You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by da...@apache.org on 2022/10/18 12:33:54 UTC

[isis] 01/02: ISIS-3248: updates release notes, STATUS and doap_isis.rdf

This is an automated email from the ASF dual-hosted git repository.

danhaywood pushed a commit to branch 2.0.0-M9
in repository https://gitbox.apache.org/repos/asf/isis.git

commit 21889e912c0ef8816d62f6cba6b090338aae8c65
Author: Dan Haywood <da...@haywood-associates.co.uk>
AuthorDate: Tue Oct 18 11:24:22 2022 +0100

    ISIS-3248: updates release notes, STATUS and doap_isis.rdf
---
 STATUS                                             |  4 ++-
 antora/components/relnotes/modules/ROOT/nav.adoc   |  1 +
 .../modules/ROOT/pages/2022/2.0.0-M8/relnotes.adoc |  3 +-
 .../modules/ROOT/pages/2022/2.0.0-M9/relnotes.adoc | 41 ++++++++++++++++++++++
 .../relnotes/modules/ROOT/pages/about.adoc         | 14 +++++++-
 antora/supplemental-ui/doap_isis.rdf               |  8 +++++
 6 files changed, 68 insertions(+), 3 deletions(-)

diff --git a/STATUS b/STATUS
index 8d60d9d6d8..e3c8b7ad3f 100644
--- a/STATUS
+++ b/STATUS
@@ -23,7 +23,9 @@ Description
 
 TLP releases:
 
-  * isis-2.0.0-M7                                  : 06 Oct 2022
+  * isis-2.0.0-M9                                  : 18 Oct 2022
+
+  * isis-2.0.0-M8                                  : 06 Oct 2022
 
   * isis-2.0.0-M7                                  : 28 Feb 2022
 
diff --git a/antora/components/relnotes/modules/ROOT/nav.adoc b/antora/components/relnotes/modules/ROOT/nav.adoc
index fdd04cfb7a..2969296927 100644
--- a/antora/components/relnotes/modules/ROOT/nav.adoc
+++ b/antora/components/relnotes/modules/ROOT/nav.adoc
@@ -3,6 +3,7 @@
 
 
 * 2022
+** xref:relnotes:ROOT:2022/2.0.0-M9/relnotes.adoc[2.0.0-M9]
 ** xref:relnotes:ROOT:2022/2.0.0-M8/relnotes.adoc[2.0.0-M8]
 ** xref:relnotes:ROOT:2022/2.0.0-M7/relnotes.adoc[2.0.0-M7]
 * 2021
diff --git a/antora/components/relnotes/modules/ROOT/pages/2022/2.0.0-M8/relnotes.adoc b/antora/components/relnotes/modules/ROOT/pages/2022/2.0.0-M8/relnotes.adoc
index c3634a0f6d..578397547b 100644
--- a/antora/components/relnotes/modules/ROOT/pages/2022/2.0.0-M8/relnotes.adoc
+++ b/antora/components/relnotes/modules/ROOT/pages/2022/2.0.0-M8/relnotes.adoc
@@ -33,6 +33,7 @@ to allow pluggable management of identifiers in bookmarks/URLs etc
 
 * Support for Java Module System (`module.info.java`) (link:https://issues.apache.org/jira/browse/ISIS-3207[ISIS-3207])
 
+This release also fixes the security vulnerability: CVE-2022-42466, fixed by link:https://issues.apache.org/jira/browse/ISIS-3128[ISIS-3128]
 
 
 
@@ -153,7 +154,7 @@ to allow pluggable management of identifiers in bookmarks/URLs etc
 
 == Security Fixes
 
-* link:https://issues.apache.org/jira/browse/ISIS-3128[ISIS-3128] - [Security] h2 console potentially vulnerable to code execution
+* link:https://issues.apache.org/jira/browse/ISIS-3128[ISIS-3128] - CVE-2022-42466 [Security] h2 console potentially vulnerable to code execution
 * link:https://issues.apache.org/jira/browse/ISIS-3077[ISIS-3077] - [Vulnerability] Scalar Value Output Rendering is not escaped. (XSS Vulnarability)
 * link:https://issues.apache.org/jira/browse/ISIS-2977[ISIS-2977] - [Vulnerability] jdom dependency has XXE vulnerability
 
