You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by br...@apache.org on 2013/01/07 11:42:03 UTC
svn commit: r1429743 - in /archiva/tags/archiva-1.3.6: ./ archiva-docs/ archiva-docs/src/site/ archiva-docs/src/site/apt/ archiva-modules/archiva-base/archiva-consumers/archiva-consumer-api/src/main/java/org/apache/maven/archiva/consumers/ archiva-modu...

Author: brett
Date: Mon Jan  7 10:42:03 2013
New Revision: 1429743

URL: http://svn.apache.org/viewvc?rev=1429743&view=rev
Log:
merge from archiva-1.3.x

Modified:
    archiva/tags/archiva-1.3.6/   (props changed)
    archiva/tags/archiva-1.3.6/archiva-docs/   (props changed)
    archiva/tags/archiva-1.3.6/archiva-docs/src/site/apt/release-notes.apt
    archiva/tags/archiva-1.3.6/archiva-docs/src/site/site.xml
    archiva/tags/archiva-1.3.6/archiva-modules/archiva-base/archiva-consumers/archiva-consumer-api/src/main/java/org/apache/maven/archiva/consumers/Consumer.java   (props changed)
    archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp-test/   (props changed)
    archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.properties   (props changed)
    archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml   (props changed)
    archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/security/UserRepositoriesStub.java   (props changed)
    archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/reports/   (props changed)
    archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/reports/GenerateReportActionTest.java   (props changed)
    archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/test/resources/org/apache/maven/archiva/web/action/reports/   (props changed)
    archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/test/resources/org/apache/maven/archiva/web/action/reports/GenerateReportActionTest.xml   (props changed)

Propchange: archiva/tags/archiva-1.3.6/
------------------------------------------------------------------------------
  Merged /archiva/branches/archiva-1.3.x:r1429742

Propchange: archiva/tags/archiva-1.3.6/archiva-docs/
------------------------------------------------------------------------------
  Merged /archiva/branches/archiva-1.3.x/archiva-docs:r1429742

Modified: archiva/tags/archiva-1.3.6/archiva-docs/src/site/apt/release-notes.apt
URL: http://svn.apache.org/viewvc/archiva/tags/archiva-1.3.6/archiva-docs/src/site/apt/release-notes.apt?rev=1429743&r1=1429742&r2=1429743&view=diff
==============================================================================
--- archiva/tags/archiva-1.3.6/archiva-docs/src/site/apt/release-notes.apt (original)
+++ archiva/tags/archiva-1.3.6/archiva-docs/src/site/apt/release-notes.apt Mon Jan  7 10:42:03 2013
@@ -1,10 +1,10 @@
  -----
- Release Notes for Archiva 1.3.5
+ Release Notes for Archiva 1.3.6
  -----
 
-Release Notes for Archiva 1.3.5
+Release Notes for Archiva 1.3.6
 
-  The Apache Archiva team would like to announce the release of Archiva 1.3.5.  Archiva is {{{http://archiva.apache.org/download.html}
+  The Apache Archiva team would like to announce the release of Archiva 1.3.6.  Archiva is {{{http://archiva.apache.org/download.html}
   available for download from the web site}}.
 
   Archiva is an application for managing one or more remote repositories, including administration, artifact handling, browsing and searching.
@@ -24,13 +24,16 @@ Release Notes for Archiva 1.3.5
 
 * Security Vulnerabilities
 
-    * A CSRF security vulnerability (CVE-2010-3449) is present in 1.3.2 and earlier.
-  
-    * An XSS security vulnerability (CVE-2011-0533) is present in 1.3.3 and earlier.
+    * A remote code execution (CVE-2010-1870) vulnerability has been reported against 1.3.5
+      and earlier versions.
 
-    * Additional CSRF (CVE-2011-1026) and XSS security (CVE-2011-1077) vulnerabilities have been reported against 1.3.4
+    * CSRF (CVE-2011-1026) and XSS security (CVE-2011-1077) vulnerabilities have been reported against 1.3.4
       and earlier versions.
 
+    * An XSS security vulnerability (CVE-2011-0533) is present in 1.3.3 and earlier.
+
+    * A CSRF security vulnerability (CVE-2010-3449) is present in 1.3.2 and earlier.
+  
   It is important that users using lower versions of Archiva upgrade to this version (or higher).
 
   See {{{http://archiva.apache.org/security.html} Archiva Security}} for more details.
@@ -56,7 +59,15 @@ Release Notes for Archiva 1.3.5
 
 * Release Notes
 
-  The Archiva 1.3.5 feature set can be seen in the {{{tour/index.html} feature tour}}.
+  The Archiva 1.3.6 feature set can be seen in the {{{tour/index.html} feature tour}}.
+
+* Changes in Archiva 1.3.6
+
+  Released: <<7 January 2013>>
+
+** Bug
+
+    * [MRM-1738] - defaultStack requires a stronger blacklist of parameter names in the param interceptor
 
 * Changes in Archiva 1.3.5
 

Modified: archiva/tags/archiva-1.3.6/archiva-docs/src/site/site.xml
URL: http://svn.apache.org/viewvc/archiva/tags/archiva-1.3.6/archiva-docs/src/site/site.xml?rev=1429743&r1=1429742&r2=1429743&view=diff
==============================================================================
--- archiva/tags/archiva-1.3.6/archiva-docs/src/site/site.xml (original)
+++ archiva/tags/archiva-1.3.6/archiva-docs/src/site/site.xml Mon Jan  7 10:42:03 2013
@@ -26,7 +26,7 @@
   </bannerLeft>
   <body>
     <breadcrumbs>
-      <item name="1.3.5" href="/index.html" />
+      <item name="1.3.6" href="/index.html" />
     </breadcrumbs>
 
     <menu name="Introduction">

Propchange: archiva/tags/archiva-1.3.6/archiva-modules/archiva-base/archiva-consumers/archiva-consumer-api/src/main/java/org/apache/maven/archiva/consumers/Consumer.java
------------------------------------------------------------------------------
  Merged /archiva/branches/archiva-1.3.x/archiva-modules/archiva-base/archiva-consumers/archiva-consumer-api/src/main/java/org/apache/maven/archiva/consumers/Consumer.java:r1429742

Propchange: archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp-test/
------------------------------------------------------------------------------
  Merged /archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp-test:r1429742

Propchange: archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.properties
------------------------------------------------------------------------------
  Merged /archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.properties:r1429742

Propchange: archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml
------------------------------------------------------------------------------
  Merged /archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml:r1429742

Propchange: archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/security/UserRepositoriesStub.java
------------------------------------------------------------------------------
  Merged /archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/security/UserRepositoriesStub.java:r1429742

Propchange: archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/reports/
------------------------------------------------------------------------------
  Merged /archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/reports:r1429742

Propchange: archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/reports/GenerateReportActionTest.java
------------------------------------------------------------------------------
  Merged /archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/reports/GenerateReportActionTest.java:r1429742

Propchange: archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/test/resources/org/apache/maven/archiva/web/action/reports/
------------------------------------------------------------------------------
  Merged /archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/resources/org/apache/maven/archiva/web/action/reports:r1429742

Propchange: archiva/tags/archiva-1.3.6/archiva-modules/archiva-web/archiva-webapp/src/test/resources/org/apache/maven/archiva/web/action/reports/GenerateReportActionTest.xml
------------------------------------------------------------------------------
  Merged /archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/resources/org/apache/maven/archiva/web/action/reports/GenerateReportActionTest.xml:r1429742