Page History
...
This release addresses the following security issues discovered in DSpace 3.x and below:
- [HIGH SEVERITY] The XMLUI "themes/" path is vulnerable to a full directory traversal. (DS-3094 - requires a JIRA account to access.) This means that ANY files on your system which are readable to the Tomcat user account may be publicly accessed via your DSpace website.
- Reported by Virginia Tech
Upgrade Instructions
- For upgrade instructions for 3.x to 3.5 please see Upgrading From 3.0 to 3.x.
- If you are upgrading from 1.8.x to 3.5, please see Upgrading From 1.8.x to 3.x
- For general upgrade instructions, please see Upgrading a DSpace Installation
...
Overview
Content Tools