You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by ja...@apache.org on 2012/04/15 15:12:10 UTC
svn commit: r1326322 - in /ofbiz/site: doap_OFBiz.rdf download.html
Author: jacopoc
Date: Sun Apr 15 13:12:09 2012
New Revision: 1326322
URL: http://svn.apache.org/viewvc?rev=1326322&view=rev
Log:
Published information about new release 10.04.02 and vulnerabilities fixed.
Modified:
ofbiz/site/doap_OFBiz.rdf
ofbiz/site/download.html
Modified: ofbiz/site/doap_OFBiz.rdf
URL: http://svn.apache.org/viewvc/ofbiz/site/doap_OFBiz.rdf?rev=1326322&r1=1326321&r2=1326322&view=diff
==============================================================================
--- ofbiz/site/doap_OFBiz.rdf (original)
+++ ofbiz/site/doap_OFBiz.rdf Sun Apr 15 13:12:09 2012
@@ -50,23 +50,16 @@
<foaf:mbox rdf:resource="mailto:jacopoc@apache.org"/>
</foaf:Person>
</maintainer>
- <!--release>
- <Version>
- <name>Apache OFBiz 11.04.01</name>
- <created>2012-04-30</created>
- <revision>11.04.01</revision>
- </Version>
- </release-->
<release>
<Version>
- <name>Apache OFBiz 10.04 (last stable)</name>
- <created>2010-05-01</created>
- <revision>10.04</revision>
+ <name>Apache OFBiz 10.04.02</name>
+ <created>2012-04-14</created>
+ <revision>10.04.02</revision>
</Version>
</release>
<release>
<Version>
- <name>Apache OFBiz 09.04.02 (latest 09.04)</name>
+ <name>Apache OFBiz 09.04.02</name>
<created>2012-02-30</created>
<revision>09.04.02</revision>
</Version>
Modified: ofbiz/site/download.html
URL: http://svn.apache.org/viewvc/ofbiz/site/download.html?rev=1326322&r1=1326321&r2=1326322&view=diff
==============================================================================
--- ofbiz/site/download.html (original)
+++ ofbiz/site/download.html Sun Apr 15 13:12:09 2012
@@ -85,26 +85,24 @@ ERP, CRM, E-Business / E-Commerce, MRP,
Use the links below to download Apache OFBiz releases from the "Apache Download Mirrors" page; in that page you'll also
find instructions on how to verify the integrity of the release file using the signature and hashes (PGP, MD5, SHA512) available for each release.
</p>
-<h3>Apache OFBiz 10.04</h3>
-<p>Released in January 2011, it contains all the features of the trunk up to April 2010
-and since then has been stabilized with bug fixes. It is our current "stable" release.
+<h3>Apache OFBiz 10.04.02</h3>
+<p>Released in April 2012, it contains all the features of the trunk up to April 2010
+and since then has been stabilized with bug fixes. It is our current "stable" release and supersedes the previous "Apache OFBiz 10.04" (also known as "Apache OFBiz 10.04.01"): in particular "Apache OFBiz 10.04.02" fixes some relevant <a href="#vulnerabilities">vulnerabilities</a> affecting the previous release.
