Author: bodewig
Date: Wed May 13 16:26:21 2020
New Revision: 1877701
URL: http://svn.apache.org/viewvc?rev=1877701&view=rev
Log:
announce releases
Modified:
ant/site/ant/production/antnews.html
ant/site/ant/production/bindownload.html
ant/site/ant/production/faq.html
ant/site/ant/production/index.html
ant/site/ant/production/manual-1.9.x/running.html
ant/site/ant/production/manual/running.html
ant/site/ant/production/manualdownload.html
ant/site/ant/production/security.html
ant/site/ant/production/srcdownload.html
ant/site/ant/sources/antnews.xml
ant/site/ant/sources/bindownload.xml
ant/site/ant/sources/faq.xml
ant/site/ant/sources/index.xml
ant/site/ant/sources/manualdownload.xml
ant/site/ant/sources/security.xml
ant/site/ant/sources/srcdownload.xml
Modified: ant/site/ant/production/antnews.html
URL:
http://svn.apache.org/viewvc/ant/site/ant/production/antnews.html?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/production/antnews.html (original)
+++ ant/site/ant/production/antnews.html Wed May 13 16:26:21 2020
@@ -227,6 +227,27 @@
<div class="content">
<h1 class="title">Apache Ant™ Project News</h1>
<h3 class="section">
+ <a name="Apache Ant 1.9.15 and 1.10.8"></a>
+ Apache Ant 1.9.15 and 1.10.8
+ </h3>
+ <h3>May 13, 2020 - Apache Ant 1.9.15 and 1.10.8
Released</h3>
+ <p>Apache Ant 1.9.15 and 1.10.8 are now
available for download as source or
+ binary from
+ <a
href="https://ant.apache.org/bindownload.cgi";>https://ant.apache.org/bindownload.cgi</a>.</p>
+ <p>The Apache Ant team currently maintains two
lines of
+ development. The 1.9.x releases require Java5 at runtime and 1.10.x
+ requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and
+ the 1.9.x releases are mostly bug fix releases while additional new
+ features are developed for 1.10.x. We recommend using 1.10.x unless
+ you are required to use versions of Java prior to Java8 during the
+ build process.</p>
+ <p>Ant 1.10.8 contains a superset of 1.9.15 -
with the exception of
+ a few tasks and features that no longer work with Java8 anyway
+ (like the <code>apt</code> task).</p>
+ <p>Both releases address a insecure temporary
file vulnerability
+ vulnerability, see the <a href="./security.html">security
+ report</a> for details.</p>
+ <h3 class="section">
<a name="Apache Ant 1.10.7"></a>
Apache Ant 1.10.7
</h3>
Modified: ant/site/ant/production/bindownload.html
URL:
http://svn.apache.org/viewvc/ant/site/ant/production/bindownload.html?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/production/bindownload.html (original)
+++ ant/site/ant/production/bindownload.html Wed May 13 16:26:21 2020
@@ -275,13 +275,13 @@ Other mirrors: <select name="Preferred">
features are developed for 1.10.x. We recommend using 1.10.x unless
you are required to use versions of Java prior to Java8 during the
build process.</p>
- <p>Currently, Apache Ant 1.9.14 and 1.10.7 are
the best available
+ <p>Currently, Apache Ant 1.9.15 and 1.10.8 are
the best available
versions, see the <a href="[preferred]/ant/README.html">release
notes</a>.</p>
<div class="warning">
<div class="label">Note</div>
-<div class="content">Ant 1.10.7 has been released on
-5-Sep-2019 and may not be available on all mirrors for a few
+<div class="content">Ant 1.10.8 and 1.9.15 have been released on
+13-May-2020 and may not be available on all mirrors for a few
days.</div>
</div>
<br />
@@ -291,50 +291,50 @@ days.</div>
require gnu tar to do the extraction.</div>
</div>
<h3 class="section">
- <a name="1.9.14 release - requires minimum of Java 5 at runtime"></a>
- 1.9.14 release - requires minimum of Java 5 at runtime
+ <a name="1.9.15 release - requires minimum of Java 5 at runtime"></a>
+ 1.9.15 release - requires minimum of Java 5 at runtime
</h3>
<ul>
- <li>1.9.14 <code>.zip</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.9.14-bin.zip">apache-ant-1.9.14-bin.zip</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.zip.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.9.14-bin.tar.gz">apache-ant-1.9.14-bin.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.9.14-bin.tar.bz2">apache-ant-1.9.14-bin.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.tar.bz2.sha512";>SHA512</a>]
+ <li>1.9.15 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.9.15-bin.zip">apache-ant-1.9.15-bin.zip</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.9.15-bin.tar.gz">apache-ant-1.9.15-bin.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.9.15-bin.tar.bz2">apache-ant-1.9.15-bin.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.tar.bz2.sha512";>SHA512</a>]
</li>
</ul>
<h3 class="section">
- <a name="1.10.7 release - requires minimum of Java 8 at runtime"></a>
- 1.10.7 release - requires minimum of Java 8 at runtime
+ <a name="1.10.8 release - requires minimum of Java 8 at runtime"></a>
+ 1.10.8 release - requires minimum of Java 8 at runtime
</h3>
<ul>
