 fixes an XSS issue that is still present in 2.4.4.
> It would thus be a good idea to upgrade the jackrabbit-jcr-server dependency to 2.4.5 (to get the JCR-3630 fix) or to 2.6.4 (for JCR-3630 and other fixes/improvements).



--
This message was sent by Atlassian JIRA
(v6.1.4#6159)