You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@continuum.apache.org by br...@apache.org on 2014/06/18 03:14:21 UTC
svn commit: r1603345 - in /continuum/site-publish: ./ development/
Author: brett
Date: Wed Jun 18 01:14:20 2014
New Revision: 1603345
URL: http://svn.apache.org/r1603345
Log:
Site checkin for project Continuum
Modified:
continuum/site-publish/articles.html
continuum/site-publish/community.html
continuum/site-publish/development/building.html
continuum/site-publish/development/debugging.html
continuum/site-publish/development/guide-continuum-development.html
continuum/site-publish/development/publishing-site.html
continuum/site-publish/development/release.html
continuum/site-publish/download.html
continuum/site-publish/error-states.html
continuum/site-publish/events.html
continuum/site-publish/faqs.html
continuum/site-publish/features.html
continuum/site-publish/getting-help.html
continuum/site-publish/guide-helping.html
continuum/site-publish/index.html
continuum/site-publish/issue-tracking.html
continuum/site-publish/license.html
continuum/site-publish/mail-lists.html
continuum/site-publish/privacy-policy.html
continuum/site-publish/project-info.html
continuum/site-publish/security.html
continuum/site-publish/source-repository.html
continuum/site-publish/team-list.html
Modified: continuum/site-publish/articles.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/articles.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/articles.html (original)
+++ continuum/site-publish/articles.html Wed Jun 18 01:14:20 2014
@@ -69,7 +69,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/community.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/community.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/community.html (original)
+++ continuum/site-publish/community.html Wed Jun 18 01:14:20 2014
@@ -70,7 +70,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/development/building.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/development/building.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/development/building.html (original)
+++ continuum/site-publish/development/building.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/development/debugging.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/development/debugging.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/development/debugging.html (original)
+++ continuum/site-publish/development/debugging.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/development/guide-continuum-development.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/development/guide-continuum-development.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/development/guide-continuum-development.html (original)
+++ continuum/site-publish/development/guide-continuum-development.html Wed Jun 18 01:14:20 2014
@@ -69,7 +69,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/development/publishing-site.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/development/publishing-site.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/development/publishing-site.html (original)
+++ continuum/site-publish/development/publishing-site.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/development/release.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/development/release.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/development/release.html (original)
+++ continuum/site-publish/development/release.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/download.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/download.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/download.html (original)
+++ continuum/site-publish/download.html Wed Jun 18 01:14:20 2014
@@ -69,7 +69,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/error-states.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/error-states.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/error-states.html (original)
+++ continuum/site-publish/error-states.html Wed Jun 18 01:14:20 2014
@@ -69,7 +69,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/events.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/events.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/events.html (original)
+++ continuum/site-publish/events.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/faqs.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/faqs.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/faqs.html (original)
+++ continuum/site-publish/faqs.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/features.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/features.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/features.html (original)
+++ continuum/site-publish/features.html Wed Jun 18 01:14:20 2014
@@ -69,7 +69,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/getting-help.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/getting-help.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/getting-help.html (original)
