You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Jukka Zitting (JIRA)" <ji...@apache.org> on 2013/12/02 09:55:35 UTC
[jira] [Commented] (SLING-3262) Upgrade embedded
jackrabbit-jcr-server version in o.a.s.jcr.webdav
[ https://issues.apache.org/jira/browse/SLING-3262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13836374#comment-13836374 ]
Jukka Zitting commented on SLING-3262:
--------------------------------------
bq. Are there any compatibility constraints related to upgrading from Jackrabbit WebDAV and Jackrabbit JCR Server 2.4.4 to the 2.6.4 versions ?
No. The WebDAV component is fully binary-compatible (verified with clirr) and there are no major changes in JCR Server either (it doesn't export any packages, so the upgrade should be fine as long as o.a.s.jcr.webdav compiles). The WebDAV interface exposed by JCR Server should be fully backwards compatible.
> Upgrade embedded jackrabbit-jcr-server version in o.a.s.jcr.webdav
> ------------------------------------------------------------------
>
> Key: SLING-3262
> URL: https://issues.apache.org/jira/browse/SLING-3262
> Project: Sling
> Issue Type: Improvement
> Components: JCR
> Affects Versions: JCR Webdav 2.2.0, JCR DavEx 1.2.0
> Reporter: Jukka Zitting
> Fix For: JCR Webdav 2.2.2, JCR DavEx 1.2.2
>
>
> The WebDAV functionality in Jackrabbit has improved since the 2.4.4 version currently included in the o.a.s.jcr.webdav bundle. Most notably JCR-3630 fixes an XSS issue that is still present in 2.4.4.
> It would thus be a good idea to upgrade the jackrabbit-jcr-server dependency to 2.4.5 (to get the JCR-3630 fix) or to 2.6.4 (for JCR-3630 and other fixes/improvements).
--
This message was sent by Atlassian JIRA
(v6.1#6144)