Apache Cocoon 2.1 and 3.0 retired
-
After the recent release of Cocoon 2.3.0, the Apache Cocoon Community has
decided to retire both 2.1 and 3.0 versions, to focus on further
developments
of the 2.3 branch
The 2.1 branch was first released
Dear Cocoon users and developers,
Sorry for crossposting here, I wanted to be sure that all involved
people were aware of the ongoing discussions.
We recently pushed a new release of Cocoon, 11 years after the previous
one. This release gathers all changes made in between as well as two
of the jndi but security vulnerability
scanners usually complain.
Thanks for your work on this.
Best regards
Warrell
On Thu, 30 Nov 2023, 11:16 Cédric Damioli, wrote:
Severity: important
Affected versions:
- Apache Cocoon 2.2.0 before 2.3.0
Description:
Improper
Severity: important
Affected versions:
- Apache Cocoon 2.2.0 before 2.3.0
Description:
Improper Restriction of XML External Entity Reference vulnerability in Apache
Cocoon.This issue affects Apache Cocoon: from 2.2.0 before 2.3.0.
Users are recommended to upgrade to version 2.3.0, which
Severity: moderate
Affected versions:
- Apache Cocoon 2.2.0 before 2.3.0
Description:
Improper Neutralization of Special Elements used in an SQL Command ('SQL
Injection') vulnerability in Apache Cocoon.This issue affects Apache Cocoon:
from 2.2.0 before 2.3.0.
Users are recommended to
Apache Cocoon 2.3.0 Released
-
The Apache Cocoon Community is proud to announce the release of
Cocoon 2.3.0.
Apache Cocoon is a Spring-based framework (since version 2.2 of
Cocoon) built around the concepts of separation of concerns and
component-based
Hi,
To help isolate the issue, could you test with a simpler pipeline with
only generator/single simple XSLT/xml serializer ?
Cédric
Le 31/03/2022 à 17:54, Christopher Schultz a écrit :
Cédric,
On 3/29/22 12:52, Cédric Damioli wrote:
Do you use Xalan as XSLT Processor ?
If so, I remember
associated with
a cocoon view.
HTH,
Cédric
Le 29/03/2022 à 18:36, Christopher Schultz a écrit :
Cédric,
On 3/29/22 12:06, Cédric Damioli wrote:
Could you provide more details ?
How is your XML processed before outputting the wrong UTF-8 sequence ?
It's somewhat straightforward:
https://source/; />
-
To unsubscribe, e-mail: users-unsubscr...@cocoon.apache.org
For additional commands, e-mail: users-h...@cocoon.apache.org
--
Cédric Damioli
CMS - Java - Open Source
www.ametys.org
-
To unsubscribe, e-mail: users-unsubscr...@cocoon.apache.org
For additional commands, e-mail: users-h...@cocoon.apache.org
ke Tomcat? What about the java dependencies?
And will cocoon 2.1 continue to put out updates when security
risks are identified?
thanks very much,
Vincent
--
Cédric Damioli
CMS - Java - Open Source
www.ametys.org
ametysCMS> <http://twitter.com/ametysCMS>
<http://plus.google.com/+ametysOrg/posts>
<http://www.youtube.com/user/ametysWebCMS>
Cédric Damioli
Directeur associé
+33 (0)5 62 19 19 07 / +33 (0)6 87 03 61 63 | +33 (0)5 61 75 84 12
cedric.dami...@ametys.org <mailto:
Thorsten
-
To unsubscribe, e-mail: users-unsubscr...@cocoon.apache.org
For additional commands, e-mail: users-h...@cocoon.apache.org
--
Cédric Damioli
CMS - Java - Open Source
www.
Hi,
Entities resolution is managed by features of the SAX Parser, before any
transformation.
Cédric
Le 11/09/2020 à 12:12, gelo1234 a écrit :
Hello Cedric,
Are external entities blocked also in XSLT?
Greetings,
Greg
pt., 11 wrz 2020 o 11:39 Cédric Damioli <mailto:cdami...@apache.
/shadow
Credit: This issue was discovered by Nassim Asrir.
Regards,
--
Cédric Damioli
--
Cédric Damioli
CMS - Java - Open Source
www.ametys.org
-
To unsubscribe, e-mail: users-unsubscr...@cocoon.apache.org
For additional commands, e-mail: users-h...@cocoon.apache.org
I updated the mirror page.
Thanks !
Cédric
Le 30/07/2020 à 12:24, warrell harries a écrit :
Great news!
Well done!
The download is still showing version 2.12
Many thanks from a die-hard cocooner
On Thu, 30 Jul 2020 at 11:12, Cédric Damioli <mailto:cdami...@apache.org>> wrote:
Apache Cocoon 2.1.13 Released
-
The Apache Cocoon Community is proud to announce the new release
of Apache Cocoon.
