svn commit: r1667436 - in /tomcat/site/trunk: docs/index.html xdocs/index.xml

Tue, 17 Mar 2015 20:07:29 -0700 

Author: jboynes
Date: Wed Mar 18 03:06:46 2015
New Revision: 1667436

URL: http://svn.apache.org/r1667436
Log:
Update news item to refer to cve.mitre.org

Modified:
    tomcat/site/trunk/docs/index.html
    tomcat/site/trunk/xdocs/index.xml

Modified: tomcat/site/trunk/docs/index.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1667436&r1=1667435&r2=1667436&view=diff
==============================================================================
--- tomcat/site/trunk/docs/index.html (original)
+++ tomcat/site/trunk/docs/index.html Wed Mar 18 03:06:46 2015
@@ -238,7 +238,7 @@ of the JSTL 1.2 specification.
 <p>
 Version 1.2.3 is a security and bug fix release. It fixes a few bugs found
 in Standard Taglib 1.2.1 and provides protection against
-<a 
href="http://mail-archives.apache.org/mod_mbox/www-announce/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E";>CVE-2015-0254</a>
+<a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254";>CVE-2015-0254</a>
 vulnerability (XXE and RCE via XSL extension in JSTL XML tags).
 </p>
 

Modified: tomcat/site/trunk/xdocs/index.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/index.xml?rev=1667436&r1=1667435&r2=1667436&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/index.xml (original)
+++ tomcat/site/trunk/xdocs/index.xml Wed Mar 18 03:06:46 2015
@@ -40,13 +40,10 @@ project logo are trademarks of the Apach
 <section name="Apache Standard Taglib 1.2.3 Released" rtext="2015-02-20">
 <!--
   FIXME:
-   1. CVE link goes to accounce@a.o mail archive.
-      It cannot go to cve.mitre.org, as they have not published this CVE 
number.
-      It cannot go to announce@tomcat.a.o archive, as announcement is not 
there. Stuck in moderation?
-      There is no taglibs page at http://tomcat.apache.org/security.html
+   1. There is no taglibs page at http://tomcat.apache.org/security.html
    2. Changelog link goes to SVN repository.
       Is the CHANGES file published on the site?
-      Maybe upload it to the download ares?
+      Maybe upload it to the download area?
 -->
 <p>
 The Apache Tomcat Project is proud to announce the release of version 1.2.3 of 
@@ -56,7 +53,7 @@ of the JSTL 1.2 specification.
 <p>
 Version 1.2.3 is a security and bug fix release. It fixes a few bugs found
 in Standard Taglib 1.2.1 and provides protection against
-<a 
href="http://mail-archives.apache.org/mod_mbox/www-announce/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E";>CVE-2015-0254</a>
+<a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254";>CVE-2015-0254</a>
 vulnerability (XXE and RCE via XSL extension in JSTL XML tags).
 </p>
 <p>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to