+++ continuum/site-publish/getting-help.html Wed Jun 18 01:14:20 2014
@@ -70,7 +70,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/guide-helping.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/guide-helping.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/guide-helping.html (original)
+++ continuum/site-publish/guide-helping.html Wed Jun 18 01:14:20 2014
@@ -71,7 +71,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/index.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/index.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/index.html (original)
+++ continuum/site-publish/index.html Wed Jun 18 01:14:20 2014
@@ -70,7 +70,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/issue-tracking.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/issue-tracking.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/issue-tracking.html (original)
+++ continuum/site-publish/issue-tracking.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
@@ -205,7 +205,7 @@ pageTracker._trackPageview();</script>
<ul>
<li class="none">
- <a href="team-list.html">Project Team</a>
+ <a href="license.html">Project License</a>
</li>
<li class="none">
@@ -213,15 +213,15 @@ pageTracker._trackPageview();</script>
</li>
<li class="none">
- <a href="source-repository.html">Source Repository</a>
+ <a href="mail-lists.html">Mailing Lists</a>
</li>
<li class="none">
- <a href="license.html">Project License</a>
+ <a href="team-list.html">Project Team</a>
</li>
<li class="none">
- <a href="mail-lists.html">Mailing Lists</a>
+ <a href="source-repository.html">Source Repository</a>
</li>
</ul>
</li>
Modified: continuum/site-publish/license.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/license.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/license.html (original)
+++ continuum/site-publish/license.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
@@ -190,13 +190,13 @@ pageTracker._trackPageview();</script>
-
-
+
+
@@ -205,23 +205,23 @@ pageTracker._trackPageview();</script>
<ul>
<li class="none">
- <a href="team-list.html">Project Team</a>
- </li>
+ <strong>Project License</strong>
+ </li>
<li class="none">
<a href="issue-tracking.html">Issue Tracking</a>
</li>
<li class="none">
- <a href="source-repository.html">Source Repository</a>
+ <a href="mail-lists.html">Mailing Lists</a>
</li>
<li class="none">
- <strong>Project License</strong>
- </li>
+ <a href="team-list.html">Project Team</a>
+ </li>
<li class="none">
- <a href="mail-lists.html">Mailing Lists</a>
+ <a href="source-repository.html">Source Repository</a>
</li>
</ul>
</li>
Modified: continuum/site-publish/mail-lists.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/mail-lists.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/mail-lists.html (original)
+++ continuum/site-publish/mail-lists.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
@@ -194,18 +194,18 @@ pageTracker._trackPageview();</script>
-
-
+
+
<li class="expanded">
<a href="project-info.html">Project Information</a>
<ul>
<li class="none">
- <a href="team-list.html">Project Team</a>
+ <a href="license.html">Project License</a>
</li>
<li class="none">
@@ -213,16 +213,16 @@ pageTracker._trackPageview();</script>
</li>
<li class="none">
- <a href="source-repository.html">Source Repository</a>
- </li>
+ <strong>Mailing Lists</strong>
+ </li>
<li class="none">
- <a href="license.html">Project License</a>
+ <a href="team-list.html">Project Team</a>
</li>
<li class="none">
- <strong>Mailing Lists</strong>
- </li>
+ <a href="source-repository.html">Source Repository</a>
+ </li>
</ul>
</li>
</ul>
Modified: continuum/site-publish/privacy-policy.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/privacy-policy.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/privacy-policy.html (original)
+++ continuum/site-publish/privacy-policy.html Wed Jun 18 01:14:20 2014
@@ -69,7 +69,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
Modified: continuum/site-publish/project-info.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/project-info.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/project-info.html (original)
+++ continuum/site-publish/project-info.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
@@ -205,7 +205,7 @@ pageTracker._trackPageview();</script>
<ul>
<li class="none">
- <a href="team-list.html">Project Team</a>
+ <a href="license.html">Project License</a>
</li>
<li class="none">
@@ -213,15 +213,15 @@ pageTracker._trackPageview();</script>
</li>
<li class="none">
- <a href="source-repository.html">Source Repository</a>
+ <a href="mail-lists.html">Mailing Lists</a>
</li>
<li class="none">
- <a href="license.html">Project License</a>
+ <a href="team-list.html">Project Team</a>
</li>
<li class="none">
- <a href="mail-lists.html">Mailing Lists</a>
+ <a href="source-repository.html">Source Repository</a>
</li>
</ul>
</li>