- <li>1.10.7 <code>.zip</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.10.7-bin.zip">apache-ant-1.10.7-bin.zip</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.zip.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.10.7-bin.tar.gz">apache-ant-1.10.7-bin.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.10.7-bin.tar.bz2">apache-ant-1.10.7-bin.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.bz2.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.xz</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.10.7-bin.tar.xz">apache-ant-1.10.7-bin.tar.xz</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.xz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.xz.sha512";>SHA512</a>]
+ <li>1.10.8 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.10.8-bin.zip">apache-ant-1.10.8-bin.zip</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.10.8-bin.tar.gz">apache-ant-1.10.8-bin.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.10.8-bin.tar.bz2">apache-ant-1.10.8-bin.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.bz2.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.xz</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.10.8-bin.tar.xz">apache-ant-1.10.8-bin.tar.xz</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.xz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.xz.sha512";>SHA512</a>]
</li>
</ul>
<h3 class="section">
@@ -358,17 +358,17 @@ directory</a>, rather than from a mirror
using</p>
<p><code>
% pgpk -a KEYS<br />
-% pgpv apache-ant-1.10.7-bin.tar.gz.asc<br />
+% pgpv apache-ant-1.10.8-bin.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% pgp -ka KEYS<br />
-% pgp apache-ant-1.10.7-bin.tar.gz.asc<br />
+% pgp apache-ant-1.10.8-bin.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% gpg --import KEYS<br />
-% gpg --verify apache-ant-1.10.7-bin.tar.gz.asc
+% gpg --verify apache-ant-1.10.8-bin.tar.gz.asc
</code></p>
<p>A command line version of <a
href="https://www.gnupg.org/download/";>GnuPG</a>
is also available for Windows users. Follow the
Modified: ant/site/ant/production/faq.html
URL:
http://svn.apache.org/viewvc/ant/site/ant/production/faq.html?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/production/faq.html (original)
+++ ant/site/ant/production/faq.html Wed May 13 16:26:21 2020
@@ -939,6 +939,16 @@
<tr>
<td colspan="1" rowspan="1"
valign="top" align="left">
+ 1.9.15
+ </td>
+ <td colspan="1" rowspan="1"
+ valign="top" align="left">
+ 13 May 2020
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1" rowspan="1"
+ valign="top" align="left">
1.10.0
</td>
<td colspan="1" rowspan="1"
@@ -1006,6 +1016,16 @@
5 Sep 2019
</td>
</tr>
+ <tr>
+ <td colspan="1" rowspan="1"
+ valign="top" align="left">
+ 1.10.8
+ </td>
+ <td colspan="1" rowspan="1"
+ valign="top" align="left">
+ 13 May 2020
+ </td>
+ </tr>
</table>
<p class="faq">
<a name="java-version"></a>
Modified: ant/site/ant/production/index.html
URL:
http://svn.apache.org/viewvc/ant/site/ant/production/index.html?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/production/index.html (original)
+++ ant/site/ant/production/index.html Wed May 13 16:26:21 2020
@@ -250,11 +250,11 @@
the <a href="https://www.apache.org/";>Apache Software
Foundation</a>.</p>
<h3 class="section">
- <a name="Apache Ant 1.10.7"></a>
- Apache Ant 1.10.7
+ <a name="Apache Ant 1.9.15 and 1.10.8"></a>
+ Apache Ant 1.9.15 and 1.10.8
</h3>
- <h3>Sep 5, 2019 - Apache Ant 1.10.7 Released</h3>
- <p>Apache Ant 1.10.7 is now available for
download as source or
+ <h3>May 13, 2020 - Apache Ant 1.9.15 and 1.10.8
Released</h3>
+ <p>Apache Ant 1.9.15 and 1.10.8 are now
available for download as source or
binary from
<a
href="https://ant.apache.org/bindownload.cgi";>https://ant.apache.org/bindownload.cgi</a>.</p>
<p>The Apache Ant team currently maintains two
lines of
@@ -264,82 +264,12 @@
features are developed for 1.10.x. We recommend using 1.10.x unless
you are required to use versions of Java prior to Java8 during the
build process.</p>
- <p>Ant 1.10.7 is mainly a bug fix release with
few minor enhancements.
- This release includes a major regression fix, which prevented the
- previous 1.10.6 release to be unusable on Java 8 runtimes.
- Among the enhancements, the junitlauncher task now allows including
- or excluding JUnit 5 "tags" during test execution.
- </p>
- <h3 class="section">
- <a name="Apache Ant 1.10.6"></a>
- Apache Ant 1.10.6
- </h3>
- <h3>May 8, 2019 - Apache Ant 1.10.6 Released</h3>
- <p>Apache Ant 1.10.6 is now available for
download as source or
- binary from
- <a
href="https://ant.apache.org/bindownload.cgi";>https://ant.apache.org/bindownload.cgi</a>.</p>
- <p>The Apache Ant team currently maintains two
lines of
- development. The 1.9.x releases require Java5 at runtime and 1.10.x
- requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and
- the 1.9.x releases are mostly bug fix releases while additional new
- features are developed for 1.10.x. We recommend using 1.10.x unless
- you are required to use versions of Java prior to Java8 during the
- build process.</p>
- <p>Ant 1.10.6 consists several bug fixes as
well as enhancements,
- including, but not limited to:
- <ul>
- <li>
- <code>junitlauncher</code> task now supports <code>fork</code>
- mode, to launch the tests in a forked JVM.
- </li>
- <li>
- New tasks <code>jmod</code> and <code>link</code> have been
- introduced to support <code>jmod</code> and <code>jlink</code>
- tools of JDK 9+.
