You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by bu...@apache.org on 2014/11/03 19:10:45 UTC
svn commit: r927817 - in /websites/staging/trafficserver/trunk: cgi-bin/
content/ content/downloads.en.html content/index.html
Author: buildbot
Date: Mon Nov 3 18:10:45 2014
New Revision: 927817
Log:
Staging update by buildbot for trafficserver
Modified:
websites/staging/trafficserver/trunk/cgi-bin/ (props changed)
websites/staging/trafficserver/trunk/content/ (props changed)
websites/staging/trafficserver/trunk/content/downloads.en.html
websites/staging/trafficserver/trunk/content/index.html
Propchange: websites/staging/trafficserver/trunk/cgi-bin/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Mon Nov 3 18:10:45 2014
@@ -1 +1 @@
-1635783
+1636412
Propchange: websites/staging/trafficserver/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Mon Nov 3 18:10:45 2014
@@ -1 +1 @@
-1635783
+1636412
Modified: websites/staging/trafficserver/trunk/content/downloads.en.html
==============================================================================
--- websites/staging/trafficserver/trunk/content/downloads.en.html (original)
+++ websites/staging/trafficserver/trunk/content/downloads.en.html Mon Nov 3 18:10:45 2014
@@ -72,7 +72,7 @@ and checksum signatures.</p>
[<a href="http://www.apache.org/dist/trafficserver/trafficserver-5.1.1.tar.bz2.sha1"><code>SHA1</code></a>]</p>
<p><a href="http://www.apache.org/dyn/closer.cgi/trafficserver/trafficserver-5.1.1.tar.bz2" class="download_ts">Traffic Server 5.1.1</a></p>
<p>v5.1.1 is an incremental release over 5.0.1.</p>
-<p>More details are also in the <a href="https://git-wip-us.apache.org/repos/asf?p=trafficserver.git;a=blob_plain;f=CHANGES;hb=refs/tags/5.1.1">CHANGES log</a> and the the Jira <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12324894&styleName=Html&projectId=12310963&Create=Create&atl_token=A5KQ-2QAV-T4JA-FDED%7Cceb8ed92ec8bf770f126e65e5fce4ce9335391fd%7Clout">Release Notes</a></p>
+<p>More details are also in the <a href="https://git-wip-us.apache.org/repos/asf?p=trafficserver.git;a=blob_plain;f=CHANGES;hb=refs/tags/5.1.1">CHANGES log</a> and the the Jira <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12327088&styleName=Html&projectId=12310963&Create=Create&atl_token=A5KQ-2QAV-T4JA-FDED%7Cfb6e85a9e82c27f61df95aadd1538645809197e9%7Clin">Release Notes</a></p>
<h1 id="4.2.2">Current v4.x Release (Long Term Support) -- 4.2.2</h1>
<p>Apache Traffic Server 4.2.2 was released on September 4, 2014.
[<a href="http://www.apache.org/dist/trafficserver/trafficserver-4.2.2.tar.bz2.asc"><code>PGP</code></a>]
Modified: websites/staging/trafficserver/trunk/content/index.html
==============================================================================
--- websites/staging/trafficserver/trunk/content/index.html (original)
+++ websites/staging/trafficserver/trunk/content/index.html Mon Nov 3 18:10:45 2014
@@ -63,11 +63,17 @@
"http://ostatic.com/blog/guest-post-yahoos-cloud-team-open-sources-traffic-server">Traffic
Server overview</a>.</p>
<br>
- <P><b>Important security announcement</b>: All versions of Traffic
- Server prior to v5.0.1 (or v4.2.1.1) have a vulnerability related to
- the synthetic health checks as used by traffic_cop. We urge everyone
- to upgrade to the latest releases, either v4.2.1.1 or v5.1.1. See
- CVE-2014-3525 for some details.
+ <P><b>Important security announcements</b>:</P>
+ <P>
+ All versions of Traffic Server prior to v5.0.1 (or v4.2.1.1) have a vulnerability related to
+ the synthetic health checks as used by traffic_cop. We urge everyone
+ to upgrade to the latest releases, either v4.2.1.1 or v5.1.1. See
+ CVE-2014-3525 for some details.
+ </P>
+ <p>
+ Traffic Server 5.1.0 has a security issue that can lead to acting as an open relay under specific circumstances.
+ We urge all deployments of 5.1.0 to upgrade to 5.1.1. See CVE-2014-3624 and TS-2677 for more detail.
+ </p>
</div>
</div>
<div class="fourcol right last">