This is an automated email from the ASF dual-hosted git repository.
brondsem pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/allura-site.git
The following commit(s) were added to refs/heads/asf-site by this push:
new 4a31a3e publish 1.16 with security notice
4a31a3e is described below
commit 4a31a3e55af55e8cb2647b1620a9ac939a298b7c
Author: Dave Brondsema <d...@brondsema.net>
AuthorDate: Mon Nov 6 17:26:55 2023 -0500
publish 1.16 with security notice
---
_src/content/2023-allura-1.16.0.md | 56 +++++++++++
_src/pelicanconf.py | 6 +-
download.html | 8 +-
feeds/all.atom.xml | 30 +++++-
feeds/tag.release.atom.xml | 30 +++++-
index.html | 8 +-
news.html | 11 ++
download.html => posts/2023-allura-1.16.0.html | 133 ++++++++++---------------
tag/release.html | 11 ++
9 files changed, 197 insertions(+), 96 deletions(-)
diff --git a/_src/content/2023-allura-1.16.0.md
b/_src/content/2023-allura-1.16.0.md
new file mode 100644
index 0000000..edfa6b7
--- /dev/null
+++ b/_src/content/2023-allura-1.16.0.md
@@ -0,0 +1,56 @@
+Title: Apache Allura 1.16.0 released with critical security fix
+Date: 2023-11-06
+Tags: release
+Slug: allura-1.16.0
+Summary: Version 1.16.0 of Allura released with critical security fix
+
+#### What's New?
+
+Apache Allura 1.16.0 has been released. It has a critical security fix and
also drops Python 3.7 support.
+
+For full details of all the changes and fixes, see the [CHANGES
file](https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES).
+
+#### Critical Security Fix
+
+CVE-2023-46851 sensitive information exposure via import
+
+Severity: Critical<br>
+Versions Affected: 1.0.1 through 1.15.0
+
+**Description:**<br>
+Allura Discussion and Allura Forum importing does not restrict URL values
specified in attachments. Project administrators can run these imports, which
could cause Allura to read local files and expose them. Exposing internal
files then can lead to other exploits, like session hijacking, or remote code
execution.
+
+**Mitigation:**<br>
+Users of Allura should upgrade to Allura 1.16.0 immediately.
+
+If you are unable to upgrade, set this in your .ini config file:
+
+```
+disable_entry_points.allura.importers = forge-tracker, forge-discussion
+```
+
+That same .ini setting is also recommend for users who want maximum security
on their Allura instance and don't need those importers available.
+
+**Credit:**<br>
+This issue was discovered by Stefan Schiller (Sonar)
+
+#### Python 3.8 through 3.11 supported
+
+This release drops support for Python 3.7 and supports Python 3.8 through
Python 3.11
+
+#### Upgrade Instructions
+
+To install updated dependencies, run: `pip install -r requirements.txt
--no-deps --upgrade --upgrade-strategy=only-if-needed`
+
+Run: `paster ensure_index development.ini` in Allura dir
+
+If switching to a new version of Python, you will need to make a completely
new python virtual environment,
+and run `pip install ...` in it, and then use it to run Allura.
+
+If using docker, rebuild the allura image and restart containers.
+
+Feel free to ask any questions on the [dev mailing
list](https://lists.apache.org/list.html?d...@allura.apache.org).
+
+#### Get 1.16.0
+
+[Download Allura](//allura.apache.org/download.html) and [install
it](https://forge-allura.apache.org/docs/getting_started/installation.html)
today.
diff --git a/_src/pelicanconf.py b/_src/pelicanconf.py
index a5be8f9..c7265bb 100644
--- a/_src/pelicanconf.py
+++ b/_src/pelicanconf.py
@@ -45,9 +45,9 @@ TAG_FEED_ATOM = 'feeds/tag.{slug}.atom.xml'
CURRENT_YEAR = dt.date.today().year
-RELEASE_VERSION = '1.15.0'
-RELEASE_DATE = 'Sep 2023'
-RELEASE_NEWS = 'posts/2023-allura-1.15.0.html'
+RELEASE_VERSION = '1.16.0'
+RELEASE_DATE = 'Nov 2023'
+RELEASE_NEWS = 'posts/2023-allura-1.16.0.html'
DIST_URL = 'https://downloads.apache.org/allura/'
FORGE_ALLURA_URL = 'https://forge-allura.apache.org/'
diff --git a/download.html b/download.html
index d9e681a..91dabd8 100644
--- a/download.html
+++ b/download.html
@@ -54,15 +54,15 @@
<div class="col-20 no-float auto-margin">
<div class="row">
<p class="pad-md">
- <a
href="https://www.apache.org/dyn/closer.cgi/allura/allura-1.15.0.tar.gz";>Download
Allura v1.15.0</a>. This is the latest release of Apache Allura, released Sep
2023.