- </li>
- </ul>
- </p>
- <h3 class="section">
- <a name="Apache Ant 1.9.14"></a>
- Apache Ant 1.9.14
- </h3>
- <h3>March 17, 2019 - Apache Ant 1.9.14 Released</h3>
- <p>Apache Ant 1.9.14 is now available for
download as source or
- binary from
- <a
href="https://ant.apache.org/bindownload.cgi";>https://ant.apache.org/bindownload.cgi</a>.</p>
- <p>The Apache Ant team currently maintains two
lines of
- development. The 1.9.x releases require Java5 at runtime and 1.10.x
- requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and
- the 1.9.x releases are mostly bug fix releases while additional new
- features are developed for 1.10.x. We recommend using 1.10.x unless
- you are required to use versions of Java prior to Java8 during the
- build process.</p>
- <p>Ant 1.9.14 mainly consists of bug fixes and
some enhancements in
- the <code>signjar</code> and <code>verifyjar</code> tasks</p>
- <h3 class="section">
- <a name="Apache Ant 1.9.13 and 1.10.5"></a>
- Apache Ant 1.9.13 and 1.10.5
- </h3>
- <h3>Jul 13, 2018 - Apache Ant 1.9.13 and 1.10.5
Released</h3>
- <p>Apache Ant 1.9.13 and 1.10.5 are now
available for download as source or
- binary from
- <a
href="https://ant.apache.org/bindownload.cgi";>https://ant.apache.org/bindownload.cgi</a>.</p>
- <p>The Apache Ant team currently maintains two
lines of
- development. The 1.9.x releases require Java5 at runtime and 1.10.x
- requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and
- the 1.9.x releases are mostly bug fix releases while additional new
- features are developed for 1.10.x. We recommend using 1.10.x unless
- you are required to use versions of Java prior to Java8 during the
- build process.</p>
- <p>Ant 1.10.5 contains a superset of 1.9.13 -
with the exception of
+ <p>Ant 1.10.8 contains a superset of 1.9.15 -
with the exception of
a few tasks and features that no longer work with Java8 anyway
(like the <code>apt</code> task).</p>
- <p>Both releases fix a regression in the
<code>get</code> task and
- a bug inside the path traversal protection of the unarchiving
- tasks that was introduced with 1.9.12 and 1.10.4
- respectively.</p>
- <p>Ant 1.10.5's <code>java</code> task adds
support for the single
- file source execution feature introduced with Java 11.</p>
+ <p>Both releases address a insecure temporary
file vulnerability
+ vulnerability, see the <a href="./security.html">security
+ report</a> for details.</p>
<h3 class="section">
<a name="Apache AntUnit 1.4"></a>
Apache AntUnit 1.4
@@ -430,7 +360,7 @@
Documentation
</h3>
<p>
-You can view the documentation for the current release (Apache Ant 1.10.5)
+You can view the documentation for the current release (Apache Ant 1.10.8)
<a href="manual/index.html">online</a>
</p>
<p>
Modified: ant/site/ant/production/manual-1.9.x/running.html
URL:
http://svn.apache.org/viewvc/ant/site/ant/production/manual-1.9.x/running.html?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/production/manual-1.9.x/running.html (original)
+++ ant/site/ant/production/manual-1.9.x/running.html Wed May 13 16:26:21 2020
@@ -553,8 +553,8 @@ on the platform and the JVM implementati
<p><b>Security Note:</b> Using the default temporary directory
specified by <code>java.io.tmpdir</code> can result in the leakage of
-sensitive information or possibly allow an attacker to execute
-arbitrary code. This is especially true in multi-user environments. It
+sensitive information or possibly allow an attacker to inject source
+files into the build process. This is especially true in multi-user
is recommended that <code>ant.tmpdir</code> be set to a directory
owned by the user running Ant with 0700 permissions.</p>
Modified: ant/site/ant/production/manual/running.html
URL:
http://svn.apache.org/viewvc/ant/site/ant/production/manual/running.html?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/production/manual/running.html (original)
+++ ant/site/ant/production/manual/running.html Wed May 13 16:26:21 2020
@@ -525,11 +525,11 @@ on the platform and the JVM implementati
<p><b>Security Note:</b> Using the default temporary directory
specified by <code>java.io.tmpdir</code> can result in the leakage of
-sensitive information or possibly allow an attacker to execute
-arbitrary code. This is especially true in multi-user environments. It
-is recommended that <code>ant.tmpdir</code> be set to a directory
-owned by the user running Ant with 0700 permissions. Ant 1.10.8 and
-later will try to make temporary files created by it only
+sensitive information or possibly allow an attacker to inject source
+files into the build process. This is especially true in multi-user
+environments. It is recommended that <code>ant.tmpdir</code> be set to
+a directory owned by the user running Ant with 0700 permissions. Ant
+1.10.8 and later will try to make temporary files created by it only
readable/writable by the current user but may silently fail to do so
depending on the OS and filesystem.</p>
Modified: ant/site/ant/production/manualdownload.html
URL:
http://svn.apache.org/viewvc/ant/site/ant/production/manualdownload.html?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/production/manualdownload.html (original)
+++ ant/site/ant/production/manualdownload.html Wed May 13 16:26:21 2020
@@ -269,13 +269,13 @@ Other mirrors: <select name="Preferred">
features are developed for 1.10.x. We recommend using 1.10.x unless
you are required to use versions of Java prior to Java8 during the
build process.</p>
- <p>Currently, Apache Ant 1.9.14 and 1.10.7 are
the best available
+ <p>Currently, Apache Ant 1.9.15 and 1.10.8 are
the best available
versions, see the <a href="[preferred]/ant/README.html">release
notes</a>.</p>
<div class="warning">
<div class="label">Note</div>
-<div class="content">Ant 1.10.7 has been released on
-5-Sep-2019 and may not be available on all mirrors for a few
+<div class="content">Ant 1.10.8 and 1.9.15 have been released on
+13-May-2020 and may not be available on all mirrors for a few
days.</div>
</div>
<br />
@@ -285,50 +285,50 @@ days.</div>
require gnu tar to do the extraction.</div>
</div>
<h3 class="section">
- <a name="1.9.14 release - requires minimum of Java 5 at runtime"></a>
- 1.9.14 release - requires minimum of Java 5 at runtime
+ <a name="1.9.15 release - requires minimum of Java 5 at runtime"></a>