@@ -241,7 +241,7 @@ pageTracker._trackPageview();</script>
</div>
<div id="bodyColumn">
<div id="contentBox">
- <div class="section"><h2>Project Information<a name="Project_Information"></a></h2><p>This document provides an overview of the various documents and links that are part of this project's general information. All of this content is automatically generated by <a class="externalLink" href="http://maven.apache.org">Maven</a> on behalf of the project.</p><div class="section"><h3>Overview<a name="Overview"></a></h3><table border="0" class="bodyTable"><tr class="a"><th>Document</th><th>Description</th></tr><tr class="b"><td><a href="team-list.html">Project Team</a></td><td>This document provides information on the members of this project. These are the individuals who have contributed to the project in one form or another.</td></tr><tr class="a"><td><a href="issue-tracking.html">Issue Tracking</a></td><td>This is a link to the issue management system for this project. Issues (bugs, features, change requests) can be created and queried using this link.</td></tr><tr class="b"><td><a
href="source-repository.html">Source Repository</a></td><td>This is a link to the online source repository that can be viewed via a web browser.</td></tr><tr class="a"><td><a href="license.html">Project License</a></td><td>This is a link to the definitions of project licenses.</td></tr><tr class="b"><td><a href="mail-lists.html">Mailing Lists</a></td><td>This document provides subscription and archive information for this project's mailing lists.</td></tr></table></div></div>
+ <div class="section"><h2>Project Information<a name="Project_Information"></a></h2><p>This document provides an overview of the various documents and links that are part of this project's general information. All of this content is automatically generated by <a class="externalLink" href="http://maven.apache.org">Maven</a> on behalf of the project.</p><div class="section"><h3>Overview<a name="Overview"></a></h3><table border="0" class="bodyTable"><tr class="a"><th>Document</th><th>Description</th></tr><tr class="b"><td><a href="license.html">Project License</a></td><td>This is a link to the definitions of project licenses.</td></tr><tr class="a"><td><a href="issue-tracking.html">Issue Tracking</a></td><td>This is a link to the issue management system for this project. Issues (bugs, features, change requests) can be created and queried using this link.</td></tr><tr class="b"><td><a href="mail-lists.html">Mailing Lists</a></td><td>This document provides subscription and archive
information for this project's mailing lists.</td></tr><tr class="a"><td><a href="team-list.html">Project Team</a></td><td>This document provides information on the members of this project. These are the individuals who have contributed to the project in one form or another.</td></tr><tr class="b"><td><a href="source-repository.html">Source Repository</a></td><td>This is a link to the online source repository that can be viewed via a web browser.</td></tr></table></div></div>
</div>
</div>
<div class="clear">
Modified: continuum/site-publish/security.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/security.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/security.html (original)
+++ continuum/site-publish/security.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
@@ -219,7 +219,7 @@ pageTracker._trackPageview();</script>
</div>
<div id="bodyColumn">
<div id="contentBox">
- <!-- Licensed to the Apache Software Foundation (ASF) under one --><!-- or more contributor license agreements. See the NOTICE file --><!-- distributed with this work for additional information --><!-- regarding copyright ownership. The ASF licenses this file --><!-- to you under the Apache License, Version 2.0 (the --><!-- "License"); you may not use this file except in compliance --><!-- with the License. You may obtain a copy of the License at --><!-- --><!-- http://www.apache.org/licenses/LICENSE-2.0 --><!-- --><!-- Unless required by applicable law or agreed to in writing, --><!-- software distributed under the License is distributed on an --><!-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY --><!-- KIND, either express or implied. See the License for the --><!-- specific language governing permissions and limitations --><!-- under the License. --><!-- NOTE: For help with the syntax of this file, see: --><!-- http://maven.apache.org/guides/mini/guide-apt