- <a href="posts/2023-allura-1.15.0.html">Read what's new.</a>
+ <a
href="https://www.apache.org/dyn/closer.cgi/allura/allura-1.16.0.tar.gz";>Download
Allura v1.16.0</a>. This is the latest release of Apache Allura, released Nov
2023.
+ <a href="posts/2023-allura-1.16.0.html">Read what's new.</a>
</p>
<p>
Verify the download:
</p>
<ul>
- <li><a
href="https://downloads.apache.org/allura/allura-1.15.0.tar.gz.sha512";>SHA-512</a>
checksum</li>
- <li>PGP <a
href="https://downloads.apache.org/allura/allura-1.15.0.tar.gz.asc";>signature</a>
& <a href="https://downloads.apache.org/allura/KEYS";>keys</a></li>
+ <li><a
href="https://downloads.apache.org/allura/allura-1.16.0.tar.gz.sha512";>SHA-512</a>
checksum</li>
+ <li>PGP <a
href="https://downloads.apache.org/allura/allura-1.16.0.tar.gz.asc";>signature</a>
& <a href="https://downloads.apache.org/allura/KEYS";>keys</a></li>
</ul>
<p>
<a
href="https://www.apache.org/info/verification.html";>Instructions for how to
verify a download using these files.</a>
diff --git a/feeds/all.atom.xml b/feeds/all.atom.xml
index 23c2c57..250cc25 100644
--- a/feeds/all.atom.xml
+++ b/feeds/all.atom.xml
@@ -1,5 +1,33 @@
<?xml version="1.0" encoding="utf-8"?>
-<feed xmlns="http://www.w3.org/2005/Atom";><title>Apache Allura</title><link
href="//allura.apache.org/" rel="alternate"></link><link
href="//allura.apache.org/feeds/all.atom.xml"
rel="self"></link><id>//allura.apache.org/</id><updated>2023-09-18T00:00:00+00:00</updated><entry><title>Apache
Allura 1.15.0 released</title><link
href="//allura.apache.org/posts/2023-allura-1.15.0.html"
rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><updated>2023-09-18T00:00:00+00:00</u
[...]
+<feed xmlns="http://www.w3.org/2005/Atom";><title>Apache Allura</title><link
href="//allura.apache.org/" rel="alternate"></link><link
href="//allura.apache.org/feeds/all.atom.xml"
rel="self"></link><id>//allura.apache.org/</id><updated>2023-11-06T00:00:00+00:00</updated><entry><title>Apache
Allura 1.16.0 released with critical security fix</title><link
href="//allura.apache.org/posts/2023-allura-1.16.0.html"
rel="alternate"></link><published>2023-11-06T00:00:00+00:00</published><updated>2
[...]
+<p>Apache Allura 1.16.0 has been released. It has a critical security
fix and also drops Python 3.7 support.</p>
+<p>For full details of all the changes and fixes, see the <a
href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES
file</a>. </p>
+<h4>Critical Security Fix</h4>
+<p>CVE-2023-46851 sensitive information exposure via import </p>
+<p>Severity: Critical<br>
+Versions Affected: 1.0.1 through 1.15.0</p>
+<p><strong>Description:</strong><br>
+Allura Discussion and Allura Forum importing does not restrict URL values
specified in attachments. Project administrators can run these imports, which
could cause Allura to read local files and expose them. Exposing internal
files then can lead to other exploits, like session hijacking, or remote code
execution.</p>
+<p><strong>Mitigation:</strong><br>
+Users of Allura should upgrade to Allura 1.16.0 immediately.</p>
+<p>If you are unable to upgrade, set this in your .ini config
file:</p>
+<div
class="highlight"><pre><span></span><code>disable_entry_points.allura.importers
= forge-tracker, forge-discussion
+</code></pre></div>
+
+<p>That same .ini setting is also recommend for users who want maximum
security on their Allura instance and don't need those importers
available.</p>
+<p><strong>Credit:</strong><br>
+This issue was discovered by Stefan Schiller (Sonar)</p>
+<h4>Python 3.8 through 3.11 supported</h4>
+<p>This release drops support for Python 3.7 and supports Python 3.8
through Python 3.11</p>
+<h4>Upgrade Instructions</h4>
+<p>To install updated dependencies, run: <code>pip install -r
requirements.txt --no-deps --upgrade
--upgrade-strategy=only-if-needed</code></p>
+<p>Run: <code>paster ensure_index development.ini</code> in
Allura dir</p>
+<p>If switching to a new version of Python, you will need to make a
completely new python virtual environment,
+and run <code>pip install ...</code> in it, and then use it to run
Allura.</p>
+<p>If using docker, rebuild the allura image and restart
containers.</p>
+<p>Feel free to ask any questions on the <a
href="https://lists.apache.org/list.html?d...@allura.apache.org">dev mailing
list</a>.</p>
+<h4>Get 1.16.0</h4>
+<p><a href="//allura.apache.org/download.html">Download
Allura</a> and <a
href="https://forge-allura.apache.org/docs/getting_started/installation.html">install
it</a> today.</p></content><category
term="misc"></category><category
term="release"></category></entry><entry><title>Apache Allura 1.15.0
released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html"
rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><update
[...]
