Got it guys, I will really warn and document this update for end-users.
Regards
JB
On 09/08/2011 01:29 PM, Daniel Kulp wrote:
On Thursday, September 08, 2011 12:31:33 PM Andreas Pieber wrote:
I've though we've settled with staying with Spring 3.0.6.RELEASE and
cxf/camel upgrade?
+1
The 3.0.6 changelog includes a couple security vulnerabilities (including an
XSS one) . There aren't any details in the changelog, but I'm very
uncomfortable shipping things with known public security issues. Since it's a
patch, I see no issue with it. It should be less of an issue than upgrading
from Jetty 7.3.x to 7.4.x that was done in Karaf 2.2.1.
Dan
On Thu, Sep 8, 2011 at 11:07, Jean-Baptiste Onofré<[email protected]> wrote:
Hi all,
following our previous discussion around Camel and CXF, I would like:
- to rollback to Spring 3.0.5.RELEASE on karaf-2.2.x branch
- release Karaf 2.2.4 or maybe override the Karaf 2.2.3 with Spring
3.0.5.RELEASE
- let the Spring 3.0.6.RELEASE upgrade to Karaf 3.0.x
WDYT ?
Regards
JB
--
Jean-Baptiste Onofré
[email protected]
http://blog.nanthrax.net
Talend - http://www.talend.com
--
Jean-Baptiste Onofré
[email protected]
http://blog.nanthrax.net
Talend - http://www.talend.com