Apache Cocoon is a web development framework built around the concept
of separation of concerns (that is: allowing people to do their job
advice.
Regards,
Senthilkumar.T
--
Cédric Damioli
CMS - Java - Open Source
www.ametys.org
---
To unsubscribe, e-mail: users-unsubscr...@cocoon.apache.org
For additional commands, e-mail: users-h...@cocoon.apache.org
--
Cédric Damioli
CMS - Java - Open Source
www.ametys.org
-
To unsubscribe, e-mail: users-uns
)
sun.font.CompositeGlyphMapper.init(CompositeGlyphMapper.java:62)
sun.font.CompositeFont.getMapper(CompositeFont.java:390)
sun.font.CompositeFont.canDisplay(CompositeFont.java:416)
Any Ideas Please
Peter
--
Cédric Damioli
CMS - Java - Open Source
www.ametys.org
://people.apache.org/~ilgrosso/
--
Cédric Damioli
Ametys CMS
http://www.ametys.org
http://www.anyware-services.com
.
The Apache Cocoon Project
--
Cédric Damioli
For more information about Apache Cocoon 2.1.12, please go to
http://cocoon.apache.org
Changes with Apache Cocoon 2.1.12
*) Starting with 2.1.12 the minimum required Java version will be 1.4.2. [all]
*) Core: Update xml-commons-resolver to 1.2 [DC
Dear Cocoon users,
A few years after the 2.1.11 release (!), we are currently in the
process of releasing a 2.1.12
There are 85 open issues in JIRA (see [1]), only 13 of which have their
fix-for version set to 2.1.12
Almost all these issues have been opened more than 2 years ago, so I
don't
in the Cocoon internals.
That's why I volunteered to help maintaining and releasing Cocoon 2.1
I hope to be able to contribute back to Cocoon community as much as it
brought to me and my projects the last 10 years.
Best regards,
Cédric Damioli
Le 18/12/2011 23:53, Sylvain Wallez a écrit :
Hi all,
I
Hi Christopher,
The locale of the I18nTransformer may be set a sitemap parameter :
map:transform type=i18n
map:parameter name=locale value=/
/map:transform
In this cas, the actual locale value may be computed in a surrounding
action :
map:act type=proxy
map:generate/
map:transform
à
rejoindre les listes anglophones s'ils n'y sont pas déjà.
Sylvain
--
Cédric Damioli
Solutions GED/CMS Ametys
ANYWARE SERVICES
http://www.anyware-services.com
http://www.ametys.org
-
To unsubscribe, e-mail: users-fr
, ministères, ...).
Dans les prochaines semaines, d'autres outils collaboratifs (calendrier
partagé, porte documents en ligne, ...) basés sur la même architecture
seront disponibles sur ces sites.
N'hésitez donc pas à vous joindre à cette nouvelle aventure !
--
Cédric Damioli
Directeur de
Bertrand Delacretaz a écrit :
On 6/13/07, Cédric Damioli [EMAIL PROTECTED] wrote:
C'est avec grand plaisir que je vous annonce la mise en Open Source du
CMS d'Anyware Technologies, sous le nom Ametys
Bravo, et merci pour l'info!
...Ce CMS est entre autres basé sur Cocoon et JCR
The log-level parameter in the web.xml is only used at servlet init
time, before the WEB-INF/logkit.xconf is actually read.
After that, only values that are configured in the WEB-INF/logkit.xconf
are used.
Best regards,
Cédric
--
Cédric Damioli
ANYWARE TECHNOLOGIES
Tel : +33 (0)5 61 00 52 90
Fax
configuration de Cocoon pour
que ca fonctionne?
Merci.
En général quand ca fait ca, c'est qu'il y a un ClassNotFoundException.
Il faut regarder dans les logs du moteur de servlets.
S'il s'agit d'un nouveau bloc, il doit d'agir du JAR de chaperon ou
alors le bloc cocoon-chaperon
--
Cédric Damioli
Antonio Fiol Bonnín a écrit :
2005/4/21, Cédric Damioli [EMAIL PROTECTED]:
Antonio Fiol Bonnín a écrit :
Hello,
I am trying to use the CVSSource on Cocoon 2.1.5.
What I tried is adding to cocoon.xconf:
(1 line context information)
component-instance
class
a
SourceResolver, which itself try to initialize CVSSourceFactory, which
itself needs InputModule (via VariableResolver), etc etc...
Every time I want to use CVSSource in my project, I clean InputModule
section and all works correctly after that.
Hope that helps,
Cédric
--
Cédric Damioli
IS Project
32 matches
Mail list logo