On Mar 31, 2009, at 12:21 PM, Joe Bohn wrote:
The Apache Geronimo project is pleased to announce the available of
Apache Geronimo v2.1.4 server. This is primarily a maintenance
release.
Among the updates and fixes included in the release are several
security fixes for vulnerabilities in the administration console.
Details of the security vulnerabilities fixed in this release can be
found in the Security Report:
http://geronimo.apache.org/21x-security-report.html
Other fixes and enhancements are listed in the Release Notes:
http://cwiki.apache.org/confluence/display/GMOxDOC21/RELEASE-NOTES-2.1.4.TXT
Visit the Downloads page for details on downloading Apache Geronimo
v2.1.4 server assemblies:
http://geronimo.apache.org/downloads.html
A big THANK YOU to all that contributed to this release! Great work
everyone!
Terrific!
Joe and Donald deserve a special round-of-applause here -- they
carried a lot of the burden in resolving these security
vulnerabilities. Also thanks to Jarek and Joe for seeing this release
out.
As Joe noted in the SECURITY announcement, Digital Security Research
Group (dsecrg.com) was extremely helpful in identifying, discussing,
and testing these security issues. Thanks!
--kevan
