[gatein-commits] gatein SVN: r7397 - in epp/docs/tags/EPP_5_1_1_GA: Site_Publisher/Release_Notes/en-US and 1 other directory.

Author: smumford Date: 2011-09-13 23:03:32 -0400 (Tue, 13 Sep 2011) New Revision: 7397 Modified: epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/5.1.1_Release_Notes.xml epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/Book_Info.xml epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/Revision_History.xml epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/resolved_issues.xml epp/docs/tags/EPP_5_1_1_GA/Site_Publisher/Release_Notes/en-US/Article_Info.xml epp/docs/tags/EPP_5_1_1_GA/Site_Publisher/Release_Notes/en-US/Revision_History.xml Log: Committing final changes for tagging Modified: epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/5.1.1_Release_Notes.xml =================================================================== --- epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/5.1.1_Release_Notes.xml 2011-09-14 02:50:24 UTC (rev 7396) +++ epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/5.1.1_Release_Notes.xml 2011-09-14 03:03:32 UTC (rev 7397) @@ -418,11 +418,10 @@ </listitem> </varlistentry> - <varlistentry> + <!--<varlistentry> <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1484" /></term> <listitem> - <!-- Added on advice from Dave Jorm in the security team --> - + <para> It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions (DTD). A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable. (CVE-2011-1483) </para> @@ -431,7 +430,7 @@ </para> </listitem> - </varlistentry> + </varlistentry> DOCS NOTE: This item has been removed from the Release Notes as a performance issue associated with the fix resulted in the patch being removed from the 5.1.1 release. The patch will most likely be pushed asynchronously after the release. --> </variablelist> </section> <section> Modified: epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/Book_Info.xml =================================================================== --- epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/Book_Info.xml 2011-09-14 02:50:24 UTC (rev 7396) +++ epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/Book_Info.xml 2011-09-14 03:03:32 UTC (rev 7397) @@ -9,7 +9,7 @@ <productname>JBoss Enterprise Portal Platform</productname> <productnumber>5.1</productnumber> <edition>2.1</edition> - <pubsnumber>5.1.8</pubsnumber> + <pubsnumber>5.1.12</pubsnumber> <abstract> <para> These release notes contain important information related to JBoss Enterprise Portal Platform &VX; that may not be currently available in the Product Manuals. You should read these Release Notes in their entirety before installing the product. Modified: epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/Revision_History.xml =================================================================== --- epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/Revision_History.xml 2011-09-14 02:50:24 UTC (rev 7396) +++ epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/Revision_History.xml 2011-09-14 03:03:32 UTC (rev 7397) @@ -8,8 +8,8 @@ <simpara> <revhistory> <revision> - <revnumber>2.1-5.1.8</revnumber> - <date>Fri Aug 12 2011</date> + <revnumber>2.1-5.1.12</revnumber> + <date>Fri Sep 2 2011</date> <author> <firstname>Scott</firstname> <surname>Mumford</surname> Modified: epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/resolved_issues.xml =================================================================== --- epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/resolved_issues.xml 2011-09-14 02:50:24 UTC (rev 7396) +++ epp/docs/tags/EPP_5_1_1_GA/Release_Notes/en-US/resolved_issues.xml 2011-09-14 03:03:32 UTC (rev 7397) @@ -62,13 +62,9 @@ <term><ulink url="https://issues.jboss.org/browse/JBEPP-597" /></term> <listitem> - - <warning> - <title>Not Public Yet - RHT+eXo</title> <para> The name of a dashboard page entered by user was not properly encoded before being returned on the web browser. This allowed javascript snippets to be executed when creating a new page through the Portal Dashboard. The name of the page is now properly HTML encoded before being returned and javascript is no longer invoked when entered into page fields. </para> - </warning> </listitem> </varlistentry> @@ -295,13 +291,10 @@ <term><ulink url="https://issues.jboss.org/browse/JBEPP-854" /></term> <listitem> - - <warning> - <title>Not Public Yet - RHT+eXo</title> + <para> In previous versions of JBoss Enterprise Portal Platform, an error would be encountered when slashes were used in the context path of a portlet. This issue has been corrected in this release. </para> - </warning> </listitem> </varlistentry> @@ -638,22 +631,6 @@ </listitem> </varlistentry> - <!-- https://issues.jboss.org/browse/JBEPP-1023 --> - <varlistentry> - <term><ulink url="https://issues.jboss.org/browse/JBEPP-1023" /></term> - <listitem> - - - <para> - A fix that was implemented to resolve an XSS vulnerabily, affected all textarea inputs and caused any gadget source code entered into the <systemitem>App Registry</systemitem> to be escaped with &lt;&gt; characters and rendered invalid to the portal. This prevented new gadgets being added to the portal as well as preventing any changes being made to existing gadgets. - </para> - <para> - The underlying issue was resolved in a fix for another bug and as a result this issue no longer presents. - </para> - - </listitem> - </varlistentry> - <!-- https://issues.jboss.org/browse/JBEPP-1036 --> <varlistentry> <term><ulink url="https://issues.jboss.org/browse/JBEPP-1036" /></term> Modified: epp/docs/tags/EPP_5_1_1_GA/Site_Publisher/Release_Notes/en-US/Article_Info.xml =================================================================== --- epp/docs/tags/EPP_5_1_1_GA/Site_Publisher/Release_Notes/en-US/Article_Info.xml 2011-09-14 02:50:24 UTC (rev 7396) +++ epp/docs/tags/EPP_5_1_1_GA/Site_Publisher/Release_Notes/en-US/Article_Info.xml 2011-09-14 03:03:32 UTC (rev 7397) @@ -9,7 +9,7 @@ <productname>JBoss Enterprise Portal Platform</productname> <productnumber>5.1</productnumber> <edition>2</edition> - <pubsnumber>5.1.5</pubsnumber> + <pubsnumber>5.1.7</pubsnumber> <abstract> <para> These release notes contain important information related to JBoss Site Publisher &VZ; that may not be currently available in the Product Manuals. You should read these Release Notes in their entirety before installing the product. Modified: epp/docs/tags/EPP_5_1_1_GA/Site_Publisher/Release_Notes/en-US/Revision_History.xml =================================================================== --- epp/docs/tags/EPP_5_1_1_GA/Site_Publisher/Release_Notes/en-US/Revision_History.xml 2011-09-14 02:50:24 UTC (rev 7396) +++ epp/docs/tags/EPP_5_1_1_GA/Site_Publisher/Release_Notes/en-US/Revision_History.xml 2011-09-14 03:03:32 UTC (rev 7397) @@ -8,7 +8,7 @@ <simpara> <revhistory> <revision> - <revnumber>2-5.1.5</revnumber> + <revnumber>2-5.1.7</revnumber> <date>Thu Aug 11 2011</date> <author> <firstname>Scott</firstname>