roller-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Glen Mazza <gma...@talend.com>
Subject JRoller replacement? (Was Re: Apache Roller 5.0.1 available & upgrade recommended for all Roller sites)
Date Sun, 24 Jun 2012 18:05:46 GMT
JRoller has long deprecated their service; they're stuck on 3.1 and not 
accepting new accounts.  Is anyone aware of another community blogging 
service that hosts using Apache Roller?  I couldn't find anything.  If 
not I'll need to transfer probably to Google's Blogger service.

Glen

On 06/24/2012 01:03 PM, Dave wrote:
> New release: Apache Roller 5.0.1 is now available on Apache mirrors
> world-wide and you can find it here:
>
>     http://roller.apache.org/downloads.html
>
> This release fixes two security vulnerabilities in Roller, listed below:
>     CVE-2012-2380: Apache Roller Cross-Site-Resource-Forgery (XSRF) vulnerability
>     CVE-2012-2381: Apache Roller Cross-Site-Scripting (XSS) vulnerability
>
> Because the above are serious security vulnerabilities, we recommend
> that all sites running Apache Roller upgrade to this new release as
> soon as possible.
>
> Thanks,
> Dave
>
>


-- 
Glen Mazza
Talend Community Coders - coders.talend.com
blog: www.jroller.com/gmazza


Mime
View raw message