[jboss-cvs] JBossAS SVN: r96693 - projects/docs/enterprise/4.3.7/Release_Notes/en-US.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Sun Nov 22 20:38:00 EST 2009
Author: laubai
Date: 2009-11-22 20:38:00 -0500 (Sun, 22 Nov 2009)
New Revision: 96693
Modified:
projects/docs/enterprise/4.3.7/Release_Notes/en-US/Release_Notes_CP07.xml
Log:
Adding changes for CP2.
Modified: projects/docs/enterprise/4.3.7/Release_Notes/en-US/Release_Notes_CP07.xml
===================================================================
--- projects/docs/enterprise/4.3.7/Release_Notes/en-US/Release_Notes_CP07.xml 2009-11-23 01:36:30 UTC (rev 96692)
+++ projects/docs/enterprise/4.3.7/Release_Notes/en-US/Release_Notes_CP07.xml 2009-11-23 01:38:00 UTC (rev 96693)
@@ -385,7 +385,7 @@
<itemizedlist>
<listitem>
<para>
- <ulink url="https://jira.jboss.org/jira/browse/JBPAPP-2872">JBPAPP-2872</ulink>: Twiddle logged all command line arguments, including the JMX password, to <filename>twiddle.log</filename>, which had public read permissions, and was created in the current working directory. The password is now masked in the log, removing the risk to security.
+ <ulink url="https://jira.jboss.org/jira/browse/JBPAPP-2872">JBPAPP-2872</ulink>: Twiddle logged all command line arguments, including the JMX password, to <filename>twiddle.log</filename>, which has public read permissions, and is created in the current working directory. The password is now masked in the log, removing the risk to security.
</para>
</listitem>
<listitem>
@@ -402,7 +402,7 @@
<itemizedlist>
<listitem>
<para>
- <ulink url="https://jira.jboss.org/jira/browse/JBPAPP-2039">JBPAPP-2039</ulink>: The fix for <ulink url="https://jira.jboss.org/jira/browse/JBPAPP-1992">JBPAPP-1992</ulink> means that Version 1 cookies are used in JBoss Web instead of Version 0. This older version is linked to a security issue. To return to the previous behavior despite this, add a <filename>conf/catalina.properties</filename> file and set the following property in it:
+ <ulink url="https://jira.jboss.org/jira/browse/JBPAPP-2039">JBPAPP-2039</ulink>: The fix for <ulink url="https://jira.jboss.org/jira/browse/JBPAPP-1992">JBPAPP-1992</ulink> means that Version 1 cookies are used in JBoss Web instead of Version 0. This older version is linked to a security issue, described in <ulink url="https://www.redhat.com/security/data/cve/CVE-2007-5333.html">CVE-2007-5333</ulink>. To return to the previous behavior despite this, add a <filename>conf/catalina.properties</filename> file and set the following property in it:
</para>
<programlisting>
org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false
@@ -829,11 +829,6 @@
<ulink url="http://jira.jboss.com/jira/browse/JBPAPP-1063">JBPAPP-1063</ulink>: Currently MySQL does not support millisecond and microsecond measurements when returning database values such as <literal>TIME</literal> and <literal>TIMESTAMP</literal>.
</para>
</listitem>
- <listitem>
- <para>
- <ulink url="http://jira.jboss.com/jira/browse/JBPAPP-953">JBPAPP-953</ulink>: Hibernate Core and Annotations do not currently support the Hypersonic 1.8.0.8 database. Support for the version 1.8.0.8 of the Hypersonic database is no longer planned for future releases.
- </para>
- </listitem>
<listitem>
<para>
<ulink url="http://jira.jboss.com/jira/browse/JBPAPP-909">JBPAPP-909</ulink>: Within the Hibernate component of the Enterprise Application Platform the HashMap and HashSet iteration order changed from past releases because of support for JDK 1.6. However this has meant that the order of columns in union clauses and union-subclasses has changed, generating a slight impact on the components performance.
More information about the jboss-cvs-commits
mailing list