<p>Apache Allura 1.15.0 has been released, after a long time since
1.14.0. This release adds support for more Python versions (see next section)
and Content-Security-Policy headers. Many other fixes and improvements are
also included, they relate to SEO, performance and different parts of
Allura.</p>
<p>For full details of all the changes and fixes, see the <a
href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES
file</a>. </p>
<h4>Python 3.7 through 3.11 supported</h4>
diff --git a/feeds/tag.release.atom.xml b/feeds/tag.release.atom.xml
index a83d9e4..2b7e98c 100644
--- a/feeds/tag.release.atom.xml
+++ b/feeds/tag.release.atom.xml
@@ -1,5 +1,33 @@
<?xml version="1.0" encoding="utf-8"?>
-<feed xmlns="http://www.w3.org/2005/Atom";><title>Apache Allura -
release</title><link href="//allura.apache.org/" rel="alternate"></link><link
href="//allura.apache.org/feeds/tag.release.atom.xml"
rel="self"></link><id>//allura.apache.org/</id><updated>2023-09-18T00:00:00+00:00</updated><entry><title>Apache
Allura 1.15.0 released</title><link
href="//allura.apache.org/posts/2023-allura-1.15.0.html"
rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><updated>2023-09-18
[...]
+<feed xmlns="http://www.w3.org/2005/Atom";><title>Apache Allura -
release</title><link href="//allura.apache.org/" rel="alternate"></link><link
href="//allura.apache.org/feeds/tag.release.atom.xml"
rel="self"></link><id>//allura.apache.org/</id><updated>2023-11-06T00:00:00+00:00</updated><entry><title>Apache
Allura 1.16.0 released with critical security fix</title><link
href="//allura.apache.org/posts/2023-allura-1.16.0.html"
rel="alternate"></link><published>2023-11-06T00:00:00+00:00</pu [...]
+<p>Apache Allura 1.16.0 has been released. It has a critical security
fix and also drops Python 3.7 support.</p>
+<p>For full details of all the changes and fixes, see the <a
href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES
file</a>. </p>
+<h4>Critical Security Fix</h4>
+<p>CVE-2023-46851 sensitive information exposure via import </p>
+<p>Severity: Critical<br>
+Versions Affected: 1.0.1 through 1.15.0</p>
+<p><strong>Description:</strong><br>
+Allura Discussion and Allura Forum importing does not restrict URL values
specified in attachments. Project administrators can run these imports, which
could cause Allura to read local files and expose them. Exposing internal
files then can lead to other exploits, like session hijacking, or remote code
execution.</p>
+<p><strong>Mitigation:</strong><br>
+Users of Allura should upgrade to Allura 1.16.0 immediately.</p>
+<p>If you are unable to upgrade, set this in your .ini config
file:</p>
+<div
class="highlight"><pre><span></span><code>disable_entry_points.allura.importers
= forge-tracker, forge-discussion
+</code></pre></div>
+
+<p>That same .ini setting is also recommend for users who want maximum
security on their Allura instance and don't need those importers
available.</p>
+<p><strong>Credit:</strong><br>
+This issue was discovered by Stefan Schiller (Sonar)</p>
+<h4>Python 3.8 through 3.11 supported</h4>
+<p>This release drops support for Python 3.7 and supports Python 3.8
through Python 3.11</p>
+<h4>Upgrade Instructions</h4>
+<p>To install updated dependencies, run: <code>pip install -r
requirements.txt --no-deps --upgrade
--upgrade-strategy=only-if-needed</code></p>
+<p>Run: <code>paster ensure_index development.ini</code> in
Allura dir</p>
+<p>If switching to a new version of Python, you will need to make a
completely new python virtual environment,
+and run <code>pip install ...</code> in it, and then use it to run
Allura.</p>
+<p>If using docker, rebuild the allura image and restart
containers.</p>
+<p>Feel free to ask any questions on the <a
href="https://lists.apache.org/list.html?d...@allura.apache.org">dev mailing
list</a>.</p>
+<h4>Get 1.16.0</h4>
+<p><a href="//allura.apache.org/download.html">Download
Allura</a> and <a
href="https://forge-allura.apache.org/docs/getting_started/installation.html">install
it</a> today.</p></content><category
term="misc"></category><category
term="release"></category></entry><entry><title>Apache Allura 1.15.0
released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html"
rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><update
[...]
