This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/allura-site.git
The following commit(s) were added to refs/heads/asf-site by this push: new 4a31a3e publish 1.16 with security notice 4a31a3e is described below commit 4a31a3e55af55e8cb2647b1620a9ac939a298b7c Author: Dave Brondsema <d...@brondsema.net> AuthorDate: Mon Nov 6 17:26:55 2023 -0500 publish 1.16 with security notice --- _src/content/2023-allura-1.16.0.md | 56 +++++++++++ _src/pelicanconf.py | 6 +- download.html | 8 +- feeds/all.atom.xml | 30 +++++- feeds/tag.release.atom.xml | 30 +++++- index.html | 8 +- news.html | 11 ++ download.html => posts/2023-allura-1.16.0.html | 133 ++++++++++--------------- tag/release.html | 11 ++ 9 files changed, 197 insertions(+), 96 deletions(-) diff --git a/_src/content/2023-allura-1.16.0.md b/_src/content/2023-allura-1.16.0.md new file mode 100644 index 0000000..edfa6b7 --- /dev/null +++ b/_src/content/2023-allura-1.16.0.md @@ -0,0 +1,56 @@ +Title: Apache Allura 1.16.0 released with critical security fix +Date: 2023-11-06 +Tags: release +Slug: allura-1.16.0 +Summary: Version 1.16.0 of Allura released with critical security fix + +#### What's New? + +Apache Allura 1.16.0 has been released. It has a critical security fix and also drops Python 3.7 support. + +For full details of all the changes and fixes, see the [CHANGES file](https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES). + +#### Critical Security Fix + +CVE-2023-46851 sensitive information exposure via import + +Severity: Critical<br> +Versions Affected: 1.0.1 through 1.15.0 + +**Description:**<br> +Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution. + +**Mitigation:**<br> +Users of Allura should upgrade to Allura 1.16.0 immediately. + +If you are unable to upgrade, set this in your .ini config file: + +``` +disable_entry_points.allura.importers = forge-tracker, forge-discussion +``` + +That same .ini setting is also recommend for users who want maximum security on their Allura instance and don't need those importers available. + +**Credit:**<br> +This issue was discovered by Stefan Schiller (Sonar) + +#### Python 3.8 through 3.11 supported + +This release drops support for Python 3.7 and supports Python 3.8 through Python 3.11 + +#### Upgrade Instructions + +To install updated dependencies, run: `pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed` + +Run: `paster ensure_index development.ini` in Allura dir + +If switching to a new version of Python, you will need to make a completely new python virtual environment, +and run `pip install ...` in it, and then use it to run Allura. + +If using docker, rebuild the allura image and restart containers. + +Feel free to ask any questions on the [dev mailing list](https://lists.apache.org/list.html?d...@allura.apache.org). + +#### Get 1.16.0 + +[Download Allura](//allura.apache.org/download.html) and [install it](https://forge-allura.apache.org/docs/getting_started/installation.html) today. diff --git a/_src/pelicanconf.py b/_src/pelicanconf.py index a5be8f9..c7265bb 100644 --- a/_src/pelicanconf.py +++ b/_src/pelicanconf.py @@ -45,9 +45,9 @@ TAG_FEED_ATOM = 'feeds/tag.{slug}.atom.xml' CURRENT_YEAR = dt.date.today().year -RELEASE_VERSION = '1.15.0' -RELEASE_DATE = 'Sep 2023' -RELEASE_NEWS = 'posts/2023-allura-1.15.0.html' +RELEASE_VERSION = '1.16.0' +RELEASE_DATE = 'Nov 2023' +RELEASE_NEWS = 'posts/2023-allura-1.16.0.html' DIST_URL = 'https://downloads.apache.org/allura/' FORGE_ALLURA_URL = 'https://forge-allura.apache.org/' diff --git a/download.html b/download.html index d9e681a..91dabd8 100644 --- a/download.html +++ b/download.html @@ -54,15 +54,15 @@ <div class="col-20 no-float auto-margin"> <div class="row"> <p class="pad-md"> - <a href="https://www.apache.org/dyn/closer.cgi/allura/allura-1.15.0.tar.gz">Download Allura v1.15.0</a>. This is the latest release of Apache Allura, released Sep 2023. - <a href="posts/2023-allura-1.15.0.html">Read what's new.</a> + <a href="https://www.apache.org/dyn/closer.cgi/allura/allura-1.16.0.tar.gz">Download Allura v1.16.0</a>. This is the latest release of Apache Allura, released Nov 2023. + <a href="posts/2023-allura-1.16.0.html">Read what's new.