]> source.dussan.org Git - archiva.git/commitdiff
projects / archiva.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9cc969a)
merge back release notes from branch
authorOlivier Lamy <olamy@apache.org>
Sun, 9 Oct 2022 22:16:50 +0000 (08:16 +1000)
committerOlivier Lamy <olamy@apache.org>
Sun, 9 Oct 2022 22:16:50 +0000 (08:16 +1000)
Signed-off-by: Olivier Lamy <olamy@apache.org>
archiva-docs/src/site/apt/release-notes.apt.vm patch | blob | history

diff --git a/archiva-docs/src/site/apt/release-notes.apt.vm b/archiva-docs/src/site/apt/release-notes.apt.vm
index 8c4e5fcfbd09304ecfceeaf2a9bf540520a69028..5a16b6e486c1a42f31d73bf7361043667b2f39d1 100644 (file)
--- a/archiva-docs/src/site/apt/release-notes.apt.vm
+++ b/archiva-docs/src/site/apt/release-notes.apt.vm
@@ -52,11 +52,25 @@ Release Notes for Archiva ${project.version}
 
 ** Bug/Security Fix
 
-  * CVE-2022-29405 Apache Archiva Arbitrary user password reset vulnerability
+  * [MRM-2051}: upgrade dom4j (v2 branch)
+  * upgrade spring 4.2.9
+  * [MRM-2050]: upgrade commons-fileupload and commons-io due to cves
+  * [MRM-2049]: upgrade httpclient due to cves
+  * [MRM-2048]- upgrade xerces due to CVE
 
 
 Previous Release Notes
 
+* Release Notes for Archiva 2.2.8
+
+ Apache Archiva 2.2.8 is a security fix release:
+
+ Released: 2022-05-25
+
+88 Bug/Security Fix
+
+  * CVE-2022-29405 Apache Archiva Arbitrary user password reset vulnerability
+
 * Release Notes for Archiva 2.2.7
 
  Apache Archiva 2.2.7 is a security fix release:
Apache Archiva Repository: https://github.com/apache/archiva