+ 1.9.15 release - requires minimum of Java 5 at runtime
</h3>
<ul>
- <li>1.9.14 <code>.zip</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.9.14-manual.zip">apache-ant-1.9.14-manual.zip</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.zip.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.9.14-manual.tar.gz">apache-ant-1.9.14-manual.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.9.14-manual.tar.bz2">apache-ant-1.9.14-manual.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.tar.bz2.sha512";>SHA512</a>]
+ <li>1.9.15 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.9.15-manual.zip">apache-ant-1.9.15-manual.zip</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.9.15-manual.tar.gz">apache-ant-1.9.15-manual.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.9.15-manual.tar.bz2">apache-ant-1.9.15-manual.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.tar.bz2.sha512";>SHA512</a>]
</li>
</ul>
<h3 class="section">
- <a name="1.10.7 release - requires minimum of Java 8 at runtime"></a>
- 1.10.7 release - requires minimum of Java 8 at runtime
+ <a name="1.10.8 release - requires minimum of Java 8 at runtime"></a>
+ 1.10.8 release - requires minimum of Java 8 at runtime
</h3>
<ul>
- <li>1.10.7 <code>.zip</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.10.7-manual.zip">apache-ant-1.10.7-manual.zip</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.zip.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.10.7-manual.tar.gz">apache-ant-1.10.7-manual.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.10.7-manual.tar.bz2">apache-ant-1.10.7-manual.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.bz2.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.xz</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.10.7-manual.tar.xz">apache-ant-1.10.7-manual.tar.xz</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.xz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.xz.sha512";>SHA512</a>]
+ <li>1.10.8 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.10.8-manual.zip">apache-ant-1.10.8-manual.zip</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.10.8-manual.tar.gz">apache-ant-1.10.8-manual.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.10.8-manual.tar.bz2">apache-ant-1.10.8-manual.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.bz2.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.xz</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.10.8-manual.tar.xz">apache-ant-1.10.8-manual.tar.xz</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.xz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.xz.sha512";>SHA512</a>]
</li>
</ul>
<h3 class="section">
@@ -352,17 +352,17 @@ directory</a>, rather than from a mirror
using</p>
<p><code>
% pgpk -a KEYS<br />
-% pgpv apache-ant-1.10.7-manual.tar.gz.asc<br />
+% pgpv apache-ant-1.10.8-manual.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% pgp -ka KEYS<br />
-% pgp apache-ant-1.10.7-manual.tar.gz.asc<br />
+% pgp apache-ant-1.10.8-manual.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% gpg --import KEYS<br />
-% gpg --verify apache-ant-1.10.7-manual.tar.gz.asc
+% gpg --verify apache-ant-1.10.8-manual.tar.gz.asc
</code></p>
<p>A command line version of <a
href="https://www.gnupg.org/download/";>GnuPG</a>
is also available for Windows users. Follow the
Modified: ant/site/ant/production/security.html
URL:
http://svn.apache.org/viewvc/ant/site/ant/production/security.html?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/production/security.html (original)
+++ ant/site/ant/production/security.html Wed May 13 16:26:21 2020
@@ -265,6 +265,34 @@
the descriptions here are incomplete, please report them
privately to the Apache Security Team. Thank you.</p>
<h4 class="subsection">
+ <a name="Fixed in Apache Ant 1.10.8"></a>
+ Fixed in Apache Ant 1.10.8
+ </h4>
+ <p><b>Medium: insecure temporary file
vulnerability</b> <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1945";>CVE-2020-1945</a></p>
+ <p>Apache Ant uses the default temporary
directory
+ identified by the Java system property
+ <code>java.io.tmpdir</code> for several tasks and may thus
+ leak sensitive information. The fixcrlf and replaceregexp
+ tasks also copy files from the temporary directory back into
+ the build tree allowing an attacker to inject modified
+ source files into the build process.</p>
+ <p><b>Mitigation:</b> Ant users of versions
1.1 to 1.9.14
+ and 1.10.0 to 1.10.7 should set the java.io.tmpdir system
+ property to point to a directory only readable and writable
+ by the current user prior to running Ant.</p>
+ <p>Users of versions 1.9.15 and 1.10.8 can use
the Ant
+ property <code>ant.tmpfile</code> instead. Users of Ant
+ 1.10.8 can rely on Ant protecting the temporary files if the
+ underlying filesystem allows it, but we still recommend
+ using a private temporary directory instead.</p>
+ <p>This was fixed in revisions
+ <a
href="https://gitbox.apache.org/repos/asf?p=ant.git;a=commit;h=9c1f4d905da59bf446570ac28df5b68a37281f35";>9c1f4d905da59bf446570ac28df5b68a37281f35</a>,
+ <a
href="https://gitbox.apache.org/repos/asf?p=ant.git;a=commit;h=041b058c7bf10a94d56db3ca9dba38cf90ab9943";>041b058c7bf10a94d56db3ca9dba38cf90ab9943</a>
and
+ <a
href="https://gitbox.apache.org/repos/asf?p=ant.git;a=commit;h=a8645a151bc706259fb1789ef587d05482d98612";>a8645a151bc706259fb1789ef587d05482d98612</a>.</p>
+ <p>This was first reported to the Security
Team on 29
+ January 2020 and made public on 13 May 2020</p>
+ <p>Affects: until 1.10.7</p>
+ <h4
class="subsection">
<a name="Fixed in Apache Ant 1.9.10 / Ant 1.10.2"></a>
Fixed in Apache Ant 1.9.10 / Ant 1.10.2
</h4>
Modified: ant/site/ant/production/srcdownload.html
URL:
http://svn.apache.org/viewvc/ant/site/ant/production/srcdownload.html?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/production/srcdownload.html (original)
+++ ant/site/ant/production/srcdownload.html Wed May 13 16:26:21 2020
@@ -273,13 +273,13 @@ Other mirrors: <select name="Preferred">
features are developed for 1.10.x. We recommend using 1.10.x unless
you are required to use versions of Java prior to Java8 during the
build process.</p>
- <p>Currently, Apache Ant 1.9.14 and 1.10.7 are
the best available
+ <p>Currently, Apache Ant 1.9.15 and 1.10.8 are