<p>Apache Allura 1.15.0 has been released, after a long time since
1.14.0. This release adds support for more Python versions (see next section)
and Content-Security-Policy headers. Many other fixes and improvements are
also included, they relate to SEO, performance and different parts of
Allura.</p>
<p>For full details of all the changes and fixes, see the <a
href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES
file</a>. </p>
<h4>Python 3.7 through 3.11 supported</h4>
diff --git a/index.html b/index.html
index 5cfa5ab..61f6e85 100644
--- a/index.html
+++ b/index.html
@@ -84,18 +84,18 @@
<h3 class="text-center">Get the Latest Version of Allura</h3>
<div class="row pad-vert-md">
<div id="release" class="col-12 auto-margin pad-vert-xs text-center">
- <a href="//allura.apache.org/download.html"><button
class="auto-margin">Download v1.15.0</button></a>
- <span class="text-white">Sep 2023 —</span>
- <a href="posts/2023-allura-1.15.0.html">What's New</a>
+ <a href="//allura.apache.org/download.html"><button
class="auto-margin">Download v1.16.0</button></a>
+ <span class="text-white">Nov 2023 —</span>
+ <a href="posts/2023-allura-1.16.0.html">What's New</a>
</div>
<div id="news" class="col-12 auto-margin pad-vert-xs text-center">
<h5>News</h5>
<ul>
+ <li><a
href="//allura.apache.org/posts/2023-allura-1.16.0.html">Apache Allura 1.16.0
released with critical security fix</a></li>
<li><a
href="//allura.apache.org/posts/2023-allura-1.15.0.html">Apache Allura 1.15.0
released</a></li>
<li><a
href="//allura.apache.org/posts/2022-allura-1.14.0.html">Apache Allura 1.14.0
released</a></li>
<li><a
href="//allura.apache.org/posts/2021-allura-1.13.0.html">Apache Allura 1.13.0
released</a></li>
<li><a
href="//allura.apache.org/posts/2019-allura-1.12.0.html">Apache Allura 1.12.0
released</a></li>
- <li><a
href="//allura.apache.org/posts/2019-allura-1.11.1.html">Apache Allura 1.11.1
released</a></li>
<li><a href="//allura.apache.org/news.html">All News
→</a></li>
</ul>
</div>
diff --git a/news.html b/news.html
index 45d8591..1b18538 100644
--- a/news.html
+++ b/news.html
@@ -52,6 +52,17 @@
<h2>All News</h2>
<div class="row bg-white pad-bot-md text-center">
+ <div class="row pad-top-md">
+ <h3><a class="text-black"
href="//allura.apache.org/posts/2023-allura-1.16.0.html">Apache Allura 1.16.0
released with critical security fix</a></h3>
+ </div>
+
+ <div class="post-info">
+ Published:
+ <abbr class="published" title="2023-11-06T00:00:00+00:00">
+ Mon 06 November 2023
+ </abbr>
+ </div>
+ <div class="entry-content"> <p>Version 1.16.0 of Allura released with
critical security fix</p> </div>
<div class="row pad-top-md">
<h3><a class="text-black"
href="//allura.apache.org/posts/2023-allura-1.15.0.html">Apache Allura 1.15.0
released</a></h3>
</div>
diff --git a/download.html b/posts/2023-allura-1.16.0.html
similarity index 54%
copy from download.html
copy to posts/2023-allura-1.16.0.html
index d9e681a..e76bc7e 100644
--- a/download.html
+++ b/posts/2023-allura-1.16.0.html
@@ -1,8 +1,9 @@
<!DOCTYPE html>
<html lang="en">
<head>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <title>Apache Allura</title>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ <title> Apache Allura 1.16.0 released with critical security fix
+</title>
<meta charset="utf-8">
<meta name="description" content="Allura is an open source implementation of
a software forge, a site that manages source code repositories, bug reports,
discussions, and more for projects.">
<meta name="keywords" content="">
@@ -31,9 +32,12 @@
<link rel="stylesheet" type="text/css"
href="//allura.apache.org/theme/css/flex.min.css">
<link rel="stylesheet" type="text/css"
href="//allura.apache.org/theme/css/style.css">
+ <link rel="stylesheet" type="text/css"
href="//allura.apache.org/theme/css/article.css">
+
+
</head>
-<body cz-shortcut-listen="true" class="pg-download">
+<body cz-shortcut-listen="true" class="pg-">
<section id="content_wrapper" class="mobile-desktop row">
<div id="header" class="row ">
<header id="login_header" class="row">
@@ -45,96 +49,58 @@
</header>
</div>
-<div id="about" class="row bg-white pad-vert-xl">