</a> </p> <p> Verify the download: </p> <ul> - <li><a href="https://downloads.apache.org/allura/allura-1.15.0.tar.gz.sha512">SHA-512</a> checksum</li> - <li>PGP <a href="https://downloads.apache.org/allura/allura-1.15.0.tar.gz.asc">signature</a> & <a href="https://downloads.apache.org/allura/KEYS">keys</a></li> + <li><a href="https://downloads.apache.org/allura/allura-1.16.0.tar.gz.sha512">SHA-512</a> checksum</li> + <li>PGP <a href="https://downloads.apache.org/allura/allura-1.16.0.tar.gz.asc">signature</a> & <a href="https://downloads.apache.org/allura/KEYS">keys</a></li> </ul> <p> <a href="https://www.apache.org/info/verification.html">Instructions for how to verify a download using these files.</a> diff --git a/feeds/all.atom.xml b/feeds/all.atom.xml index 23c2c57..250cc25 100644 --- a/feeds/all.atom.xml +++ b/feeds/all.atom.xml @@ -1,5 +1,33 @@ <?xml version="1.0" encoding="utf-8"?> -<feed xmlns="http://www.w3.org/2005/Atom"><title>Apache Allura</title><link href="//allura.apache.org/" rel="alternate"></link><link href="//allura.apache.org/feeds/all.atom.xml" rel="self"></link><id>//allura.apache.org/</id><updated>2023-09-18T00:00:00+00:00</updated><entry><title>Apache Allura 1.15.0 released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html" rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><updated>2023-09-18T00:00:00+00:00</u [...] +<feed xmlns="http://www.w3.org/2005/Atom"><title>Apache Allura</title><link href="//allura.apache.org/" rel="alternate"></link><link href="//allura.apache.org/feeds/all.atom.xml" rel="self"></link><id>//allura.apache.org/</id><updated>2023-11-06T00:00:00+00:00</updated><entry><title>Apache Allura 1.16.0 released with critical security fix</title><link href="//allura.apache.org/posts/2023-allura-1.16.0.html" rel="alternate"></link><published>2023-11-06T00:00:00+00:00</published><updated>2 [...] +<p>Apache Allura 1.16.0 has been released. It has a critical security fix and also drops Python 3.7 support.</p> +<p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p> +<h4>Critical Security Fix</h4> +<p>CVE-2023-46851 sensitive information exposure via import </p> +<p>Severity: Critical<br> +Versions Affected: 1.0.1 through 1.15.0</p> +<p><strong>Description:</strong><br> +Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution.</p> +<p><strong>Mitigation:</strong><br> +Users of Allura should upgrade to Allura 1.16.0 immediately.</p> +<p>If you are unable to upgrade, set this in your .ini config file:</p> +<div class="highlight"><pre><span></span><code>disable_entry_points.allura.importers = forge-tracker, forge-discussion +</code></pre></div> + +<p>That same .ini setting is also recommend for users who want maximum security on their Allura instance and don't need those importers available.</p> +<p><strong>Credit:</strong><br> +This issue was discovered by Stefan Schiller (Sonar)</p> +<h4>Python 3.8 through 3.11 supported</h4> +<p>This release drops support for Python 3.7 and supports Python 3.8 through Python 3.11</p> +<h4>Upgrade Instructions</h4> +<p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p> +<p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p> +<p>If switching to a new version of Python, you will need to make a completely new python virtual environment, +and run <code>pip install ...</code> in it, and then use it to run Allura.</p> +<p>If using docker, rebuild the allura image and restart containers.</p> +<p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?d...@allura.apache.org">dev mailing list</a>.</p> +<h4>Get 1.16.0</h4> +<p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.15.0 released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html" rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><update [...] <p>Apache Allura 1.15.0 has been released, after a long time since 1.14.0. This release adds support for more Python versions (see next section) and Content-Security-Policy headers. Many other fixes and improvements are also included, they relate to SEO, performance and different parts of Allura.</p> <p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p> <h4>Python 3.7 through 3.11 supported</h4> diff --git a/feeds/tag.release.atom.xml b/feeds/tag.release.atom.xml index a83d9e4..2b7e98c 100644 --- a/feeds/tag.release.atom.xml +++ b/feeds/tag.release.atom.xml @@ -1,5 +1,33 @@ <?xml version="1.0" encoding="utf-8"?