Page History
...
Note | ||
---|---|---|
| ||
DSpace 4.8 contain security fixes for both the XMLUI and JSPUI. To ensure your 4.x site is secure, we highly recommend ALL DSpace 4.x users upgrade to DSpace 4.8. DSpace 4.8 upgrade instructions are available at: Upgrading DSpace |
...
- DSpace API security fixes:
- [LOW HIGH SEVERITY] Apache Commons Collections vulnerability (COLLECTIONS-580) (DS-3520 BasicWorkflow system is vulnerable to unauthorized manipulations (DS-3647 - requires a JIRA account to access)
- Reported by Alan Orthby Pascal-Nicolas Becker
- [HIGH LOW SEVERITY] BasicWorkflow system is vulnerable to unauthorized manipulations (was: DS-3431 Apache Commons Collections vulnerability (COLLECTIONS-580) (DS-36473520 - requires a JIRA account to access)
- Reported by Pascal-Nicolas BeckerAlan Orth
- [LOW HIGH SEVERITY] Apache Commons Collections vulnerability (COLLECTIONS-580) (DS-3520 BasicWorkflow system is vulnerable to unauthorized manipulations (DS-3647 - requires a JIRA account to access)
In addition, this release fixes minor bugs in the 4.x releases. For more information, see the Changes in 4.x page.
...
The following individuals provided code or bug fixes to the 4.8 release: Pascal-Nicolas Becker (pnbecker), Tim Donohue (tdonohue), Samuel Cambien (samuelcambien), Jonas Van Goolen (Jonas VG (atmire)), Mark Wood (mwood).
4.7 Release Notes
Note | ||
---|---|---|
| ||
DSpace 4.7 contain security fix for both the XMLUI and JSPUI. To ensure your 4.x site is secure, we highly recommend ALL DSpace 4.x users upgrade to DSpace 4.7. DSpace 4.7 upgrade instructions are available at: Upgrading DSpace |
...