+ <div class="article-content">
+<div class="row bg-white pad-vert-lg">
<div class="row">
- <h3 class="text-black text-center">Download Allura</h3>
+ <h3 class="text-black text-center">Apache Allura 1.16.0 released with
critical security fix</h3>
+ </div>
+
+ <div class="post-info text-center">
+ Published:
+ <abbr class="published" title="2023-11-06T00:00:00+00:00">
+ Mon 06 November 2023
+ </abbr>
+ <br>
+ Tagged:
+ <a href="//allura.apache.org/tag/release.html">release</a>
</div>
<div class="row">
<div class="col-20 no-float auto-margin">
<div class="row">
- <p class="pad-md">
- <a
href="https://www.apache.org/dyn/closer.cgi/allura/allura-1.15.0.tar.gz";>Download
Allura v1.15.0</a>. This is the latest release of Apache Allura, released Sep
2023.
- <a href="posts/2023-allura-1.15.0.html">Read what's new.</a>
- </p>
- <p>
- Verify the download:
- </p>
- <ul>
- <li><a
href="https://downloads.apache.org/allura/allura-1.15.0.tar.gz.sha512";>SHA-512</a>
checksum</li>
- <li>PGP <a
href="https://downloads.apache.org/allura/allura-1.15.0.tar.gz.asc";>signature</a>
& <a href="https://downloads.apache.org/allura/KEYS";>keys</a></li>
- </ul>
- <p>
- <a
href="https://www.apache.org/info/verification.html";>Instructions for how to
verify a download using these files.</a>
- </p>
+ <div class="pad-md text-black"><h4>What's New?</h4>
+<p>Apache Allura 1.16.0 has been released. It has a critical security fix and
also drops Python 3.7 support.</p>
+<p>For full details of all the changes and fixes, see the <a
href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES";>CHANGES
file</a>. </p>
+<h4>Critical Security Fix</h4>
+<p>CVE-2023-46851 sensitive information exposure via import </p>
+<p>Severity: Critical<br>
+Versions Affected: 1.0.1 through 1.15.0</p>
+<p><strong>Description:</strong><br>
+Allura Discussion and Allura Forum importing does not restrict URL values
specified in attachments. Project administrators can run these imports, which
could cause Allura to read local files and expose them. Exposing internal
files then can lead to other exploits, like session hijacking, or remote code
execution.</p>
+<p><strong>Mitigation:</strong><br>
+Users of Allura should upgrade to Allura 1.16.0 immediately.</p>
+<p>If you are unable to upgrade, set this in your .ini config file:</p>
+<div
class="highlight"><pre><span></span><code>disable_entry_points.allura.importers
= forge-tracker, forge-discussion
+</code></pre></div>
+
+<p>That same .ini setting is also recommend for users who want maximum
security on their Allura instance and don't need those importers available.</p>
+<p><strong>Credit:</strong><br>
+This issue was discovered by Stefan Schiller (Sonar)</p>
+<h4>Python 3.8 through 3.11 supported</h4>
+<p>This release drops support for Python 3.7 and supports Python 3.8 through
Python 3.11</p>
+<h4>Upgrade Instructions</h4>
+<p>To install updated dependencies, run: <code>pip install -r requirements.txt
--no-deps --upgrade --upgrade-strategy=only-if-needed</code></p>
+<p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p>
+<p>If switching to a new version of Python, you will need to make a completely
new python virtual environment,
+and run <code>pip install ...</code> in it, and then use it to run Allura.</p>
+<p>If using docker, rebuild the allura image and restart containers.</p>
+<p>Feel free to ask any questions on the <a
href="https://lists.apache.org/list.html?d...@allura.apache.org";>dev mailing
list</a>.</p>
+<h4>Get 1.16.0</h4>
+<p><a href="//allura.apache.org/download.html">Download Allura</a> and <a
href="https://forge-allura.apache.org/docs/getting_started/installation.html";>install
it</a> today.</p></div>
</div>
</div>
</div>
</div>
-
-<div id="latest" class="row pad-vert-xl parallax" style="background-position:
0px 0px;">
- <div class="col-16 no-float auto-margin">
- <div class="row">
- <h3 class="text-center">More about Allura</h3>
- <div class="text-center row text-white">
- <p class="pad-md">
- See the <a href="//allura.apache.org/">Allura homepage</a> for
latest news, instructions, and project information.