the best available
versions, see the <a href="[preferred]/ant/README.html">release
notes</a>.</p>
<div class="warning">
<div class="label">Note</div>
-<div class="content">Ant 1.10.7 has been released on
-5-Sep-2019 and may not be available on all mirrors for a few
+<div class="content">Ant 1.10.8 and 1.9.15 have been released on
+13-May-2020 and may not be available on all mirrors for a few
days.</div>
</div>
<br />
@@ -289,50 +289,50 @@ days.</div>
require gnu tar to do the extraction.</div>
</div>
<h3 class="section">
- <a name="1.9.14 release - requires minimum of Java 5 at runtime"></a>
- 1.9.14 release - requires minimum of Java 5 at runtime
+ <a name="1.9.15 release - requires minimum of Java 5 at runtime"></a>
+ 1.9.15 release - requires minimum of Java 5 at runtime
</h3>
<ul>
- <li>1.9.14 <code>.zip</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.9.14-src.zip">apache-ant-1.9.14-src.zip</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.zip.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.9.14-src.tar.gz">apache-ant-1.9.14-src.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.9.14-src.tar.bz2">apache-ant-1.9.14-src.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.tar.bz2.sha512";>SHA512</a>]
+ <li>1.9.15 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.9.15-src.zip">apache-ant-1.9.15-src.zip</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.9.15-src.tar.gz">apache-ant-1.9.15-src.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.9.15-src.tar.bz2">apache-ant-1.9.15-src.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.tar.bz2.sha512";>SHA512</a>]
</li>
</ul>
<h3 class="section">
- <a name="1.10.7 release - requires minimum of Java 8 at runtime"></a>
- 1.10.7 release - requires minimum of Java 8 at runtime
+ <a name="1.10.8 release - requires minimum of Java 8 at runtime"></a>
+ 1.10.8 release - requires minimum of Java 8 at runtime
</h3>
<ul>
- <li>1.10.7 <code>.zip</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.10.7-src.zip">apache-ant-1.10.7-src.zip</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.zip.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.10.7-src.tar.gz">apache-ant-1.10.7-src.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.10.7-src.tar.bz2">apache-ant-1.10.7-src.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.bz2.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.xz</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.10.7-src.tar.xz">apache-ant-1.10.7-src.tar.xz</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.xz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.xz.sha512";>SHA512</a>]
+ <li>1.10.8 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.10.8-src.zip">apache-ant-1.10.8-src.zip</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.10.8-src.tar.gz">apache-ant-1.10.8-src.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.10.8-src.tar.bz2">apache-ant-1.10.8-src.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.bz2.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.xz</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.10.8-src.tar.xz">apache-ant-1.10.8-src.tar.xz</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.xz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.xz.sha512";>SHA512</a>]
</li>
</ul>
<h3 class="section">
@@ -356,17 +356,17 @@ directory</a>, rather than from a mirror
using</p>
<p><code>
% pgpk -a KEYS<br />
-% pgpv apache-ant-1.10.7-src.tar.gz.asc<br />
+% pgpv apache-ant-1.10.8-src.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% pgp -ka KEYS<br />
-% pgp apache-ant-1.10.7-src.tar.gz.asc<br />
+% pgp apache-ant-1.10.8-src.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% gpg --import KEYS<br />
-% gpg --verify apache-ant-1.10.7-src.tar.gz.asc
+% gpg --verify apache-ant-1.10.8-src.tar.gz.asc
</code></p>
<p>Alternatively, you can verify the checksums
on the files. Unix
programs called <code>sha1</code>/<code>sha512</code> or
Modified: ant/site/ant/sources/antnews.xml
URL:
http://svn.apache.org/viewvc/ant/site/ant/sources/antnews.xml?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/sources/antnews.xml (original)
+++ ant/site/ant/sources/antnews.xml Wed May 13 16:26:21 2020
@@ -28,6 +28,30 @@
</properties>
<body>
+ <section name="Apache Ant 1.9.15 and 1.10.8">
+ <h3>May 13, 2020 - Apache Ant 1.9.15 and 1.10.8 Released</h3>
+ <p>Apache Ant 1.9.15 and 1.10.8 are now available for download as source or
+ binary from
+ <a
href="https://ant.apache.org/bindownload.cgi";>https://ant.apache.org/bindownload.cgi</a>.</p>
+
+ <p>The Apache Ant team currently maintains two lines of
+ development. The 1.9.x releases require Java5 at runtime and 1.10.x
+ requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and
+ the 1.9.x releases are mostly bug fix releases while additional new
+ features are developed for 1.10.x. We recommend using 1.10.x unless
+ you are required to use versions of Java prior to Java8 during the
+ build process.</p>
+
+ <p>Ant 1.10.8 contains a superset of 1.9.15 - with the exception of
+ a few tasks and features that no longer work with Java8 anyway
+ (like the <code>apt</code> task).</p>
+
+ <p>Both releases address a insecure temporary file vulnerability
+ vulnerability, see the <a href="./security.html">security
+ report</a> for details.</p>
+
+ </section>
+
<section name="Apache Ant 1.10.7">
<h3>Sep 5, 2019 - Apache Ant 1.10.7 Released</h3>
<p>Apache Ant 1.10.7 is now available for download as source or
Modified: ant/site/ant/sources/bindownload.xml
URL:
http://svn.apache.org/viewvc/ant/site/ant/sources/bindownload.xml?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/sources/bindownload.xml (original)
+++ ant/site/ant/sources/bindownload.xml Wed May 13 16:26:21 2020
@@ -88,14 +88,14 @@ Other mirrors: <select name="Preferred">
you are required to use versions of Java prior to Java8 during the
build process.</p>
- <p>Currently, Apache Ant 1.9.14 and 1.10.7 are the best available
+ <p>Currently, Apache Ant 1.9.15 and 1.10.8 are the best available
versions, see the <a href="[preferred]/ant/README.html">release
notes</a>.</p>
<div class="warning">
<div class="label">Note</div>
-<div class="content">Ant 1.10.7 has been released on
-5-Sep-2019 and may not be available on all mirrors for a few