diff --git a/antora/components/relnotes/modules/ROOT/pages/2022/2.0.0-M9/relnotes.adoc b/antora/components/relnotes/modules/ROOT/pages/2022/2.0.0-M9/relnotes.adoc
new file mode 100644
index 0000000000..77f1deb587
--- /dev/null
+++ b/antora/components/relnotes/modules/ROOT/pages/2022/2.0.0-M9/relnotes.adoc
@@ -0,0 +1,41 @@
+[[r2.0.0-M9]]
+= 2.0.0-M9
+
+:Notice: Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at. http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or ag [...]
+:page-partial:
+
+This is primarily a security release to fix CVE-2022-42466, fixed by link:https://issues.apache.org/jira/browse/ISIS-3240[ISIS-3240].
+
+
+
+== New Feature
+
+* link:https://issues.apache.org/jira/browse/ISIS-2381[ISIS-2381] - [Validation] Metamodel exception if @PropertyLayout(navigable=...) with a value type
+* link:https://issues.apache.org/jira/browse/ISIS-3232[ISIS-3232] - [Validation] Fail early, if viewmodels have no recreation strategy.
+
+== Improvement
+
+* link:https://issues.apache.org/jira/browse/ISIS-3247[ISIS-3247] - [Metamodel] Change Precedence Order of Viewmodel Serialization Strategies
+* link:https://issues.apache.org/jira/browse/ISIS-3242[ISIS-3242] - Remove pdf.js v1 legacy
+* link:https://issues.apache.org/jira/browse/ISIS-3237[ISIS-3237] - [Wicket Viewer] Migrate from CGLIB to ByteBuddy
+
+== Security Fixes
+
+* link:https://issues.apache.org/jira/browse/ISIS-3240[ISIS-3240] - CVE-2022-42466 [Wicket Viewer] Some components (for value-types) need escaped rendering.
+
+
+== Bug
+
+* link:https://issues.apache.org/jira/browse/ISIS-3246[ISIS-3246] - [Regression] Shiro Filter throws NPE on init since Shiro v1.10.0
+* link:https://issues.apache.org/jira/browse/ISIS-3226[ISIS-3226] - Viewmodel recreation no longer works as previously (with fallback strategy)
+
+
+== Documentation
+
+* link:https://issues.apache.org/jira/browse/ISIS-3249[ISIS-3249] - Add instruction to log in/create a new account in Jira for contributing
+* link:https://issues.apache.org/jira/browse/ISIS-3243[ISIS-3243] - Fixing some typos and formatting issues in documentations
+* link:https://issues.apache.org/jira/browse/ISIS-3241[ISIS-3241] - Fix broken link in CONTRIBUTING.adoc
+
+== Task
+
+* link:https://issues.apache.org/jira/browse/ISIS-3248[ISIS-3248] - Release activities 2.0.0 M9
diff --git a/antora/components/relnotes/modules/ROOT/pages/about.adoc b/antora/components/relnotes/modules/ROOT/pages/about.adoc
index 70ad657c4a..f3a60b6fcf 100644
--- a/antora/components/relnotes/modules/ROOT/pages/about.adoc
+++ b/antora/components/relnotes/modules/ROOT/pages/about.adoc
@@ -29,9 +29,21 @@ This table summarises all releases of Apache Isis v2.0 to date.
 | Detail
 
 
+| 2.0.0-M9
+| 18-Oct-2022
+|
+Ninth milestone release for Apache Isis 2.0.0 +
+Fixes CVE-2022-42466.
+| 2
+| 3
+| 2
+|
+* xref:relnotes:ROOT:2022/2.0.0-M9/relnotes.adoc[Release Notes]
+
 | 2.0.0-M8
 | 06-Oct-2022
-| Eighth milestone release for Apache Isis 2.0.0
+| Eighth milestone release for Apache Isis 2.0.0 +
+Fixes CVE-2022-42467.
 | 26
 | 79
 | 84
diff --git a/antora/supplemental-ui/doap_isis.rdf b/antora/supplemental-ui/doap_isis.rdf
index a977029969..9b48caed21 100644
--- a/antora/supplemental-ui/doap_isis.rdf
+++ b/antora/supplemental-ui/doap_isis.rdf
@@ -44,6 +44,14 @@
       </Version>
     </release>
 
+    <release>
+      <Version>
+        <name>isis</name>
+        <created>2022-10-18</created>
+        <revision>2.0.0-M9</revision>
+      </Version>
+    </release>
+
     <release>
       <Version>
         <name>isis</name>