couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Shorin <kxe...@gmail.com>
Subject Re: [VOTE] Release Apache CouchDB 1.6.0-rc.4
Date Mon, 05 May 2014 18:29:33 GMT
On Mon, May 5, 2014 at 4:24 PM, Alexander Shorin <kxepal@gmail.com> wrote:
> 1.6.0-rc.4 lacks of two important changes:
>
> HTML escaping for Fauxton:
> https://github.com/apache/couchdb/commit/64144cc8bdbc64002bde64394dc8850d3987718c
> this is related to recently reported XSS vulnerability COUCHDB-2232
>
> And support of Erlang 17 (well, it's actually multiple commits due to
> branch merge and rush master fixing at night):
> Merge:
> https://github.com/apache/couchdb/commit/296de8b1fe69e66d649294fd0445449b18c49194
> Fixes:
> https://github.com/apache/couchdb/commit/519a488876323f822eaa77b435b1d28e56fd273a
> https://github.com/apache/couchdb/commit/8c07af243e82ea950b8ef27cfa700a4a73f878ab
> https://github.com/apache/couchdb/commit/7d29ade0b5b678ce35af184ef6c53824d0b0e250

Fixed! Now 1.6.x branch has support for Erlang 17 and Fauxton there is
more better protected from reported XSS issues.
All tests passed on Gentoo and FreeBSD, so no more unexpected trivial
blocking issues should occurs.
LETS FINALLY MAKE COUCHDB 1.6 RELEASE!(:

--
,,,^..^,,,

Mime
View raw message