[ANNOUNCE] Apache Directory Studio 2.0-0-M10 released

[Stefan Seelmann <se...@apache.org>]

The Apache Directory Team is pleased to announce the release of Apache
Directory Studio 2.0.0-M10, the next milestone towards a 2.0 version.

Apache Directory Studio is a complete directory tooling platform
intended to be used with any LDAP server however it is particularly
designed for use with ApacheDS. It is an Eclipse RCP application,
composed of several Eclipse (OSGi) plugins, that can be easily upgraded
with additional ones. These plugins can even run within Eclipse itself.

You can download Apache Directory Studio 2.0.0-M10 as a standalone RCP
application for Mac OS X, Linux and Windows here:
http://directory.apache.org/studio/downloads.html

You can also install it directly in Eclipse using this update site:
http://directory.apache.org/studio/update/

Note: This version fixes a security issue (CVE-2015-5349) discovered by
Muhammad Shahmeer Amir. The CSV export didn’t escape the fields
properly. Malicious users can put specially crafted values into the LDAP
server. When a user exports that data into CSV formatted file, and
subsequently opens it with a spreadsheet application, the data is
interpreted as a formula and executed. Users should upgrade to Apache
Directory Studio 2.0.0-M10.

Here are the release notes for Apache Directory Studio 2.0.0-M10:

* CVE-2015-5349: Command Injection through LDAP CSV export
* [DIRSTUDIO-1060] - Exported OpenLDAP schema has syntax errors
* [DIRSTUDIO-1061] - RawSchemaDefinition always shows single hyphen/dash
(empty) for attributes or classes
* [DIRSTUDIO-1068] - Bundles are not resolved on Eclipse Mars
* [DIRSTUDIO-1077] - Logging for embedded ApacheDS servers broken
(log4j.properties is deleted)
* [DIRSTUDIO-1079] - Creating a new entry using an existing one fails
because teh entryCSN at is being copied
* [DIRSTUDIO-1065] - Have a better error message when the java version
is wrong

The Apache Directory Team