+<div class="content">Ant 1.10.8 and 1.9.15 have been released on
+13-May-2020 and may not be available on all mirrors for a few
days.</div>
</div>
<br></br>
@@ -106,47 +106,47 @@ days.</div>
</div>
</section>
-<section name="1.9.14 release - requires minimum of Java 5 at runtime">
+<section name="1.9.15 release - requires minimum of Java 5 at runtime">
<ul>
- <li>1.9.14 <code>.zip</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.9.14-bin.zip">apache-ant-1.9.14-bin.zip</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.zip.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.9.14-bin.tar.gz">apache-ant-1.9.14-bin.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.9.14-bin.tar.bz2">apache-ant-1.9.14-bin.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.14-bin.tar.bz2.sha512";>SHA512</a>]
+ <li>1.9.15 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.9.15-bin.zip">apache-ant-1.9.15-bin.zip</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.9.15-bin.tar.gz">apache-ant-1.9.15-bin.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.9.15-bin.tar.bz2">apache-ant-1.9.15-bin.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.9.15-bin.tar.bz2.sha512";>SHA512</a>]
</li>
</ul>
</section>
-<section name="1.10.7 release - requires minimum of Java 8 at runtime">
+<section name="1.10.8 release - requires minimum of Java 8 at runtime">
<ul>
- <li>1.10.7 <code>.zip</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.10.7-bin.zip">apache-ant-1.10.7-bin.zip</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.zip.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.10.7-bin.tar.gz">apache-ant-1.10.7-bin.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.10.7-bin.tar.bz2">apache-ant-1.10.7-bin.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.bz2.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.xz</code> archive:
- <a
href="[preferred]/ant/binaries/apache-ant-1.10.7-bin.tar.xz">apache-ant-1.10.7-bin.tar.xz</a>
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.xz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.7-bin.tar.xz.sha512";>SHA512</a>]
+ <li>1.10.8 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.10.8-bin.zip">apache-ant-1.10.8-bin.zip</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.10.8-bin.tar.gz">apache-ant-1.10.8-bin.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.10.8-bin.tar.bz2">apache-ant-1.10.8-bin.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.bz2.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.xz</code> archive:
+ <a
href="[preferred]/ant/binaries/apache-ant-1.10.8-bin.tar.xz">apache-ant-1.10.8-bin.tar.xz</a>
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.xz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/binaries/apache-ant-1.10.8-bin.tar.xz.sha512";>SHA512</a>]
</li>
</ul>
</section>
@@ -176,17 +176,17 @@ using</p>
<p><code>
% pgpk -a KEYS<br />
-% pgpv apache-ant-1.10.7-bin.tar.gz.asc<br />
+% pgpv apache-ant-1.10.8-bin.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% pgp -ka KEYS<br />
-% pgp apache-ant-1.10.7-bin.tar.gz.asc<br />
+% pgp apache-ant-1.10.8-bin.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% gpg --import KEYS<br />
-% gpg --verify apache-ant-1.10.7-bin.tar.gz.asc
+% gpg --verify apache-ant-1.10.8-bin.tar.gz.asc
</code></p>
<p>A command line version of <a
href="https://www.gnupg.org/download/";>GnuPG</a>
Modified: ant/site/ant/sources/faq.xml
URL:
http://svn.apache.org/viewvc/ant/site/ant/sources/faq.xml?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/sources/faq.xml (original)
+++ ant/site/ant/sources/faq.xml Wed May 13 16:26:21 2020
@@ -288,6 +288,10 @@
<td>17 Mar 2019</td>
</tr>
<tr>
+ <td>1.9.15</td>
+ <td>13 May 2020</td>
+ </tr>
+ <tr>
<td>1.10.0</td>
<td>31 Dec 2016</td>
</tr>
@@ -315,6 +319,10 @@
<td>1.10.7</td>
<td>5 Sep 2019</td>
</tr>
+ <tr>
+ <td>1.10.8</td>
+ <td>13 May 2020</td>
+ </tr>
</table>
</answer>
</faq>
Modified: ant/site/ant/sources/index.xml
URL:
http://svn.apache.org/viewvc/ant/site/ant/sources/index.xml?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/sources/index.xml (original)
+++ ant/site/ant/sources/index.xml Wed May 13 16:26:21 2020
@@ -56,9 +56,9 @@
the <a href="https://www.apache.org/";>Apache Software
Foundation</a>.</p>
</section>
- <section name="Apache Ant 1.10.7">
- <h3>Sep 5, 2019 - Apache Ant 1.10.7 Released</h3>
- <p>Apache Ant 1.10.7 is now available for download as source or
+ <section name="Apache Ant 1.9.15 and 1.10.8">
+ <h3>May 13, 2020 - Apache Ant 1.9.15 and 1.10.8 Released</h3>
+ <p>Apache Ant 1.9.15 and 1.10.8 are now available for download as source or
binary from
<a
href="https://ant.apache.org/bindownload.cgi";>https://ant.apache.org/bindownload.cgi</a>.</p>
@@ -70,85 +70,14 @@
you are required to use versions of Java prior to Java8 during the
build process.</p>
- <p>Ant 1.10.7 is mainly a bug fix release with few minor enhancements.
- This release includes a major regression fix, which prevented the
- previous 1.10.6 release to be unusable on Java 8 runtimes.
- Among the enhancements, the junitlauncher task now allows including
- or excluding JUnit 5 "tags" during test execution.
- </p>
- </section>
- <section name="Apache Ant 1.10.6">
- <h3>May 8, 2019 - Apache Ant 1.10.6 Released</h3>
- <p>Apache Ant 1.10.6 is now available for download as source or
- binary from
- <a
href="https://ant.apache.org/bindownload.cgi";>https://ant.apache.org/bindownload.cgi</a>.</p>
-
- <p>The Apache Ant team currently maintains two lines of
- development. The 1.9.x releases require Java5 at runtime and 1.10.x
- requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and
- the 1.9.x releases are mostly bug fix releases while additional new
- features are developed for 1.10.x. We recommend using 1.10.x unless
- you are required to use versions of Java prior to Java8 during the
- build process.</p>
-
- <p>Ant 1.10.6 consists several bug fixes as well as enhancements,
- including, but not limited to:
- <ul>
- <li>
- <code>junitlauncher</code> task now supports <code>fork</code>
- mode, to launch the tests in a forked JVM.
- </li>
- <li>
- New tasks <code>jmod</code> and <code>link</code> have been
- introduced to support <code>jmod</code> and <code>jlink</code>
- tools of JDK 9+.
