Dear DSpace Community:
On behalf of the DSpace developers, I would like to formally announce
that DSpace 5.3 is now available. DSpace 5.3 is a bug-fix and (minor)
security release and contains no new features.
DSpace 5.3 can be downloaded immediately from:
https://github.com/DSpace/DSpace/releases/tag/dspace-5.3
5.3 Release notes are available at:
https://wiki.duraspace.org/display/DSDOC5x/Release+Notes<https://wiki.duraspace.org/display/DSDOC5x/Release+Notes>
(Please note that the 5.3 release is NOT available from SourceForge.
SourceForge has had recent service issues and does not support uploading
new releases at this time.)
In addition, you are welcome to try out DSpace 5.3 on
http://demo.dspace.org/ and continue to provide any early feedback you
may have.
5.3 Bug Fixes
* Security fixes:
o /[LOW SEVERITY]/ /Possible to access files attached to
"in-progress" submissions via a direct link /(DS-2614
<https://jira.duraspace.org/browse/DS-2614> - requires a JIRA
account to access for two weeks, and then will be public)/.
/This vulnerability could allow anyone in the world to download
a file attached to an "in-progress" submission if they are
provided with a direct link to that file (from either UI). While
a direct file link would be very hard to "guess" or stumble
upon, this could allow an individual with deposit rights to make
available content which has not been approved by local DSpace
administrators. This vulnerability has at least existed since
5.0, but may effect versions as old as 3.0.
+ Discovered by Pascal-Nicolas Becker of Technische
Universität Berlin
* Search and browse fixes:
o Solr and Lucene special characters no longer cause search errors
(DS-2339 <https://jira.duraspace.org/browse/DS-2339>, DS-2461
<https://jira.duraspace.org/browse/DS-2461>, DS-2472
<https://jira.duraspace.org/browse/DS-2472>)
o Resolved issues jumping to values when browsing by title or date
(DS-2571 <https://jira.duraspace.org/browse/DS-2571>, DS-2602
<https://jira.duraspace.org/browse/DS-2602>)
* OAI fixes:
o Performing a full OAI import now also cleans the OAI cache
(DS-2543 <https://jira.duraspace.org/browse/DS-2543>)
o Harvested items are now properly imported in OAI (DS-2554
<https://jira.duraspace.org/browse/DS-2554>)
o Tombstones (deleted item status) are now properly applied for
withdrawn items (DS-2593
<https://jira.duraspace.org/browse/DS-2593>)
(note: this requires 'import' to be run, the OAI event consumer
will not create tombstones automatically)
o dc.date.available is now properly exposed when using the mets
metadata format (DS-2598
<https://jira.duraspace.org/browse/DS-2598>)
* Authorization policy fixes:
o Custom policies for items in workspace or workflow (eg. embargo
lifts) are now ignored by AuthorizeManager (DS-2614
<https://jira.duraspace.org/browse/DS-2614>)
o ||NULL Resource Policy types (commonly found when upgrading from
DSpace < 3.0) are now handled correctly by AuthorizeManager
(DS-2587 <https://jira.duraspace.org/browse/DS-2587>)
o Item-level versioning now carries across all custom policies in
new item versions (eg. embargos) (DS-2358
<https://jira.duraspace.org/browse/DS-2358>)
* Other notable fixes:
o Optimized "Select Collection" query is now disabled by default
as a workaround to ensure special group lookups (LDAP,
Shibboleth) work out-of-the-box (DS-2673
<https://jira.duraspace.org/browse/DS-2673>)
o Resolved issue where citation_pdf_url metadata was NULL for
items with multiple bitstreams but no primary bitstream (DS-2603
<https://jira.duraspace.org/browse/DS-2603>)
o ||dc.rights metadata is now properly exposed in embedded XHTML
head DC (DS-2568 <https://jira.duraspace.org/browse/DS-2658>)
For much more information on each of these and other fixes, please visit
our 5.x Release Notes:
https://wiki.duraspace.org/display/DSDOC5x/Release+Notes
5.3 Documentation
The DSpace 5.x documentation is available online at:
https://wiki.duraspace.org/display/DSDOC5x/
A PDF copy of the documentation can also be downloaded from:
https://github.com/DSpace/DSpace/releases/download/dspace-5.3/DSpace-Manual.pdf
5.3 Acknowledgments
The DSpace application would not exist without the hard work and support
of the community. Thank you to the many developers who have worked very
hard to deliver all the new features and improvements. Also thanks to
the users who provided input and feedback on the development, as well
those who participated in the testathons.
The 5.3 release was led by Kim Shepherd (University of Auckland Library)
and the Committers.
The following individuals provided code or bug fixes to the 5.3 release:
Tim Donohue (tdonohue), Ondřej Košarko (kosarko), Bram Luyten
(bram-atmire), Pascal-Nicolas Becker (pnbecker), Pablo Buenaposada
(pablobuenaposada), Nicolas Schwab (nicolasschwab), Andrea Schweer
(aschweer), Àlex Magaz Graça (rivaldi8), Roeland Dillen (rradillen),
junwei1229, and Claudia Juergen (cjuergen).
A detailed listing of all known people/institutions who contributed
directly to DSpace 5.x is available in the Release Notes. If you
contributed and were accidentally not listed, please let us know so that
we can correct it!
More Information
More information on this release is also available in the DSpace 5.x
Release Notes at:
https://wiki.duraspace.org/display/DSDOC5x/Release+Notes<https://wiki.duraspace.org/display/DSDOC5x/Release+Notes>
As always, we are happy to hear back from the community about DSpace.
Please let us know what you think of 5.3!
Tim Donohue, on behalf of the DSpace 5.3 Release Team, and all the
DSpace developers.
--
Tim Donohue
Technical Lead for DSpace & DSpaceDirect
DuraSpace.org | DSpace.org | DSpaceDirect.org
------------------------------------------------------------------------------
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
