Apache Cocoon 2.1 and 3.0 retired
-
After the recent release of Cocoon 2.3.0, the Apache Cocoon Community has
decided to retire both 2.1 and 3.0 versions, to focus on further
developments
of the 2.3 branch
The 2.1 branch was first released
Severity: moderate
Affected versions:
- Apache Cocoon 2.2.0 before 2.3.0
Description:
Improper Neutralization of Special Elements used in an SQL Command ('SQL
Injection') vulnerability in Apache Cocoon.This issue affects Apache Cocoon:
from 2.2.0 before 2.3.0.
Users are recommended to
Severity: important
Affected versions:
- Apache Cocoon 2.2.0 before 2.3.0
Description:
Improper Restriction of XML External Entity Reference vulnerability in Apache
Cocoon.This issue affects Apache Cocoon: from 2.2.0 before 2.3.0.
Users are recommended to upgrade to version 2.3.0, which
/shadow
Credit: This issue was discovered by Nassim Asrir.
Regards,
--
Cédric Damioli
Apache Cocoon 2.1.13 Released
-
The Apache Cocoon Community is proud to announce the new release
of Apache Cocoon.
Apache Cocoon is a web development framework built around the concept
of separation of concerns (that is: allowing people to do their job