archiva-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Deng Ching <och...@apache.org>
Subject [CANCELLED] [VOTE] Release Archiva 1.3.5
Date Thu, 17 Mar 2011 09:20:54 GMT
I'm cancelling this vote now since there were still some issues found
with the security vulnerabilities.

-Deng

On Mon, Mar 14, 2011 at 5:06 PM, Deng Ching <oching@apache.org> wrote:
> Hi All,
>
> The Archiva 1.3.5 release candidate has been staged. This release
> contains the fixes for the CSRF (CVE-2011-1026) and XSS
> (CVE-2011-1077) security vulnerability issues reported.
>
> You can take a look at the release notes here:
>
> http://archiva.apache.org/docs/1.3.5/release-notes.html or
> http://jira.codehaus.org/secure/ReleaseNote.jspa?atl_token=TV1WooJHia&version=17232&styleName=Text&projectId=10980&Create=Create
>
> The staging repository where the binaries, including the sources,
> signatures and checksums, is here:
>
> http://people.apache.org/builds/archiva/1.3.5/
>
> While the site has been staged at:
>
> http://archiva.apache.org/docs/1.3.5
>
> Everyone is encouraged to vote and give their feedback :)
>
> [ ] +1 Release it!
> [ ] 0
> [ ] -1 Don't release it, because...
>
> The vote will be open for 72 hours.
>
>
> Thanks,
> Deng
>

Mime
View raw message