geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Donald Woods <>
Subject Re: [ANNOUNCE] Availability of Geronimo 2.1.4
Date Mon, 04 May 2009 14:15:15 GMT
Please note that everyone using a prior Geronimo 2.0.x through 2.1.3 
release is urged to upgrade to the 2.1.4 level ASAP.

The security vulnerabilities (XSS, XSRF and multiple directory traversal 
vulnerabilities) were mentioned on the ZDNet website last week and in 
their Zero Day newsletter -


Joe Bohn wrote:
> The Apache Geronimo project is pleased to announce the available of 
> Apache Geronimo v2.1.4 server. This is primarily a maintenance release.
> Among the updates and fixes included in the release are several security 
> fixes for vulnerabilities in the administration console. Details of the 
> security vulnerabilities fixed in this release can be found in the 
> Security Report:
> Other fixes and enhancements are listed in the Release Notes:
> Visit the Downloads page for details on downloading Apache Geronimo 
> v2.1.4 server assemblies:
> A big THANK YOU to all that contributed to this release!  Great work 
> everyone!
> Joe

View raw message