- </p>
- <p>
- <a href="https://archive.apache.org/dist/allura/";>Archive of
older releases</a>
- </p>
- </div>
- </div>
- </div>
-
- <div class="col-8">
- <div class="row">
- <div class="col-12 no-float auto-margin">
- </div>
- <div class="col-12 no-float auto-margin">
- </div>
- </div>
- </div>
-</div>
-
-
-<div id="apache" class="row bg-orange pad-vert-xl">
- <div class="col-20 no-float auto-margin">
- <div class="row">
- <h3 class="text-center">Apache Software Foundation</h3>
- </div>
-
- <div class="row">
- <img class="auto-margin pad-vert-md" src="theme/img/logo-asf-apache.png"
alt="apache software foundation logo">
- </div>
-
- <div class="row auto-margin button-container">
- <div class="col-8 pad-vert-sm">
- <a href="https://www.apache.org/licenses/";><button
class="auto-margin">License</button></a>
- </div>
-
- <div class="col-8 pad-vert-sm">
- <a href="https://www.apache.org/foundation/sponsorship.html";><button
class="auto-margin">Sponsorship</button></a>
- </div>
-
- <div class="col-8 pad-vert-sm">
- <a href="https://www.apache.org/foundation/thanks.html";><button
class="auto-margin">Thanks</button></a>
- </div>
- </div>
- <div class="row auto-margin button-container">
- <div class="col-8 pad-vert-sm">
- <a href="https://www.apache.org/security/";><button
class="auto-margin">Security</button></a>
- </div>
-
- <div class="col-8 pad-vert-sm">
- <a
href="https://privacy.apache.org/policies/privacy-policy-public.html";><button
class="auto-margin">Privacy Policy</button></a>
- </div>
-
- <div class="col-8 pad-vert-sm">
- <a href="https://www.apache.org/";><button
class="auto-margin">Apacheā¢</button></a>
- </div>
- </div>
- </div>
</div>
<div class="row">
@@ -148,6 +114,7 @@
<script type="application/javascript"
src="//allura.apache.org/theme/js/jquery-1.11.2.min.js"></script>
<script type="application/javascript"
src="//allura.apache.org/theme/js/frontend.js"></script>
+ <script type="application/javascript"
src="//allura.apache.org/theme/js/article.js"></script>
<!-- Credits
Logo Design: Will Leonard
diff --git a/tag/release.html b/tag/release.html
index 4ad8b4c..6e630f1 100644
--- a/tag/release.html
+++ b/tag/release.html
@@ -52,6 +52,17 @@
<h2>Articles tagged 'release'</h2>
<div class="row bg-white pad-bot-md text-center">
+ <div class="row pad-top-md">
+ <h3><a class="text-black"
href="//allura.apache.org/posts/2023-allura-1.16.0.html">Apache Allura 1.16.0
released with critical security fix</a></h3>
+ </div>
+
+ <div class="post-info">
+ Published:
+ <abbr class="published" title="2023-11-06T00:00:00+00:00">
+ Mon 06 November 2023
+ </abbr>
+ </div>
+ <div class="entry-content"> <p>Version 1.16.0 of Allura released with
critical security fix</p> </div>
<div class="row pad-top-md">
<h3><a class="text-black"
href="//allura.apache.org/posts/2023-allura-1.15.0.html">Apache Allura 1.15.0
released</a></h3>
</div>
