[seam-dev] Seam 2.2.1.CR2 is out
Marek Novotny
mnovotny at redhat.com
Mon Aug 9 14:32:25 EDT 2010
Seam 2.2.1.CR2 is available for public.
This second candidate release of version 2.2.1 was aimed to bring
security fixes and also bug fixes found in previous CR1. This release is
important, because it fixes a security issue in parametrized JBoss
Expression Language (EL) expressions - CVE-2010-1871 and Seam team
thanks Meder Kydyraliev of the Google Security Team for responsibly
reporting this issue to JBoss.
Next security fix is in upgrade of Spring dependency from 2.5.6.SEC01 to
2.5.6.SEC02.
Instead of these security issue, we fixed 39 issues including some
performance ones and also bugs with JBoss AS 6 M3/4 or documentation
fixes. More in Release notes are at
https://jira.jboss.org/jira/secure/ReleaseNote.jspa?version=12314471&styleName=Text&projectId=10071
Distribution downloads are available at
https://sourceforge.net/projects/jboss/files/JBoss%20Seam/2.2.1.CR2
Documentation for 2.2.1.CR2 is available at
http://www.seamframework.org/Seam2/Documentation (e.g
http://docs.jboss.org/seam/2.2.1.CR2/reference/en-US/html/).
What is missing? Uploading Seam maven artifacts, which is now stucked on
some infrastracture permision issues. I will inform about the
availability of them ASAP. And blogging about the release - I will wait
till maven repository contains seam 2.2.1.CR2 artifacts.
--
Marek Novotny
--
JBoss Seam Product Lead
Red Hat Czech s.r.o.
Purkynova 99
612 45 Brno
Email: mnovotny at redhat.com
Office phone: +420 532 294 287, ext. 82-62 087
mobile: +420 608 509 230
More information about the seam-dev
mailing list