Page History
Version 4.8
Tip | ||
---|---|---|
| ||
DSpace 4.8 can be downloaded immediately from: More information on the 4.8 release (and the 4.x platform in general) can be found in the 4.x Release Notes. Upgrade instructions can be found at Upgrading DSpace |
Note | ||
---|---|---|
| ||
DSpace 4.8 contains security fixes for both the XMLUI and JSPUI. To ensure your 4.x site is secure, we highly recommend ALL DSpace 4.x users upgrade to DSpace 4.8. DSpace 4.8 upgrade instructions are available at: Upgrading DSpace |
Table of Contents | ||||||
---|---|---|---|---|---|---|
|
...
This release addresses the following security issues discovered in DSpace 4.x and below:
DSpace API security fixes:
- [HIGH SEVERITY] BasicWorkflow system is vulnerable to unauthorized manipulations (DS-3647 - requires a JIRA account to access)
- Reported by Pascal-Nicolas Becker
- [LOW SEVERITY] Apache Commons Collections vulnerability (COLLECTIONS-580) (DS-3520 - requires a JIRA account to access)
- Reported by Alan Orth
In addition, this release fixes a few minor bugs in the 4.x releases. For more information, see the Changes section below.
...
Release Timeline:
- Release Date: TBAJuly 12, 2017