Repository: james-site Updated Branches: refs/heads/asf-site 2e4488235 -> f2ec1fbf7
Add release note for 3.0.1 Project: http://git-wip-us.apache.org/repos/asf/james-site/repo Commit: http://git-wip-us.apache.org/repos/asf/james-site/commit/f2ec1fbf Tree: http://git-wip-us.apache.org/repos/asf/james-site/tree/f2ec1fbf Diff: http://git-wip-us.apache.org/repos/asf/james-site/diff/f2ec1fbf Branch: refs/heads/asf-site Commit: f2ec1fbf789599142d7ae65bcd2dd7b50444eea9 Parents: 2e44882 Author: Antoine Duprat <adup...@linagora.com> Authored: Mon Oct 30 15:11:54 2017 +0100 Committer: Antoine Duprat <adup...@linagora.com> Committed: Mon Oct 30 15:11:54 2017 +0100 ---------------------------------------------------------------------- content/download.html | 6 +++--- content/server/release-notes.html | 26 +++++++++++++++++++++++++- 2 files changed, 28 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/james-site/blob/f2ec1fbf/content/download.html ---------------------------------------------------------------------- diff --git a/content/download.html b/content/download.html index 7d7e539..3d0a328 100644 --- a/content/download.html +++ b/content/download.html @@ -390,7 +390,7 @@ is found <a class="externalLink" href="http://www.apache.org/licenses/exports/";> <div class="section"> -<h3>Apache James 3.0.0 is the stable version<a name="Apache_James_3.0.0_is_the_stable_version"></a></h3> +<h3>Apache James 3.0.1 is the stable version<a name="Apache_James_3.0.1_is_the_stable_version"></a></h3> <div class="ui-widget"> @@ -418,10 +418,10 @@ is found <a class="externalLink" href="http://www.apache.org/licenses/exports/";> <ul> -<li>Source code <a class="externalLink" href="https://github.com/apache/james-project/releases/tag/james-project-3.0.0";>on GitHub</a></li> +<li>Source code <a class="externalLink" href="https://github.com/apache/james-project/releases/tag/james-project-3.0.1";>on GitHub</a></li> -<li>Binary (ZIP Format): <a class="externalLink" href="http://www.apache.org/dist/james/server/3.0.0/james-server-app-3.0.0-app.zip";>apache-james-3.0.0-app.zip</a> [<a class="externalLink" href="http://www.apache.org/dist/james/server/3.0.0/james-server-app-3.0.0-app.zip.md5.sig";>PGP</a>]</li> +<li>Binary (ZIP Format): <a class="externalLink" href="http://www.apache.org/dist/james/server/james-server-app-3.0.1-app.zip";>apache-james-3.0.1-app.zip</a> [<a class="externalLink" href="http://www.apache.org/dist/james/server/james-server-app-3.0.1-app.zip.md5.sig";>PGP</a>]</li> </ul> http://git-wip-us.apache.org/repos/asf/james-site/blob/f2ec1fbf/content/server/release-notes.html ---------------------------------------------------------------------- diff --git a/content/server/release-notes.html b/content/server/release-notes.html index 12edaa9..cd888cc 100644 --- a/content/server/release-notes.html +++ b/content/server/release-notes.html @@ -227,7 +227,31 @@ <div class="section"> -<h2>Version 3.0.0<a name="Version_3.0.0"></a></h2> +<h2><a name="Version_3.0.1"></a>Version 3.0.1</h2> + + +<p>Released October 2017</p> + + +<p>The Apache James PMCs are glad to announce you the release + version 3.0.1 of Apache James server.</p> + + +<p>It fixes vulnerability described in CVE-2017-12628. The JMX server, also + used by the command line client is exposed to a java de-serialization + issue, and thus can be used to execute arbitrary commands. As James + exposes JMX socket by default only on local-host, this vulnerability can + only be used for privilege escalation.</p> + + +<p>If you're interested in contributing to the James project, please subscribe to the James + <a class="externalLink" href="http://james.apache.org/mail.html";>mailing lists</a>.</p> + + </div> + + +<div class="section"> +<h2><a name="Version_3.0.0"></a>Version 3.0.0</h2> <p>Released July 2017</p> --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org
