You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by dk...@apache.org on 2020/03/26 15:28:14 UTC
[sling-org-apache-sling-app-cms] branch master updated: Updating
release information for 0.16.0
This is an automated email from the ASF dual-hosted git repository.
dklco pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-app-cms.git
The following commit(s) were added to refs/heads/master by this push:
new f72a0e9 Updating release information for 0.16.0
f72a0e9 is described below
commit f72a0e97f9ef91c491f9241fe2554b3985f67e94
Author: Dan Klco <dk...@apache.org>
AuthorDate: Thu Mar 26 11:28:00 2020 -0400
Updating release information for 0.16.0
---
README.md | 2 +-
docs/releases.md | 18 +++++++++++++++++-
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/README.md b/README.md
index 3508244..59c26a9 100644
--- a/README.md
+++ b/README.md
@@ -20,7 +20,7 @@ Try out Sling CMS on [Gitpod](https://www.gitpod.io/) for free for up to 50 hour
* [Releases](docs/releases.md)
* [Users](docs/users.md)
-### [Download Latest Version](https://search.maven.org/remotecontent?filepath=org/apache/sling/org.apache.sling.cms.builder/0.14.0/org.apache.sling.cms.builder-0.14.0.jar)
+### [Download Latest Version](https://search.maven.org/remotecontent?filepath=org/apache/sling/org.apache.sling.cms.builder/0.16.0/org.apache.sling.cms.builder-0.16.0.jar)
### [Report an Issue](https://issues.apache.org/jira)
## Contributing
diff --git a/docs/releases.md b/docs/releases.md
index c8dcc4f..8a15c89 100644
--- a/docs/releases.md
+++ b/docs/releases.md
@@ -12,12 +12,28 @@
# Releases
-## 0.14.0 - CURRENT VERSION
+## 0.16.0 - CURRENT VERSION
+
+Added support for LDAP authentication, UI tweaks and bug fixes.
+
+#### [CVE Advisory: CVE-2020-1949 - Improper Neutralization of Input During Web Page Generation](https://s.apache.org/CVE-2020-1949)
+
+Scripts in Sling CMS do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS attacks.
+
+#### Remediation
+
+Upgrade to Sling CMS 0.16.0.
+
+ * [View Release](https://github.com/apache/sling-org-apache-sling-app-cms/releases/org.apache.sling.cms-0.16.0)
+ * [API JavaDoc](http://javadoc.io/doc/org.apache.sling/org.apache.sling.cms.api/0.16.0)
+
+## 0.14.0
Focus on continued improvements to user experience, including significant improvments to the look and feel of the sites screens. Cleaned up inconsistencies in the breadcrumbs. New drag and drop re-ordering and added basic editable forms and significantly improved image transformations.
* [View Release](https://github.com/apache/sling-org-apache-sling-app-cms/releases/org.apache.sling.cms-0.14.0)
* [API JavaDoc](http://javadoc.io/doc/org.apache.sling/org.apache.sling.cms.api/0.14.0)
+* [Documentation](https://github.com/apache/sling-org-apache-sling-app-cms/tree/c45c70c207924d40b5f2cdca9b65374428d2ec3d)
## 0.12.0