tiles-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mick Semb Wever <...@apache.org>
Subject Re: [SECURITY] Frame injection vulnerability in published Javadoc
Date Sun, 23 Jun 2013 20:33:27 GMT
ClamAV 0.96.5


> I applied the patch provided by Oracle and published the result
> immediately.

Thanks Nicolas!

I've made a commit to tiles-master to help us address this problem
further. see http://svn.apache.org/r1495885

It uses the enforcer plugin to limit which jdks can be used to build the
project. Since there is no safe version of Java6 the enforcer plugin
sets it to 1.7.0-22+

A previous problem was our javadoc building currently only worked with
Java6 due to UmlGraph. It has been upgraded, it now works with Java7.

I've also set the minimum maven version to use to 3.0.4.

If this makes sense i'll push for a release of tiles-master-6 soon.

Maybe we should also be dropping support for Java6 compatibility?

~mck


-- 
Just because a person smiles all the time doesn't mean their life is
perfect. That smile is a symbol of hope & strength. 

| http://github.com/finn-no | http://tech.finn.no |


Mime
View raw message