Release Notes for Archiva ${project.version}
- The Apache Archiva team would like to announce the release of Archiva ${project.version}. Archiva is {{{http://archiva.apache.org/download.html}
+ The Apache Archiva team would like to announce the release of Archiva
+ ${project.version}. Archiva is {{{http://archiva.apache.org/download.html}
available for download from the web site}}.
- Archiva is an application for managing one or more remote repositories, including administration, artifact handling, browsing and searching.
+ Archiva is an application for managing one or more remote repositories,
+ including administration, artifact handling, browsing and searching.
If you have any questions, please consult:
Some new features has been added in ${project.version}:
- * You can now use REST Services to control Archiva or search Artifacts. (see {{{./adminguide/webservices/rest.html}REST Services}} ).
+ * It is now possible to create a staging repository for any managed repository
+ and later merge the results
- * Database Storage for Artifacts Informations has been replaced with a JCR Repository based on Apache Jackrabbit.
+ * You can now use REST services to control Archiva or search for artifacts.
+ See {{{./adminguide/webservices/rest.html}REST Services}} for more
+ information.
- * The search interface provide now the capability to search on OSGI Metadatas (based on the update of the Apache Maven Indexer library).
+ * Database storage for repository metadata has been replaced with a JCR
+ repository based on Apache Jackrabbit by default (other options such as
+ a flat-file storage may be made available in the future).
- * You can now download remote Maven index content from Remote repositories to include remote artifacts which are not present locally in your artifacts search results.
+ * The search interface provide now the capability to search on OSGI metadata
+ (based on the update of the Apache Maven Indexer library).
-* Compatibility Changes
-
- * If upgrading from versions of Archiva earlier than 1.2.2, the list of libraries
- in <<<wrapper.conf>>> has changed. If you have customized your copy of
- <<<wrapper.conf>>>, please update it for compatibility with the version distributed
- with the current release.
-
- * As Database Storage as been removed, you can now removed jndi entry related to the previous Archiva database.
- After upgrading from a previous 1.3.x version, you will have to run a full scan to populate the new JCR Repository.
+ * You can now download Maven index content from remote repositories to include
+ artifacts which are not present locally in your search results.
-* Security Vulnerabilities
-
- * A CSRF security vulnerability (CVE-2010-3449) is present in 1.3.2 and earlier.
-
- * An XSS security vulnerability (CVE-2011-0533) is present in 1.3.3 and earlier.
+* Compatibility Changes
- * Additional CSRF (CVE-2011-1026) and XSS security (CVE-2011-1077) vulnerabilities have been reported against 1.3.4
- and earlier versions.
+ * If upgrading from earlier versions of Archiva, the list of libraries in
+ <<<wrapper.conf>>> has changed. If you have customized your copy of
+ <<<wrapper.conf>>>, please update it for compatibility with the version
+ distributed with the current release.
- It is important that users using lower versions of Archiva upgrade to this version (or higher).
+ * As the database storage has been removed, you can remove the JNDI entry
+ for <<<jdbc/archiva>>>. After upgrading from a previous version, you will
+ have to run a full scan to populate the new JCR Repository. This will be
+ done on first start of Archiva.
- See {{{http://archiva.apache.org/security.html} Archiva Security}} for more details.
+ Refer to the {{{./adminguide/upgrade.html} Upgrading Archiva guide}} for more
+ information.
* Release Notes
projects / archiva.git / commitdiff