Hi All, The Archiva 1.3.5 release candidate has been staged. This release contains the fixes for the CSRF (CVE-2011-1026) and XSS (CVE-2011-1077) security vulnerability issues reported.
You can take a look at the release notes here: http://archiva.apache.org/docs/1.3.5/release-notes.html or http://jira.codehaus.org/secure/ReleaseNote.jspa?atl_token=TV1WooJHia&version=17232&styleName=Text&projectId=10980&Create=Create The staging repository where the binaries, including the sources, signatures and checksums, is here: http://people.apache.org/builds/archiva/1.3.5/ While the site has been staged at: http://archiva.apache.org/docs/1.3.5 Everyone is encouraged to vote and give their feedback :) [ ] +1 Release it! [ ] 0 [ ] -1 Don't release it, because... The vote will be open for 72 hours. Thanks, Deng