-format.html --><div class="section"><h2>Security Vulnerabilities<a name="Security_Vulnerabilities"></a></h2><p>Please note that binary patches are not produced for individual vulnerabilities. To obtain the binary fix for a particular vulnerability you should upgrade to an Apache Continuum version where that vulnerability has been fixed.</p><p>For more information about reporting vulnerabilities, see the <a class="externalLink" href="http://www.apache.org/security/"> Apache Security Team</a> page.</p><div class="section"><h3>CVE-2013-2251: Apache Struts Remote Command Execution<a name="CVE-2013-2251:_Apache_Struts_Remote_Command_Execution"></a></h3><p>Apache Continuum is affected by a vulnerability in the version of the Struts library being used, which allows a malicious user to run code on the server remotely. More details about the vulnerability can be found at <a class="externalLink" href="http://struts.apache.org/2.3.x/docs/s2-016.html">http://struts.apache.org/2.3.x/docs/s2-016
.html</a>.</p><p>Versions Affected:</p><ul><li>Continuum 1.3.1 to Continuum 1.4.1</li></ul><p>All users are recommended to upgrade to <a href="./download.cgi"> Continuum 1.4.2</a>, which are not affected by this issue. </p></div><div class="section"><h3>CVE-2010-1870: Struts2 remote commands execution<a name="CVE-2010-1870:_Struts2_remote_commands_execution"></a></h3><p>Apache Continuum is affected by a vulnerability in the version of the Struts library being used, which allows a malicious user to run code on the server remotely. More details about the vulnerability can be found at <a class="externalLink" href="http://struts.apache.org/2.2.1/docs/s2-005.html">http://struts.apache.org/2.2.1/docs/s2-005.html</a>.</p><p>Versions Affected:</p><ul><li>Continuum 1.3.1 to Continuum 1.3.8</li><li>Continuum 1.4.0 (Beta)</li></ul><p>All users are recommended to upgrade to <a href="./download.cgi"> Continuum 1.4.1</a>, which configures Struts in such a way that it is not affected by this issue
.</p></div><div class="section"><h3>CVE-2011-0533: Apache Continuum cross-site scripting vulnerability<a name="CVE-2011-0533:_Apache_Continuum_cross-site_scripting_vulnerability"></a></h3><p>A request that included a specially crafted request parameter could be used to inject arbitrary HTML or Javascript into the Continuum user management page and project details pages. This fix is available in version <a href="./download.cgi"> 1.3.7</a> of Apache Continuum. All users must upgrade to this version (or higher).</p><p>Versions Affected:</p><ul><li>Continuum 1.3.6</li><li>Continuum 1.4.0 (Beta)</li><li>The unsupported versions Continuum 1.1 - 1.2.3.1 are also affected.</li></ul></div><div class="section"><h3>CVE-2010-3449: Apache Continuum CSRF vulnerability<a name="CVE-2010-3449:_Apache_Continuum_CSRF_vulnerability"></a></h3><p>Apache Continuum doesn't check which form sends credentials. An attacker can create a specially crafted page and force Continuum administrators to view it and c
hange their credentials. To fix this, a referrer check was added to the security interceptor for all secured actions. A prompt for the administrator's password when changing a user account was also set in place. This fix is available in version <a href="./download.cgi"> 1.3.7</a> of Apache Continuum. All users must upgrade to this version (or higher).</p><p>Versions Affected:</p><ul><li>Continuum 1.3.6</li><li>Continuum 1.4.0 (Beta)</li><li>The unsupported versions Continuum 1.1 - 1.2.3.1 are also affected.</li></ul></div></div>
+ <!-- Licensed to the Apache Software Foundation (ASF) under one --><!-- or more contributor license agreements. See the NOTICE file --><!-- distributed with this work for additional information --><!-- regarding copyright ownership. The ASF licenses this file --><!-- to you under the Apache License, Version 2.0 (the --><!-- "License"); you may not use this file except in compliance --><!-- with the License. You may obtain a copy of the License at --><!-- --><!-- http://www.apache.org/licenses/LICENSE-2.0 --><!-- --><!-- Unless required by applicable law or agreed to in writing, --><!-- software distributed under the License is distributed on an --><!-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY --><!-- KIND, either express or implied. See the License for the --><!-- specific language governing permissions and limitations --><!-- under the License. --><!-- NOTE: For help with the syntax of this file, see: --><!-- http://maven.apache.org/guides/mini/guide-apt
-format.html --><div class="section"><h2>Security Vulnerabilities<a name="Security_Vulnerabilities"></a></h2><p>Please note that binary patches are not produced for individual vulnerabilities. To obtain the binary fix for a particular vulnerability you should upgrade to an Apache Continuum version where that vulnerability has been fixed.</p><p>For more information about reporting vulnerabilities, see the <a class="externalLink" href="http://www.apache.org/security/"> Apache Security Team</a> page.</p><div class="section"><h3>CVE-2013-2251: Apache Struts Remote Command Execution<a name="CVE-2013-2251:_Apache_Struts_Remote_Command_Execution"></a></h3><p>Apache Continuum is affected by a vulnerability in the version of the Struts library being used, which allows a malicious user to run code on the server remotely. More details about the vulnerability can be found at <a class="externalLink" href="http://struts.apache.org/release/2.3.x/docs/s2-016.html">http://struts.apache.org/release/2
.3.x/docs/s2-016.html</a>.</p><p>Versions Affected:</p><ul><li>Continuum 1.3.1 to Continuum 1.4.1</li></ul><p>All users are recommended to upgrade to <a href="./download.cgi"> Continuum 1.4.2</a>, which are not affected by this issue. </p></div><div class="section"><h3>CVE-2010-1870: Struts2 remote commands execution<a name="CVE-2010-1870:_Struts2_remote_commands_execution"></a></h3><p>Apache Continuum is affected by a vulnerability in the version of the Struts library being used, which allows a malicious user to run code on the server remotely. More details about the vulnerability can be found at <a class="externalLink" href="http://struts.apache.org/2.2.1/docs/s2-005.html">http://struts.apache.org/2.2.1/docs/s2-005.html</a>.</p><p>Versions Affected:</p><ul><li>Continuum 1.3.1 to Continuum 1.3.8</li><li>Continuum 1.4.0 (Beta)</li></ul><p>All users are recommended to upgrade to <a href="./download.cgi"> Continuum 1.4.1</a>, which configures Struts in such a way that it is not affect
ed by this issue.</p></div><div class="section"><h3>CVE-2011-0533: Apache Continuum cross-site scripting vulnerability<a name="CVE-2011-0533:_Apache_Continuum_cross-site_scripting_vulnerability"></a></h3><p>A request that included a specially crafted request parameter could be used to inject arbitrary HTML or Javascript into the Continuum user management page and project details pages. This fix is available in version <a href="./download.cgi"> 1.3.7</a> of Apache Continuum. All users must upgrade to this version (or higher).</p><p>Versions Affected:</p><ul><li>Continuum 1.3.6</li><li>Continuum 1.4.0 (Beta)</li><li>The unsupported versions Continuum 1.1 - 1.2.3.1 are also affected.</li></ul></div><div class="section"><h3>CVE-2010-3449: Apache Continuum CSRF vulnerability<a name="CVE-2010-3449:_Apache_Continuum_CSRF_vulnerability"></a></h3><p>Apache Continuum doesn't check which form sends credentials. An attacker can create a specially crafted page and force Continuum administrators
to view it and change their credentials. To fix this, a referrer check was added to the security interceptor for all secured actions. A prompt for the administrator's password when changing a user account was also set in place. This fix is available in version <a href="./download.cgi"> 1.3.7</a> of Apache Continuum. All users must upgrade to this version (or higher).</p><p>Versions Affected:</p><ul><li>Continuum 1.3.6</li><li>Continuum 1.4.0 (Beta)</li><li>The unsupported versions Continuum 1.1 - 1.2.3.1 are also affected.</li></ul></div></div>
</div>
</div>
<div class="clear">
Modified: continuum/site-publish/source-repository.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/source-repository.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/source-repository.html (original)
+++ continuum/site-publish/source-repository.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
@@ -194,18 +194,18 @@ pageTracker._trackPageview();</script>
-
-
+
+
<li class="expanded">
<a href="project-info.html">Project Information</a>
<ul>
<li class="none">
- <a href="team-list.html">Project Team</a>
+ <a href="license.html">Project License</a>
</li>
<li class="none">
@@ -213,16 +213,16 @@ pageTracker._trackPageview();</script>
</li>
<li class="none">
- <strong>Source Repository</strong>
- </li>
+ <a href="mail-lists.html">Mailing Lists</a>
+ </li>
<li class="none">
- <a href="license.html">Project License</a>
+ <a href="team-list.html">Project Team</a>
</li>
<li class="none">
- <a href="mail-lists.html">Mailing Lists</a>
- </li>
+ <strong>Source Repository</strong>
+ </li>
</ul>
</li>
</ul>
Modified: continuum/site-publish/team-list.html
URL: http://svn.apache.org/viewvc/continuum/site-publish/team-list.html?rev=1603345&r1=1603344&r2=1603345&view=diff
==============================================================================
--- continuum/site-publish/team-list.html (original)
+++ continuum/site-publish/team-list.html Wed Jun 18 01:14:20 2014
@@ -68,7 +68,7 @@ pageTracker._trackPageview();</script>
- Last Published: 14 Jun 2014
+ Last Published: 18 Jun 2014
</div>
<div class="clear">
<hr/>
@@ -190,14 +190,14 @@ pageTracker._trackPageview();</script>
-
-
+
+
<li class="expanded">
@@ -205,23 +205,23 @@ pageTracker._trackPageview();</script>
<ul>
<li class="none">
- <strong>Project Team</strong>
- </li>
+ <a href="license.html">Project License</a>
+ </li>
<li class="none">
<a href="issue-tracking.html">Issue Tracking</a>
</li>
<li class="none">
- <a href="source-repository.html">Source Repository</a>
+ <a href="mail-lists.html">Mailing Lists</a>
</li>
<li class="none">
- <a href="license.html">Project License</a>
- </li>
+ <strong>Project Team</strong>
+ </li>
<li class="none">
- <a href="mail-lists.html">Mailing Lists</a>
+ <a href="source-repository.html">Source Repository</a>
</li>
</ul>
</li>