> -<feed xmlns="http://www.w3.org/2005/Atom"><title>Apache Allura - release</title><link href="//allura.apache.org/" rel="alternate"></link><link href="//allura.apache.org/feeds/tag.release.atom.xml" rel="self"></link><id>//allura.apache.org/</id><updated>2023-09-18T00:00:00+00:00</updated><entry><title>Apache Allura 1.15.0 released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html" rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><updated>2023-09-18 [...] +<feed xmlns="http://www.w3.org/2005/Atom"><title>Apache Allura - release</title><link href="//allura.apache.org/" rel="alternate"></link><link href="//allura.apache.org/feeds/tag.release.atom.xml" rel="self"></link><id>//allura.apache.org/</id><updated>2023-11-06T00:00:00+00:00</updated><entry><title>Apache Allura 1.16.0 released with critical security fix</title><link href="//allura.apache.org/posts/2023-allura-1.16.0.html" rel="alternate"></link><published>2023-11-06T00:00:00+00:00</pu [...] +<p>Apache Allura 1.16.0 has been released. It has a critical security fix and also drops Python 3.7 support.</p> +<p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p> +<h4>Critical Security Fix</h4> +<p>CVE-2023-46851 sensitive information exposure via import </p> +<p>Severity: Critical<br> +Versions Affected: 1.0.1 through 1.15.0</p> +<p><strong>Description:</strong><br> +Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution.</p> +<p><strong>Mitigation:</strong><br> +Users of Allura should upgrade to Allura 1.16.0 immediately.</p> +<p>If you are unable to upgrade, set this in your .ini config file:</p> +<div class="highlight"><pre><span></span><code>disable_entry_points.allura.importers = forge-tracker, forge-discussion +</code></pre></div> + +<p>That same .ini setting is also recommend for users who want maximum security on their Allura instance and don't need those importers available.</p> +<p><strong>Credit:</strong><br> +This issue was discovered by Stefan Schiller (Sonar)</p> +<h4>Python 3.8 through 3.11 supported</h4> +<p>This release drops support for Python 3.7 and supports Python 3.8 through Python 3.11</p> +<h4>Upgrade Instructions</h4> +<p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p> +<p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p> +<p>If switching to a new version of Python, you will need to make a completely new python virtual environment, +and run <code>pip install ...</code> in it, and then use it to run Allura.</p> +<p>If using docker, rebuild the allura image and restart containers.</p> +<p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?d...@allura.apache.org">dev mailing list</a>.</p> +<h4>Get 1.16.0</h4> +<p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.15.0 released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html" rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><update [...] <p>Apache Allura 1.15.0 has been released, after a long time since 1.14.0. This release adds support for more Python versions (see next section) and Content-Security-Policy headers. Many other fixes and improvements are also included, they relate to SEO, performance and different parts of Allura.</p> <p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p> <h4>Python 3.7 through 3.11 supported</h4> diff --git a/index.html b/index.html index 5cfa5ab..61f6e85 100644 --- a/index.html +++ b/index.html @@ -84,18 +84,18 @@ <h3 class="text-center">Get the Latest Version of Allura</h3> <div class="row pad-vert-md"> <div id="release" class="col-12 auto-margin pad-vert-xs text-center"> - <a href="//allura.apache.org/download.html"><button class="auto-margin">Download v1.15.0</button></a> - <span class="text-white">Sep 2023 —</span> - <a href="posts/2023-allura-1.15.0.html">What's New</a> + <a href="//allura.apache.org/download.html"><button class="auto-margin">Download v1.16.0</button></a> + <span class="text-white">Nov 2023 —</span> + <a href="posts/2023-allura-1.16.0.html">What's New</a> </div> <div id="news" class="col-12 auto-margin pad-vert-xs text-center"> <h5>News</h5> <ul> + <li><a href="//allura.apache.org/posts/2023-allura-1.16.0.html">Apache Allura 1.16.0 released with critical security fix</a></li> <li><a href="//allura.apache.org/posts/2023-allura-1.15.0.html">Apache Allura 1.15.0 released</a></li> <li><a href="//allura.apache.org/posts/2022-allura-1.14.0.html">Apache Allura 1.14.0 released</a></li> <li><a href="//allura.apache.org/posts/2021-allura-1.13.0.html">Apache Allura 1.13.0 released</a></li> <li><a href="//allura.apache.org/posts/2019-allura-1.12.0.html">Apache