This is an automated email from the ASF dual-hosted git repository. jacopoc pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ofbiz-site.git
The following commit(s) were added to refs/heads/master by this push: new c29d67b Add new release information for Apache OFBiz 18.12.08 c29d67b is described below commit c29d67b819f266242a753049f49d1af378f3ba39 Author: Jacopo Cappellato <jacopo.cappell...@gmail.com> AuthorDate: Thu Jun 1 10:24:46 2023 +0200 Add new release information for Apache OFBiz 18.12.08 --- download.html | 20 ++- download.html => release-notes-18.12.08.html | 209 +++------------------------ template/page/download.tpl.php | 20 ++- template/page/release-notes-18.12.08.tpl.php | 38 +++++ 4 files changed, 86 insertions(+), 201 deletions(-) diff --git a/download.html b/download.html index 6f555e4..2a56ae0 100644 --- a/download.html +++ b/download.html @@ -141,13 +141,17 @@ <div class="tab-pane active" id="tabs-1"> <ul> <li> - <h2>OFBiz 18.12.07</h2> - <a href="https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-18.12.07.zip" target="external" class="moreLink">→ Download</a> + <h2>OFBiz 18.12.08</h2> + <a href="https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-18.12.08.zip" target="external" class="moreLink">→ Download</a> </li> </ul> </div> <div class="tab-pane" id="tabs-2"> <ul> + <li> + <h2>OFBiz 18.12.08</h2> + <a href="release-notes-18.12.08.html" class="moreLink">→ View</a> + </li> <li> <h2>OFBiz 18.12.07</h2> <a href="release-notes-18.12.07.html" class="moreLink">→ View</a> @@ -272,14 +276,14 @@ <p>The history of security related fixes included in each release is available <a href="security.html">here</a></p> - <h2>Apache OFBiz 18.12.07</h2> + <h2>Apache OFBiz 18.12.08</h2> <div class="divider"><span></span></div> - <p> Released on April 2023, this is the seventh and final release of the 18.12 series, that has been stabilized since December 2018.</p> - <a href="https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-18.12.07.zip" target="external" >Download OFBiz 18.12.07</a> - <a href="https://downloads.apache.org/ofbiz/apache-ofbiz-18.12.07.zip.asc" target="external">[PGP]</a> - <a href="https://downloads.apache.org/ofbiz/apache-ofbiz-18.12.07.zip.sha512" target="external">[SHA512]</a> + <p> Released on June 2023, this is the eighth and final release of the 18.12 series, that has been stabilized since December 2018.</p> + <a href="https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-18.12.08.zip" target="external" >Download OFBiz 18.12.08</a> + <a href="https://downloads.apache.org/ofbiz/apache-ofbiz-18.12.08.zip.asc" target="external">[PGP]</a> + <a href="https://downloads.apache.org/ofbiz/apache-ofbiz-18.12.08.zip.sha512" target="external">[SHA512]</a> <a href="https://downloads.apache.org/ofbiz/KEYS" target="external">[KEYS]</a> - <a href="release-notes-18.12.07.html">[Release Notes]</a> + <a href="release-notes-18.12.08.html">[Release Notes]</a> <p><strong>We strongly encourage OfBiz users to report security problems affecting OFBiz to the private security mailing lists (either secur...@ofbiz.apache.org or secur...@apache.org), before disclosing them in a public forum. Please don't pack several vulnerabilities in the same report, send them one by one, thanks in advance.</strong></p> diff --git a/download.html b/release-notes-18.12.08.html similarity index 56% copy from download.html copy to release-notes-18.12.08.html index 6f555e4..2f50f7c 100644 --- a/download.html +++ b/release-notes-18.12.08.html @@ -6,7 +6,7 @@ <!--[if (gte IE 9)|!(IE)]><!--> <head> <meta charset="utf-8"> -<title>The Apache OFBiz® Project - Downloads</title> +<title>The Apache OFBiz® Project - Release Notes 18.12.04</title> <meta name="Description" content="OFBiz is an open source enterprise automation software project licensed under the Apache License. It means you are not alone and can work with many others." /> <meta name="Robots" content="index,follow" /> <!-- Mobile Specific Metas @@ -112,202 +112,41 @@ <!-- header --> <!-- globalWrapper --> <div id="globalWrapper"> - -<!-- content --> - <!-- page content --> - <section id="content" class="sidebar"> + <!-- page content --> + <section id="content" class="fullWidth"> <header class="headerPage"> <div class="container clearfix"> <div class="row"> - <h1 class="span8">Downloads</h1> - <div class="span4" id="navTrail"> <a href="index.html" class="homeLink">home</a><span>/</span><a href="#">Community</a><span>/</span> <span class="current">Downloads</span> </div> + <h1 class="span8">Release Notes 18.12.08</h1> + <div class="span4" id="navTrail"> <a href="index.html" class="homeLink">home</a><span>/</span><a href="download.html">Download</a><span>/</span><span class="current">Release Notes 18.12.08</span> </div> </div> </div> </header> - <div class="slice clearfix"> + <section id="content" class="features" > + <div class="slice clearfix"> <div class="container"> - <div class="row"> - <!-- sidebar --> - <aside class="span4" id="sidebar"> +<div class="row"> + <div> + <p>Apache OFBiz® 18.12.08, released on June 2023, is the eighth and final release of the 18.12 series, that has been stabilized since December 2018.</p> - <section class="widget blogUpdates"> - <h2>Releases for Download</h2> - <div class="divider"><span></span></div> - <ul class="nav nav-tabs " id="myTab"> - <li class="active"><a href="#tabs-1" data-toggle="tab">Downloads</a></li> - <li><a href="#tabs-2" data-toggle="tab">Release Notes</a></li> - </ul> - <div class="tab-content"> - <div class="tab-pane active" id="tabs-1"> - <ul> - <li> - <h2>OFBiz 18.12.07</h2> - <a href="https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-18.12.07.zip" target="external" class="moreLink">→ Download</a> - </li> - </ul> - </div> - <div class="tab-pane" id="tabs-2"> - <ul> - <li> - <h2>OFBiz 18.12.07</h2> - <a href="release-notes-18.12.07.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 18.12.06</h2> - <a href="release-notes-18.12.06.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 18.12.05</h2> - <a href="release-notes-18.12.05.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 18.12.04</h2> - <a href="release-notes-18.12.04.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 18.12.03</h2> - <a href="release-notes-18.12.03.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 18.12.02</h2> - <a href="release-notes-18.12.02.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 18.12.01</h2> - <a href="release-notes-18.12.01.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 17.12.09</h2> - <a href="release-notes-17.12.09.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 17.12.08</h2> - <a href="release-notes-17.12.08.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 17.12.07</h2> - <a href="release-notes-17.12.07.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 17.12.06</h2> - <a href="release-notes-17.12.06.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 17.12.05</h2> - <a href="release-notes-17.12.05.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 17.12.04</h2> - <a href="release-notes-17.12.04.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 17.12.03</h2> - <a href="release-notes-17.12.03.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 17.12.02</h2> - <a href="release-notes-17.12.02.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 17.12.01</h2> - <a href="release-notes-17.12.01.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 16.11.07</h2> - <a href="release-notes-16.11.07.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 16.11.06</h2> - <a href="release-notes-16.11.06.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 16.11.05</h2> - <a href="release-notes-16.11.05.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 16.11.04</h2> - <a href="release-notes-16.11.04.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 16.11.03</h2> - <a href="release-notes-16.11.03.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 16.11.01</h2> - <a href="release-notes-16.11.01.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 13.07.03</h2> - <a href="release-notes-13.07.03.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 13.07.02</h2> - <a href="release-notes-13.07.02.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 13.07.01</h2> - <a href="release-notes-13.07.01.html" class="moreLink">→ View</a> - </li> - <li> - <h2>OFBiz 12.04.06</h2> - <a href="release-notes-12.04.06.html" class="moreLink">→ View</a> - </li> - </ul> - </div> - </div> - </section> - </aside> - <!-- sidebar --> - <div class="span8"> - <h2>Download Apache OFBiz</h2> - <div class="divider"><span></span></div> - <div class="imgWrapper"> <img src="images/Download.jpg" alt="image fullwidth"> </div> - <p> <strong> Use the links below to download Apache OFBiz releases from the "Apache Download Mirrors" page. The download page also includes instructions on how to verify the integrity of the release file using the signature and hash (PGP, SHA512) available for each release. If you need more information about why and how to verify the integrity of the release file <a href="http://www.apache.org/info/verification.html" class="moreLink">this → page is what you look for</a>< [...] - - <p> <strong> Then, to install OFBiz, follow the explanations in the "INSTALL" file found in the just downloaded/extracted OFBiz main directory.</strong> </p> - - <p> <strong>PLEASE NOTE:</strong> Despite our best efforts to maintain up to three active release branches, support for older branches can decrease because our project volunteers may be focused on other issues. We recommend using releases from the most recent branch wherever possible. </p> - - <p><strong>NOTE: To minimize the risk of security vulnerabilities the Apache OFBiz community highly recommends that all users upgrade to the latest stable release.</strong></p> - <p>The history of security related fixes included in each release is -available <a href="security.html">here</a></p> - - <h2>Apache OFBiz 18.12.07</h2> - <div class="divider"><span></span></div> - <p> Released on April 2023, this is the seventh and final release of the 18.12 series, that has been stabilized since December 2018.</p> - <a href="https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-18.12.07.zip" target="external" >Download OFBiz 18.12.07</a> - <a href="https://downloads.apache.org/ofbiz/apache-ofbiz-18.12.07.zip.asc" target="external">[PGP]</a> - <a href="https://downloads.apache.org/ofbiz/apache-ofbiz-18.12.07.zip.sha512" target="external">[SHA512]</a> - <a href="https://downloads.apache.org/ofbiz/KEYS" target="external">[KEYS]</a> - <a href="release-notes-18.12.07.html">[Release Notes]</a> - - <p><strong>We strongly encourage OfBiz users to report security problems affecting OFBiz to the private security mailing lists (either secur...@ofbiz.apache.org or secur...@apache.org), - before disclosing them in a public forum. Please don't pack several vulnerabilities in the same report, send them one by one, thanks in advance.</strong></p> - <p>Note that we no longer create CVEs for post-auth attacks done using demo credentials, notably using the admin user. - <strong> <a href="https://s.apache.org/dsj2p"> Rather create bugs reports in our issue tracker (Jira) for that.</a><span style="color:red"> Please don't create Jira issues for unauth (aka pre-auth) reports, thanks in advance.</span></strong></p> + Release Notes - OFBiz - Version 18.12.08 + +<h2> Sub-task +</h2> +<ul> +<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-12824'>OFBIZ-12824</a>] - Disable the Birt component in all branches (including trunk) because of CVE-2022-25371 +</li> +</ul> - <p>One of the reason we no longer create CVEs for post-auth attacks done using demo credentials is because - <a href="https://nightlies.apache.org/ofbiz/trunk/readme/html5/#security" target="external"> we highly suggest to OFBiz users to not use credentials demo in production</a> - and we expect OFBiz users to do so. - <a href="https://cwiki.apache.org/confluence/display/OFBIZ/Keeping+OFBiz+secure" target="external"> We also warn our users on the "Keeping OFBiz secure wiki page".</a> - And finally, mostly we reject post-auth vulnerabilities because we have a solid CSRF defense.</p> - - - <h2>Earlier Releases</h2> - <div class="divider"><span></span></div> - <p>Older superseded releases of Apache OFBiz can be found in the <a href="//archive.apache.org/dist/ofbiz/" target="external">Apache OFBiz archive</a></p> - <p>A description of each release in the history of OFBiz can be <a href="//downloads.apache.org/ofbiz/" target="external">found here</a></p> - </div> - </div> - </div> - </div> - </section> - -<!-- content --> -<!-- footer --> + </div> +</div> +</div> +</div> +</section> +</section><!-- footer --> <footer class="footer1"> <div class="container" id="footer"> <div class="row"> diff --git a/template/page/download.tpl.php b/template/page/download.tpl.php index 6757bbf..e22aa24 100644 --- a/template/page/download.tpl.php +++ b/template/page/download.tpl.php @@ -30,13 +30,17 @@ <div class="tab-pane active" id="tabs-1"> <ul> <li> - <h2>OFBiz 18.12.07</h2> - <a href="https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-18.12.07.zip" target="external" class="moreLink">→ Download</a> + <h2>OFBiz 18.12.08</h2> + <a href="https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-18.12.08.zip" target="external" class="moreLink">→ Download</a> </li> </ul> </div> <div class="tab-pane" id="tabs-2"> <ul> + <li> + <h2>OFBiz 18.12.08</h2> + <a href="release-notes-18.12.08.html" class="moreLink">→ View</a> + </li> <li> <h2>OFBiz 18.12.07</h2> <a href="release-notes-18.12.07.html" class="moreLink">→ View</a> @@ -161,14 +165,14 @@ <p>The history of security related fixes included in each release is available <a href="security.html">here</a></p> - <h2>Apache OFBiz 18.12.07</h2> + <h2>Apache OFBiz 18.12.08</h2> <div class="divider"><span></span></div> - <p> Released on April 2023, this is the seventh and final release of the 18.12 series, that has been stabilized since December 2018.</p> - <a href="https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-18.12.07.zip" target="external" >Download OFBiz 18.12.07</a> - <a href="https://downloads.apache.org/ofbiz/apache-ofbiz-18.12.07.zip.asc" target="external">[PGP]</a> - <a href="https://downloads.apache.org/ofbiz/apache-ofbiz-18.12.07.zip.sha512" target="external">[SHA512]</a> + <p> Released on June 2023, this is the eighth and final release of the 18.12 series, that has been stabilized since December 2018.</p> + <a href="https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-18.12.08.zip" target="external" >Download OFBiz 18.12.08</a> + <a href="https://downloads.apache.org/ofbiz/apache-ofbiz-18.12.08.zip.asc" target="external">[PGP]</a> + <a href="https://downloads.apache.org/ofbiz/apache-ofbiz-18.12.08.zip.sha512" target="external">[SHA512]</a> <a href="https://downloads.apache.org/ofbiz/KEYS" target="external">[KEYS]</a> - <a href="release-notes-18.12.07.html">[Release Notes]</a> + <a href="release-notes-18.12.08.html">[Release Notes]</a> <p><strong>We strongly encourage OfBiz users to report security problems affecting OFBiz to the private security mailing lists (either secur...@ofbiz.apache.org or secur...@apache.org), before disclosing them in a public forum. Please don't pack several vulnerabilities in the same report, send them one by one, thanks in advance.</strong></p> diff --git a/template/page/release-notes-18.12.08.tpl.php b/template/page/release-notes-18.12.08.tpl.php new file mode 100644 index 0000000..e1c61d0 --- /dev/null +++ b/template/page/release-notes-18.12.08.tpl.php @@ -0,0 +1,38 @@ +<?php //Variable declarations for region templates + $head_title = '<title>The Apache OFBiz® Project - Release Notes 18.12.04</title>'; +?> + <!-- page content --> + <section id="content" class="fullWidth"> + <header class="headerPage"> + <div class="container clearfix"> + <div class="row"> + <h1 class="span8">Release Notes 18.12.08</h1> + <div class="span4" id="navTrail"> <a href="index.html" class="homeLink">home</a><span>/</span><a href="download.html">Download</a><span>/</span><span class="current">Release Notes 18.12.08</span> </div> + </div> + </div> + </header> + <section id="content" class="features" > + <div class="slice clearfix"> + <div class="container"> +<div class="row"> + <div> + <p>Apache OFBiz® 18.12.08, released on June 2023, is the eighth and final release of the 18.12 series, that has been stabilized since December 2018.</p> + + + + + Release Notes - OFBiz - Version 18.12.08 + +<h2> Sub-task +</h2> +<ul> +<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-12824'>OFBIZ-12824</a>] - Disable the Birt component in all branches (including trunk) because of CVE-2022-25371 +</li> +</ul> + + </div> +</div> +</div> +</div> +</section> +</section> \ No newline at end of file