continuum-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From br...@apache.org
Subject svn commit: r1429666 - in /continuum/site/src/site: apt/security.apt site.xml xdoc/index.xml.vm
Date Mon, 07 Jan 2013 03:57:25 GMT
Author: brett
Date: Mon Jan  7 03:57:25 2013
New Revision: 1429666

URL: http://svn.apache.org/viewvc?rev=1429666&view=rev
Log:
adjust download links to use the CGI

Modified:
    continuum/site/src/site/apt/security.apt
    continuum/site/src/site/site.xml
    continuum/site/src/site/xdoc/index.xml.vm

Modified: continuum/site/src/site/apt/security.apt
URL: http://svn.apache.org/viewvc/continuum/site/src/site/apt/security.apt?rev=1429666&r1=1429665&r2=1429666&view=diff
==============================================================================
--- continuum/site/src/site/apt/security.apt (original)
+++ continuum/site/src/site/apt/security.apt Mon Jan  7 03:57:25 2013
@@ -46,13 +46,14 @@ Security Vulnerabilities
 
     []
 
-  All users are recommended to upgrade to Continuum 1.4.1, which configures
-  Struts in such a way that it is not affected by this issue.
+  All users are recommended to upgrade to {{{./download.cgi} Continuum
+  1.4.1}}, which configures Struts in such a way that it is not affected by 
+  this issue.
 
 * CVE-2011-0533: Apache Continuum cross-site scripting vulnerability
 
   A request that included a specially crafted request parameter could be used to inject arbitrary
HTML or Javascript into the
-  Continuum user management page and project details pages. This fix is available in version
{{{./download.html} 1.3.7}} of
+  Continuum user management page and project details pages. This fix is available in version
{{{./download.cgi} 1.3.7}} of
   Apache Continuum. All users must upgrade to this version (or higher).
 
   Versions Affected:
@@ -70,7 +71,7 @@ Security Vulnerabilities
   Apache Continuum doesn't check which form sends credentials. An attacker can create a specially
crafted page and force
   Continuum administrators to view it and change their credentials. To fix this, a referrer
check was added to the security
   interceptor for all secured actions. A prompt for the administrator's password when changing
a user account was also set
-  in place. This fix is available in version {{{./download.html} 1.3.7}} of Apache Continuum.
All users must upgrade to this
+  in place. This fix is available in version {{{./download.cgi} 1.3.7}} of Apache Continuum.
All users must upgrade to this
   version (or higher).
 
   Versions Affected:

Modified: continuum/site/src/site/site.xml
URL: http://svn.apache.org/viewvc/continuum/site/src/site/site.xml?rev=1429666&r1=1429665&r2=1429666&view=diff
==============================================================================
--- continuum/site/src/site/site.xml (original)
+++ continuum/site/src/site/site.xml Mon Jan  7 03:57:25 2013
@@ -31,7 +31,7 @@
     </breadcrumbs>
     <menu name="Main">
       <item name="Home" href="index.html"/>
-      <item name="Download" href="download.html"/>
+      <item name="Download" href="download.cgi"/>
       <item name="Users Wiki" href="http://cwiki.apache.org/confluence/display/CONTINUUM/FAQ"/>
       <item name="Articles" href="articles.html"/>
       <item name="Features" href="features.html"/>

Modified: continuum/site/src/site/xdoc/index.xml.vm
URL: http://svn.apache.org/viewvc/continuum/site/src/site/xdoc/index.xml.vm?rev=1429666&r1=1429665&r2=1429666&view=diff
==============================================================================
--- continuum/site/src/site/xdoc/index.xml.vm (original)
+++ continuum/site/src/site/xdoc/index.xml.vm Mon Jan  7 03:57:25 2013
@@ -45,7 +45,7 @@
     </p>
 
     <div class="frontpagebox">
-      <div class="headline"><a href="download.html">Download</a></div>
     
+      <div class="headline"><a href="download.cgi">Download</a></div>
     
       <p>
           <span style="font-size: 115%; font-weight: bold;">Continuum ${gaVersion}
(GA)</span><br/>${gaDate}
           <br/><a href="docs/${gaVersion}/release-notes.html">Release Notes</a>
| <a href="docs/${gaVersion}/index.html">Documentation</a>



Mime
View raw message