Allura 1.12.0 released</a></li> - <li><a href="//allura.apache.org/posts/2019-allura-1.11.1.html">Apache Allura 1.11.1 released</a></li> <li><a href="//allura.apache.org/news.html">All News →</a></li> </ul> </div> diff --git a/news.html b/news.html index 45d8591..1b18538 100644 --- a/news.html +++ b/news.html @@ -52,6 +52,17 @@ <h2>All News</h2> <div class="row bg-white pad-bot-md text-center"> + <div class="row pad-top-md"> + <h3><a class="text-black" href="//allura.apache.org/posts/2023-allura-1.16.0.html">Apache Allura 1.16.0 released with critical security fix</a></h3> + </div> + + <div class="post-info"> + Published: + <abbr class="published" title="2023-11-06T00:00:00+00:00"> + Mon 06 November 2023 + </abbr> + </div> + <div class="entry-content"> <p>Version 1.16.0 of Allura released with critical security fix</p> </div> <div class="row pad-top-md"> <h3><a class="text-black" href="//allura.apache.org/posts/2023-allura-1.15.0.html">Apache Allura 1.15.0 released</a></h3> </div> diff --git a/download.html b/posts/2023-allura-1.16.0.html similarity index 54% copy from download.html copy to posts/2023-allura-1.16.0.html index d9e681a..e76bc7e 100644 --- a/download.html +++ b/posts/2023-allura-1.16.0.html @@ -1,8 +1,9 @@ <!DOCTYPE html> <html lang="en"> <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> - <title>Apache Allura</title> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> + <title> Apache Allura 1.16.0 released with critical security fix +</title> <meta charset="utf-8"> <meta name="description" content="Allura is an open source implementation of a software forge, a site that manages source code repositories, bug reports, discussions, and more for projects."> <meta name="keywords" content=""> @@ -31,9 +32,12 @@ <link rel="stylesheet" type="text/css" href="//allura.apache.org/theme/css/flex.min.css"> <link rel="stylesheet" type="text/css" href="//allura.apache.org/theme/css/style.css"> + <link rel="stylesheet" type="text/css" href="//allura.apache.org/theme/css/article.css"> + + </head> -<body cz-shortcut-listen="true" class="pg-download"> +<body cz-shortcut-listen="true" class="pg-"> <section id="content_wrapper" class="mobile-desktop row"> <div id="header" class="row "> <header id="login_header" class="row"> @@ -45,96 +49,58 @@ </header> </div> -<div id="about" class="row bg-white pad-vert-xl"> + <div class="article-content"> +<div class="row bg-white pad-vert-lg"> <div class="row"> - <h3 class="text-black text-center">Download Allura</h3> + <h3 class="text-black text-center">Apache Allura 1.16.0 released with critical security fix</h3> + </div> + + <div class="post-info text-center"> + Published: + <abbr class="published" title="2023-11-06T00:00:00+00:00"> + Mon 06 November 2023 + </abbr> + <br> + Tagged: + <a href="//allura.apache.org/tag/release.html">release</a> </div> <div class="row"> <div class="col-20 no-float auto-margin"> <div class="row"> - <p class="pad-md"> - <a href="https://www.apache.org/dyn/closer.cgi/allura/allura-1.15.0.tar.gz">Download Allura v1.15.0</a>. This is the latest release of Apache Allura, released Sep 2023. - <a href="posts/2023-allura-1.15.0.html">Read what's new.</a> - </p> - <p> - Verify the download: - </p> - <ul> - <li><a href="https://downloads.apache.org/allura/allura-1.15.0.tar.gz.sha512">SHA-512</a> checksum</li> - <li>PGP <a href="https://downloads.apache.org/allura/allura-1.15.0.tar.gz.asc">signature</a> & <a href="https://downloads.apache.org/allura/KEYS">keys</a></li> - </ul> - <p> - <a href="https://www.apache.org/info/verification.html">Instructions for how to verify a download using these files.</a> - </p> + <div class="pad-md text-black"><h4>What's New?</h4> +<p>Apache Allura 1.16.0 has been released. It has a critical security fix and also drops Python 3.7 support.</p> +<p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p> +<h4>Critical Security Fix</h4> +<p>CVE-2023-46851 sensitive information exposure via import </p> +<p>Severity: Critical<br> +Versions Affected: 1.0.1 through 1.15.0</p> +<p><strong>Description:</strong><br> +Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution.</p> +<p><strong>Mitigation:</strong><br> +Users of Allura should upgrade to Allura 1.16.0 immediately.