</p>
<p>
-<a class="downloadLink" href="http://www.apache.org/dyn/closer.cgi/ofbiz/apache-ofbiz-10.04.zip" target="_blank">Download</a>
-[<a href="http://www.apache.org/dist/ofbiz/apache-ofbiz-10.04.zip.asc" target="_blank">PGP</a>]
-[<a href="http://www.apache.org/dist/ofbiz/apache-ofbiz-10.04.zip.md5" target="_blank">MD5</a>]
-[<a href="http://www.apache.org/dist/ofbiz/apache-ofbiz-10.04.zip.sha" target="_blank">SHA512</a>] Apache OFBiz 10.04
+<a class="downloadLink" href="http://www.apache.org/dyn/closer.cgi/ofbiz/apache-ofbiz-10.04.02.zip" target="_blank">Download</a>
+[<a href="http://www.apache.org/dist/ofbiz/apache-ofbiz-10.04.02.zip.asc" target="_blank">PGP</a>]
+[<a href="http://www.apache.org/dist/ofbiz/apache-ofbiz-10.04.02.zip.md5" target="_blank">MD5</a>]
+[<a href="http://www.apache.org/dist/ofbiz/apache-ofbiz-10.04.02.zip.sha" target="_blank">SHA512</a>] Apache OFBiz 10.04.02
</p>
-<hr/>
<h3>Other downloads</h3>
-<p>
-<a href="http://www.apache.org/dyn/closer.cgi/ofbiz/apache-ofbiz-09.04.02.zip" target="_blank">Apache OFBiz 09.04.02</a>
+<ul>
+<li><a href="http://www.apache.org/dyn/closer.cgi/ofbiz/apache-ofbiz-09.04.02.zip" target="_blank">Apache OFBiz 09.04.02</a>
[<a href="http://www.apache.org/dist/ofbiz/apache-ofbiz-09.04.02.zip.asc" target="_blank">PGP</a>]
[<a href="http://www.apache.org/dist/ofbiz/apache-ofbiz-09.04.02.zip.md5" target="_blank">MD5</a>]
-[<a href="http://www.apache.org/dist/ofbiz/apache-ofbiz-09.04.02.zip.sha" target="_blank">SHA512</a>] released in February 2012, is the latest bug fix release in the 09.04 series that contains all the features of the trunk up to April 2009; this is the last release for the 09.04 series (that is now closed)
-<h3>Old releases</h3>
-<p>Old superseded releases can be found in the OFBiz <a href="http://archive.apache.org/dist/ofbiz/" target="_blank">archive</a>.</p>
-<hr/>
+[<a href="http://www.apache.org/dist/ofbiz/apache-ofbiz-09.04.02.zip.sha" target="_blank">SHA512</a>] released in February 2012, is the latest bug fix release in the 09.04 series that contains all the features of the trunk up to April 2009; this is the last release for the 09.04 series (that is now closed)</li>
+<li>Old superseded releases can be found in the OFBiz <a href="http://archive.apache.org/dist/ofbiz/" target="_blank">archive</a></li>
+</ul>
<h3>Release Information</h3>
<ul>The naming convention for OFBiz releases is <b><Major Release Number>.<Minor Release Number></b> where:
<li><Major Release Number> is in the format of <YY.MM> where YY and MM are the year and month the release branch was created (i.e. date of the feature freeze);
@@ -114,7 +112,6 @@ and since then has been stabilized with
</ul>
<ul>Tentative release schedule for the 10.04 series:
-<li>April 2012 - Apache OFBiz 10.04.02</li>
<li>October 2012 - Apache OFBiz 10.04.03</li>
<li>April 2013 - Apache OFBiz 10.04.04 (last release of the 10.04 series)</li>
</ul>
@@ -133,6 +130,18 @@ and since then has been stabilized with
<li>September 2014 - Apache OFBiz 12.04.04</li>
<li>April 2015 - Apache OFBiz 12.04.05 (last release of the 12.04 series)</li>
</ul>
+<a name="vulnerabilities"></a>
+<h3>Security Vulnerabilities</h3>
+<p><b>We strongly encourage to report security problems affecting OFBiz to the private
+security mailing list of the ASF Security Team, before disclosing them
+in a public forum.</b> Please see the page of the <a href="http://www.apache.org/security/">ASF
+Security Team</a> for further information and contact information.
+<ul>This is the lists of all security vulnerabilities fixed in released versions of Apache OFBiz:
+<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1622">CVE-2012-1622</a>; affected releases: 10.04 (10.04.01); fixed in 10.04.02</li>
+<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1621">CVE-2012-1621</a>; affected releases: 10.04 (10.04.01); fixed in 10.04.02</li>
+<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0432">CVE-2010-0432</a>; affected releases: 09.04; fixed in 09.04.01</li>
+</ul>
+</p>
<!--
<ul>Tentative release schedule for the YY.04 series:
<li>April YYYY - creation of the release branch for YY.04 (this is not a release yet)</li>