Versions Compared

Old Version 1

changes.mady.by.user Tim Donohue

Saved on

compared with

New Version 2

changes.mady.by.user Tim Donohue

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This release addresses the following security issues discovered in DSpace 4.x and below:

DSpace API security fixes:

  • [HIGH SEVERITY]  BasicWorkflow system is vulnerable to unauthorized manipulations (DS-3647 - requires a JIRA account to access)
    • Reported by Pascal-Nicolas Becker
  • [LOW SEVERITY]  Apache Commons Collections vulnerability (COLLECTIONS-580) (DS-3520 - requires a JIRA account to access)
    • Reported by Alan Orth

In addition, this release fixes a few minor bugs in the 4.x releases. For more information, see the Changes section below.

...

Release Timeline:

  • Release Date: TBAJuly 12, 2017