This is an automated email from the ASF dual-hosted git repository.
olamy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/archiva.git
The following commit(s) were added to refs/heads/master by this push:
new 7d09fb741 update release note for 2.2.8
7d09fb741 is described below
commit 7d09fb741bb19e600ee33b0c25e1927b701e2bbc
Author: Olivier Lamy <[email protected]>
AuthorDate: Tue May 31 20:37:20 2022 +1000
update release note for 2.2.8
Signed-off-by: Olivier Lamy <[email protected]>
---
archiva-docs/src/site/apt/release-notes.apt.vm | 140 +++++++++++++++++++++++++
1 file changed, 140 insertions(+)
diff --git a/archiva-docs/src/site/apt/release-notes.apt.vm
b/archiva-docs/src/site/apt/release-notes.apt.vm
index 7085e7367..c5df67d5f 100644
--- a/archiva-docs/src/site/apt/release-notes.apt.vm
+++ b/archiva-docs/src/site/apt/release-notes.apt.vm
@@ -36,7 +36,147 @@ Release Notes for Archiva ${project.version}
* New in Archiva ${project.version}
+<<<<<<< Updated upstream
Apache Archiva ${project.version} is a bug fix release:
+=======
+ Apache Archiva ${project.version} is a security fix release:
+
+** Compatibility Changes
+
+ * There are no compatibility changes
+
+** New Feature
+
+ * There are no new features in this release.
+
+** Improvements
+
+ * There are no improvements
+
+** Bug/Security Fix
+
+ * CVE-2022-29405 Apache Archiva Arbitrary user password reset vulnerability
+
+
+Previous Release Notes
+
+* Release Notes for Archiva 2.2.7
+
+ Apache Archiva 2.2.7 is a security fix release:
+
+ Released: 2022-12-22
+
+** Compatibility Changes
+
+ * [MRM-2021] There is a new flag 'literalVersion=true/false' for service
archivaServices/searchService/artifact
+ which allows to change the behaviour for v=LATEST search.
+
+** New Feature
+
+ * There are no new features in this release.
+
+** Improvements
+
+ * There are no improvements
+
+** Bug/Security Fix
+
+ * [MRM-2027] Update of the log4j2 version to 2.17.0
+
+ * [MRM-2020] Fixed the behaviour of the startup script, if ARCHIVA_BASE is
set (separating installation and data directory)
+
+ * [MRM-2022] Fixed the handling of X-XSRF-TOKEN header in Javascript calls
+
+
+* Release Notes for Archiva 2.2.6
+
+ Apache Archiva 2.2.6 is a security fix release:
+
+ Released: 2021-12-15
+
+** Compatibility Changes
+
+ * No API changes or known side effects.
+
+** New Feature
+
+ * There are no new features in this release.
+
+** Improvements
+
+ * There are no improvements
+
+** Bug/Security Fix
+
+ * Update of the log4j2 version to mitigate the log4j2 vulnerability
(CVE-2021-44228)
+
+ * Deactivated directory listings by the file servlet
+
+
+* Release Notes for Archiva 2.2.5
+
+ Apache Archiva 2.2.5 is a bug fix release:
+
+ Released: 2020-06-19
+
+** Compatibility Changes
+
+ * No API changes or known side effects.
+
+** New Feature
+
+ * There are no new features in this release.
+
+** Improvements
+
+ * There are no improvements
+
+** Bug Fix
+
+ * [MRM-2008] Fix for group names with slashes
+
+ * Better handling of LDAP filter
+
+
+* Release Notes for Archiva 2.2.4
+
+ Apache Archiva 2.2.4 is a bug fix release:
+
+ * Fixes for handling of artifacts
+
+ * Improved validation of REST calls
+
+** Compatibility Changes
+
+ No API changes or known side effects.
+
+ Released: 2019-04-30
+
+** New Feature
+
+ * There are no new features in this release.
+
+** Improvements
+
+ * Adding additional validation to REST service calls for artifact upload
+
+** Bug Fix
+
+ * [MRM-1972] Stored XSS in Web UI Organization Name
+
+ * [MRM-1966] Repository-purge not working
+
+ * [MRM-1958] Purge by retention count deletes files but leaves history on
website.
+
+ * [MRM-1929] Repository purge is not reflected in index
+
+
+* Release Notes for Archiva 2.2.3
+
+** New in Archiva 2.2.3
+
+ Apache Archiva 2.2.3 is a bug fix release:
+>>>>>>> Stashed changes
* Some fixes for the REST API were added to detect requests from unknown
origin