- </li>
- </ul>
- </p>
- </section>
- <section name="Apache Ant 1.9.14">
- <h3>March 17, 2019 - Apache Ant 1.9.14 Released</h3>
- <p>Apache Ant 1.9.14 is now available for download as source or
- binary from
- <a
href="https://ant.apache.org/bindownload.cgi";>https://ant.apache.org/bindownload.cgi</a>.</p>
-
- <p>The Apache Ant team currently maintains two lines of
- development. The 1.9.x releases require Java5 at runtime and 1.10.x
- requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and
- the 1.9.x releases are mostly bug fix releases while additional new
- features are developed for 1.10.x. We recommend using 1.10.x unless
- you are required to use versions of Java prior to Java8 during the
- build process.</p>
-
- <p>Ant 1.9.14 mainly consists of bug fixes and some enhancements in
- the <code>signjar</code> and <code>verifyjar</code> tasks</p>
-
- </section>
- <section name="Apache Ant 1.9.13 and 1.10.5">
- <h3>Jul 13, 2018 - Apache Ant 1.9.13 and 1.10.5 Released</h3>
- <p>Apache Ant 1.9.13 and 1.10.5 are now available for download as source or
- binary from
- <a
href="https://ant.apache.org/bindownload.cgi";>https://ant.apache.org/bindownload.cgi</a>.</p>
-
- <p>The Apache Ant team currently maintains two lines of
- development. The 1.9.x releases require Java5 at runtime and 1.10.x
- requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and
- the 1.9.x releases are mostly bug fix releases while additional new
- features are developed for 1.10.x. We recommend using 1.10.x unless
- you are required to use versions of Java prior to Java8 during the
- build process.</p>
-
- <p>Ant 1.10.5 contains a superset of 1.9.13 - with the exception of
+ <p>Ant 1.10.8 contains a superset of 1.9.15 - with the exception of
a few tasks and features that no longer work with Java8 anyway
(like the <code>apt</code> task).</p>
- <p>Both releases fix a regression in the <code>get</code> task and
- a bug inside the path traversal protection of the unarchiving
- tasks that was introduced with 1.9.12 and 1.10.4
- respectively.</p>
+ <p>Both releases address a insecure temporary file vulnerability
+ vulnerability, see the <a href="./security.html">security
+ report</a> for details.</p>
- <p>Ant 1.10.5's <code>java</code> task adds support for the single
- file source execution feature introduced with Java 11.</p>
</section>
<section name="Apache AntUnit 1.4">
@@ -244,7 +173,7 @@
<section name="Documentation">
<p>
-You can view the documentation for the current release (Apache Ant 1.10.5)
+You can view the documentation for the current release (Apache Ant 1.10.8)
<a href="manual/index.html">online</a>
</p>
Modified: ant/site/ant/sources/manualdownload.xml
URL:
http://svn.apache.org/viewvc/ant/site/ant/sources/manualdownload.xml?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/sources/manualdownload.xml (original)
+++ ant/site/ant/sources/manualdownload.xml Wed May 13 16:26:21 2020
@@ -83,14 +83,14 @@ Other mirrors: <select name="Preferred">
you are required to use versions of Java prior to Java8 during the
build process.</p>
- <p>Currently, Apache Ant 1.9.14 and 1.10.7 are the best available
+ <p>Currently, Apache Ant 1.9.15 and 1.10.8 are the best available
versions, see the <a href="[preferred]/ant/README.html">release
notes</a>.</p>
<div class="warning">
<div class="label">Note</div>
-<div class="content">Ant 1.10.7 has been released on
-5-Sep-2019 and may not be available on all mirrors for a few
+<div class="content">Ant 1.10.8 and 1.9.15 have been released on
+13-May-2020 and may not be available on all mirrors for a few
days.</div>
</div>
<br></br>
@@ -101,47 +101,47 @@ days.</div>
</div>
</section>
-<section name="1.9.14 release - requires minimum of Java 5 at runtime">
+<section name="1.9.15 release - requires minimum of Java 5 at runtime">
<ul>
- <li>1.9.14 <code>.zip</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.9.14-manual.zip">apache-ant-1.9.14-manual.zip</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.zip.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.9.14-manual.tar.gz">apache-ant-1.9.14-manual.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.9.14-manual.tar.bz2">apache-ant-1.9.14-manual.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.14-manual.tar.bz2.sha512";>SHA512</a>]
+ <li>1.9.15 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.9.15-manual.zip">apache-ant-1.9.15-manual.zip</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.9.15-manual.tar.gz">apache-ant-1.9.15-manual.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.9.15-manual.tar.bz2">apache-ant-1.9.15-manual.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.9.15-manual.tar.bz2.sha512";>SHA512</a>]
</li>
</ul>
</section>
-<section name="1.10.7 release - requires minimum of Java 8 at runtime">
+<section name="1.10.8 release - requires minimum of Java 8 at runtime">
<ul>
- <li>1.10.7 <code>.zip</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.10.7-manual.zip">apache-ant-1.10.7-manual.zip</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.zip.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.10.7-manual.tar.gz">apache-ant-1.10.7-manual.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.10.7-manual.tar.bz2">apache-ant-1.10.7-manual.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.bz2.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.xz</code> archive:
- <a
href="[preferred]/ant/manual/apache-ant-1.10.7-manual.tar.xz">apache-ant-1.10.7-manual.tar.xz</a>
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.xz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.7-manual.tar.xz.sha512";>SHA512</a>]
+ <li>1.10.8 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.10.8-manual.zip">apache-ant-1.10.8-manual.zip</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.10.8-manual.tar.gz">apache-ant-1.10.8-manual.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.10.8-manual.tar.bz2">apache-ant-1.10.8-manual.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.bz2.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.xz</code> archive:
+ <a
href="[preferred]/ant/manual/apache-ant-1.10.8-manual.tar.xz">apache-ant-1.10.8-manual.tar.xz</a>
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.xz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/manual/apache-ant-1.10.8-manual.tar.xz.sha512";>SHA512</a>]
</li>
</ul>
</section>
@@ -169,17 +169,17 @@ using</p>
<p><code>
% pgpk -a KEYS<br />
-% pgpv apache-ant-1.10.7-manual.tar.gz.asc<br />
+% pgpv apache-ant-1.10.8-manual.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% pgp -ka KEYS<br />
-% pgp apache-ant-1.10.7-manual.tar.gz.asc<br />
+% pgp apache-ant-1.10.8-manual.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% gpg --import KEYS<br />
-% gpg --verify apache-ant-1.10.7-manual.tar.gz.asc
+% gpg --verify apache-ant-1.10.8-manual.tar.gz.asc
</code></p>
<p>A command line version of <a
href="https://www.gnupg.org/download/";>GnuPG</a>
Modified: ant/site/ant/sources/security.xml
URL:
http://svn.apache.org/viewvc/ant/site/ant/sources/security.xml?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/sources/security.xml (original)
+++ ant/site/ant/sources/security.xml Wed May 13 16:26:21 2020
@@ -82,6 +82,40 @@
