This is an automated email from the ASF dual-hosted git repository.
olamy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/archiva.git
The following commit(s) were added to refs/heads/master by this push:
new 115383d41 merge back release notes from branch
115383d41 is described below
commit 115383d41e4638a77fe8cc30ec721c1dcb44492f
Author: Olivier Lamy <[email protected]>
AuthorDate: Mon Oct 10 08:16:50 2022 +1000
merge back release notes from branch
Signed-off-by: Olivier Lamy <[email protected]>
---
archiva-docs/src/site/apt/release-notes.apt.vm | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/archiva-docs/src/site/apt/release-notes.apt.vm
b/archiva-docs/src/site/apt/release-notes.apt.vm
index 8c4e5fcfb..5a16b6e48 100644
--- a/archiva-docs/src/site/apt/release-notes.apt.vm
+++ b/archiva-docs/src/site/apt/release-notes.apt.vm
@@ -52,11 +52,25 @@ Release Notes for Archiva ${project.version}
** Bug/Security Fix
- * CVE-2022-29405 Apache Archiva Arbitrary user password reset vulnerability
+ * [MRM-2051}: upgrade dom4j (v2 branch)
+ * upgrade spring 4.2.9
+ * [MRM-2050]: upgrade commons-fileupload and commons-io due to cves
+ * [MRM-2049]: upgrade httpclient due to cves
+ * [MRM-2048]- upgrade xerces due to CVE
Previous Release Notes
+* Release Notes for Archiva 2.2.8
+
+ Apache Archiva 2.2.8 is a security fix release:
+
+ Released: 2022-05-25
+
+88 Bug/Security Fix
+
+ * CVE-2022-29405 Apache Archiva Arbitrary user password reset vulnerability
+
* Release Notes for Archiva 2.2.7
Apache Archiva 2.2.7 is a security fix release:
