Greetings, I have some time to patch frame injection vulnerability in the project javadocs. Since this is the first time publishing the docs, I'd like someone to verify the process for me. From http://continuum.apache.org/development/publishing-site.html it appears that I:
* check out the source under http://svn.apache.org/repos/asf/continuum/site-publish * patch the docs * run "mvn site site:stage scm-publish:publish-scm" That should update the existing docs. How should we ensure new docs don't get published with the vulnerability? Would that be something we'd do with enforcer and require versions? Brent