</p> +<p>If you are unable to upgrade, set this in your .ini config file:</p> +<div class="highlight"><pre><span></span><code>disable_entry_points.allura.importers = forge-tracker, forge-discussion +</code></pre></div> + +<p>That same .ini setting is also recommend for users who want maximum security on their Allura instance and don't need those importers available.</p> +<p><strong>Credit:</strong><br> +This issue was discovered by Stefan Schiller (Sonar)</p> +<h4>Python 3.8 through 3.11 supported</h4> +<p>This release drops support for Python 3.7 and supports Python 3.8 through Python 3.11</p> +<h4>Upgrade Instructions</h4> +<p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p> +<p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p> +<p>If switching to a new version of Python, you will need to make a completely new python virtual environment, +and run <code>pip install ...</code> in it, and then use it to run Allura.</p> +<p>If using docker, rebuild the allura image and restart containers.</p> +<p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?d...@allura.apache.org">dev mailing list</a>.</p> +<h4>Get 1.16.0</h4> +<p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></div> </div> </div> </div> </div> - -<div id="latest" class="row pad-vert-xl parallax" style="background-position: 0px 0px;"> - <div class="col-16 no-float auto-margin"> - <div class="row"> - <h3 class="text-center">More about Allura</h3> - <div class="text-center row text-white"> - <p class="pad-md"> - See the <a href="//allura.apache.org/">Allura homepage</a> for latest news, instructions, and project information. - </p> - <p> - <a href="https://archive.apache.org/dist/allura/">Archive of older releases</a> - </p> - </div> - </div> - </div> - - <div class="col-8"> - <div class="row"> - <div class="col-12 no-float auto-margin"> - </div> - <div class="col-12 no-float auto-margin"> - </div> - </div> - </div> -</div> - - -<div id="apache" class="row bg-orange pad-vert-xl"> - <div class="col-20 no-float auto-margin"> - <div class="row"> - <h3 class="text-center">Apache Software Foundation</h3> - </div> - - <div class="row"> - <img class="auto-margin pad-vert-md" src="theme/img/logo-asf-apache.png" alt="apache software foundation logo"> - </div> - - <div class="row auto-margin button-container"> - <div class="col-8 pad-vert-sm"> - <a href="https://www.apache.org/licenses/"><button class="auto-margin">License</button></a> - </div> - - <div class="col-8 pad-vert-sm"> - <a href="https://www.apache.org/foundation/sponsorship.html"><button class="auto-margin">Sponsorship</button></a> - </div> - - <div class="col-8 pad-vert-sm"> - <a href="https://www.apache.org/foundation/thanks.html"><button class="auto-margin">Thanks</button></a> - </div> - </div> - <div class="row auto-margin button-container"> - <div class="col-8 pad-vert-sm"> - <a href="https://www.apache.org/security/"><button class="auto-margin">Security</button></a> - </div> - - <div class="col-8 pad-vert-sm"> - <a href="https://privacy.apache.org/policies/privacy-policy-public.html"><button class="auto-margin">Privacy Policy</button></a> - </div> - - <div class="col-8 pad-vert-sm"> - <a href="https://www.apache.org/"><button class="auto-margin">Apacheā¢</button></a> - </div> - </div> - </div> </div> <div class="row"> @@ -148,6 +114,7 @@ <script type="application/javascript" src="//allura.apache.org/theme/js/jquery-1.11.2.min.js"></script> <script type="application/javascript" src="//allura.apache.org/theme/js/frontend.js"></script> + <script type="application/javascript" src="//allura.apache.org/theme/js/article.js"></script> <!-- Credits Logo Design: Will Leonard diff --git a/tag/release.html b/tag/release.html index 4ad8b4c..6e630f1 100644 --- a/tag/release.html +++ b/tag/release.html @@ -52,6 +52,17 @@ <h2>Articles tagged 'release'</h2> <div class="row bg-white pad-bot-md text-center"> + <div class="row pad-top-md"> + <h3><a class="text-black" href="//allura.apache.org/posts/2023-allura-1.16.0.html">Apache Allura 1.16.0 released with critical security fix</a></h3> + </div> + + <div class="post-info"> + Published: + <abbr class="published" title="2023-11-06T00:00:00+00:00"> + Mon 06 November 2023 + </abbr> + </div> + <div class="entry-content"> <p>Version 1.16.0 of Allura released with critical security fix</p> </div> <div class="row pad-top-md"> <h3><a class="text-black" href="//allura.apache.org/posts/2023-allura-1.15.0.html">Apache Allura 1.15.0 released</a></h3> </div>