the descriptions here are incomplete, please report them
privately to the Apache Security Team. Thank you.</p>
+ <subsection name="Fixed in Apache Ant 1.10.8">
+ <p><b>Medium: insecure temporary file vulnerability</b> <a
+
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1945";>CVE-2020-1945</a></p>
+
+ <p>Apache Ant uses the default temporary directory
+ identified by the Java system property
+ <code>java.io.tmpdir</code> for several tasks and may thus
+ leak sensitive information. The fixcrlf and replaceregexp
+ tasks also copy files from the temporary directory back into
+ the build tree allowing an attacker to inject modified
+ source files into the build process.</p>
+
+ <p><b>Mitigation:</b> Ant users of versions 1.1 to 1.9.14
+ and 1.10.0 to 1.10.7 should set the java.io.tmpdir system
+ property to point to a directory only readable and writable
+ by the current user prior to running Ant.</p>
+
+ <p>Users of versions 1.9.15 and 1.10.8 can use the Ant
+ property <code>ant.tmpfile</code> instead. Users of Ant
+ 1.10.8 can rely on Ant protecting the temporary files if the
+ underlying filesystem allows it, but we still recommend
+ using a private temporary directory instead.</p>
+
+ <p>This was fixed in revisions
+ <a
href="https://gitbox.apache.org/repos/asf?p=ant.git;a=commit;h=9c1f4d905da59bf446570ac28df5b68a37281f35";>9c1f4d905da59bf446570ac28df5b68a37281f35</a>,
+ <a
href="https://gitbox.apache.org/repos/asf?p=ant.git;a=commit;h=041b058c7bf10a94d56db3ca9dba38cf90ab9943";>041b058c7bf10a94d56db3ca9dba38cf90ab9943</a>
and
+ <a
href="https://gitbox.apache.org/repos/asf?p=ant.git;a=commit;h=a8645a151bc706259fb1789ef587d05482d98612";>a8645a151bc706259fb1789ef587d05482d98612</a>.</p>
+
+ <p>This was first reported to the Security Team on 29
+ January 2020 and made public on 13 May 2020</p>
+
+ <p>Affects: until 1.10.7</p>
+ </subsection>
+
<subsection name="Fixed in Apache Ant 1.9.10 / Ant 1.10.2">
<p><b>Low: Denial of Service</b> <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5645";>CVE-2017-5645</a></p>
Modified: ant/site/ant/sources/srcdownload.xml
URL:
http://svn.apache.org/viewvc/ant/site/ant/sources/srcdownload.xml?rev=1877701&r1=1877700&r2=1877701&view=diff
==============================================================================
--- ant/site/ant/sources/srcdownload.xml (original)
+++ ant/site/ant/sources/srcdownload.xml Wed May 13 16:26:21 2020
@@ -85,14 +85,14 @@ Other mirrors: <select name="Preferred">
you are required to use versions of Java prior to Java8 during the
build process.</p>
- <p>Currently, Apache Ant 1.9.14 and 1.10.7 are the best available
+ <p>Currently, Apache Ant 1.9.15 and 1.10.8 are the best available
versions, see the <a href="[preferred]/ant/README.html">release
notes</a>.</p>
<div class="warning">
<div class="label">Note</div>
-<div class="content">Ant 1.10.7 has been released on
-5-Sep-2019 and may not be available on all mirrors for a few
+<div class="content">Ant 1.10.8 and 1.9.15 have been released on
+13-May-2020 and may not be available on all mirrors for a few
days.</div>
</div>
<br></br>
@@ -103,47 +103,47 @@ days.</div>
</div>
</section>
-<section name="1.9.14 release - requires minimum of Java 5 at runtime">
+<section name="1.9.15 release - requires minimum of Java 5 at runtime">
<ul>
- <li>1.9.14 <code>.zip</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.9.14-src.zip">apache-ant-1.9.14-src.zip</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.zip.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.9.14-src.tar.gz">apache-ant-1.9.14-src.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.9.14 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.9.14-src.tar.bz2">apache-ant-1.9.14-src.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.14-src.tar.bz2.sha512";>SHA512</a>]
+ <li>1.9.15 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.9.15-src.zip">apache-ant-1.9.15-src.zip</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.9.15-src.tar.gz">apache-ant-1.9.15-src.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.9.15 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.9.15-src.tar.bz2">apache-ant-1.9.15-src.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.9.15-src.tar.bz2.sha512";>SHA512</a>]
</li>
</ul>
</section>
-<section name="1.10.7 release - requires minimum of Java 8 at runtime">
+<section name="1.10.8 release - requires minimum of Java 8 at runtime">
<ul>
- <li>1.10.7 <code>.zip</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.10.7-src.zip">apache-ant-1.10.7-src.zip</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.zip.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.zip.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.gz</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.10.7-src.tar.gz">apache-ant-1.10.7-src.tar.gz</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.gz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.gz.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.bz2</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.10.7-src.tar.bz2">apache-ant-1.10.7-src.tar.bz2</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.bz2.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.bz2.sha512";>SHA512</a>]
- </li>
- <li>1.10.7 <code>.tar.xz</code> archive:
- <a
href="[preferred]/ant/source/apache-ant-1.10.7-src.tar.xz">apache-ant-1.10.7-src.tar.xz</a>
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.xz.asc";>PGP</a>]
- [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.7-src.tar.xz.sha512";>SHA512</a>]
+ <li>1.10.8 <code>.zip</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.10.8-src.zip">apache-ant-1.10.8-src.zip</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.zip.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.zip.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.gz</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.10.8-src.tar.gz">apache-ant-1.10.8-src.tar.gz</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.gz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.gz.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.bz2</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.10.8-src.tar.bz2">apache-ant-1.10.8-src.tar.bz2</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.bz2.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.bz2.sha512";>SHA512</a>]
+ </li>
+ <li>1.10.8 <code>.tar.xz</code> archive:
+ <a
href="[preferred]/ant/source/apache-ant-1.10.8-src.tar.xz">apache-ant-1.10.8-src.tar.xz</a>
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.xz.asc";>PGP</a>]
+ [<a
href="https://downloads.apache.org/ant/source/apache-ant-1.10.8-src.tar.xz.sha512";>SHA512</a>]
</li>
</ul>
</section>
@@ -173,17 +173,17 @@ using</p>
<p><code>
% pgpk -a KEYS<br />
-% pgpv apache-ant-1.10.7-src.tar.gz.asc<br />
+% pgpv apache-ant-1.10.8-src.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% pgp -ka KEYS<br />
-% pgp apache-ant-1.10.7-src.tar.gz.asc<br />
+% pgp apache-ant-1.10.8-src.tar.gz.asc<br />
</code>
<em>or</em><br />
<code>
% gpg --import KEYS<br />
-% gpg --verify apache-ant-1.10.7-src.tar.gz.asc
+% gpg --verify apache-ant-1.10.8-src.tar.gz.asc
</code></p>
<p>Alternatively, you can verify the checksums on the files. Unix
