Author: jboynes
Date: Wed Mar 18 03:06:46 2015
New Revision: 1667436
URL: http://svn.apache.org/r1667436
Log:
Update news item to refer to cve.mitre.org
Modified:
tomcat/site/trunk/docs/index.html
tomcat/site/trunk/xdocs/index.xml
Modified: tomcat/site/trunk/docs/index.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1667436&r1=1667435&r2=1667436&view=diff
==============================================================================
--- tomcat/site/trunk/docs/index.html (original)
+++ tomcat/site/trunk/docs/index.html Wed Mar 18 03:06:46 2015
@@ -238,7 +238,7 @@ of the JSTL 1.2 specification.
<p>
Version 1.2.3 is a security and bug fix release. It fixes a few bugs found
in Standard Taglib 1.2.1 and provides protection against
-<a
href="http://mail-archives.apache.org/mod_mbox/www-announce/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E";>CVE-2015-0254</a>
+<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254";>CVE-2015-0254</a>
vulnerability (XXE and RCE via XSL extension in JSTL XML tags).
</p>
Modified: tomcat/site/trunk/xdocs/index.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/index.xml?rev=1667436&r1=1667435&r2=1667436&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/index.xml (original)
+++ tomcat/site/trunk/xdocs/index.xml Wed Mar 18 03:06:46 2015
@@ -40,13 +40,10 @@ project logo are trademarks of the Apach
<section name="Apache Standard Taglib 1.2.3 Released" rtext="2015-02-20">
<!--
FIXME:
- 1. CVE link goes to [email protected] mail archive.
- It cannot go to cve.mitre.org, as they have not published this CVE
number.
- It cannot go to [email protected] archive, as announcement is not
there. Stuck in moderation?
- There is no taglibs page at http://tomcat.apache.org/security.html
+ 1. There is no taglibs page at http://tomcat.apache.org/security.html
2. Changelog link goes to SVN repository.
Is the CHANGES file published on the site?
- Maybe upload it to the download ares?
+ Maybe upload it to the download area?
-->
<p>
The Apache Tomcat Project is proud to announce the release of version 1.2.3 of
@@ -56,7 +53,7 @@ of the JSTL 1.2 specification.
<p>
Version 1.2.3 is a security and bug fix release. It fixes a few bugs found
in Standard Taglib 1.2.1 and provides protection against
-<a
href="http://mail-archives.apache.org/mod_mbox/www-announce/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E";>CVE-2015-0254</a>
+<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254";>CVE-2015-0254</a>
vulnerability (XXE and RCE via XSL extension in JSTL XML tags).
</p>
<p>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
