Repository: qpid-site Updated Branches: refs/heads/asf-site 2069e43da -> fa6be03d2
Update release notes for Qpid Java 6.0.3 Project: http://git-wip-us.apache.org/repos/asf/qpid-site/repo Commit: http://git-wip-us.apache.org/repos/asf/qpid-site/commit/fa6be03d Tree: http://git-wip-us.apache.org/repos/asf/qpid-site/tree/fa6be03d Diff: http://git-wip-us.apache.org/repos/asf/qpid-site/diff/fa6be03d Branch: refs/heads/asf-site Commit: fa6be03d2f1786818c94b7e390f7ac279eddd4ff Parents: 2069e43 Author: Alex Rudyy <[email protected]> Authored: Fri May 27 16:42:10 2016 +0100 Committer: Alex Rudyy <[email protected]> Committed: Fri May 27 16:42:10 2016 +0100 ---------------------------------------------------------------------- content/releases/qpid-java-6.0.3/release-notes.html | 6 ++++-- input/releases/qpid-java-6.0.3/release-notes.md | 8 +++++--- 2 files changed, 9 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/qpid-site/blob/fa6be03d/content/releases/qpid-java-6.0.3/release-notes.html ---------------------------------------------------------------------- diff --git a/content/releases/qpid-java-6.0.3/release-notes.html b/content/releases/qpid-java-6.0.3/release-notes.html index f772cc3..83dda93 100644 --- a/content/releases/qpid-java-6.0.3/release-notes.html +++ b/content/releases/qpid-java-6.0.3/release-notes.html @@ -120,6 +120,8 @@ https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/> broker written in Java that stores, routes, and forwards messages using AMQP.</p> +<p><strong>Note</strong>: This release addresses security vulnerabilities CVE-2016-3094 and CVE-2016-4432.</p> + <p>For more information about this release, including download links and documentation, see the <a href="index.html">release overview</a>.</p> @@ -131,7 +133,6 @@ documentation, see the <a href="index.html">release overview</a>.</p> <li><a href="https://issues.apache.org/jira/browse/QPID-7211";>QPID-7211</a> - [Java Broker, WMC] Do not transfer inherited context variables</li> <li><a href="https://issues.apache.org/jira/browse/QPID-7216";>QPID-7216</a> - [Java Broker, WMC] add new ManagedOperation to retrieve Connections less verbose</li> <li><a href="https://issues.apache.org/jira/browse/QPID-7255";>QPID-7255</a> - Support delivery delay</li> -<li><a href="https://issues.apache.org/jira/browse/QPID-7271";>QPID-7271</a> - Improve exception handling for PlainSaslServer</li> </ul> <h2 id="bugs-fixed">Bugs fixed</h2> @@ -142,11 +143,12 @@ documentation, see the <a href="index.html">release overview</a>.</p> <li><a href="https://issues.apache.org/jira/browse/QPID-7231";>QPID-7231</a> - Example of REST call to invoke the Queue clear queue operation is incorrect</li> <li><a href="https://issues.apache.org/jira/browse/QPID-7237";>QPID-7237</a> - Excessive threads creation when suspending/resuming flow</li> <li><a href="https://issues.apache.org/jira/browse/QPID-7253";>QPID-7253</a> - [Java Client 0-10] Application allowed to create new JMS session whilst failover is in progress</li> -<li><a href="https://issues.apache.org/jira/browse/QPID-7257";>QPID-7257</a> - [Java Broker] Correct connection state logging</li> +<li><a href="https://issues.apache.org/jira/browse/QPID-7257";>QPID-7257</a> - [CVE-2016-4432] [Java Broker] Prevent possibility of by-passed authentication in AMQP 0-8..0-10 protocol implementations</li> <li><a href="https://issues.apache.org/jira/browse/QPID-7260";>QPID-7260</a> - apache-release profile fails under JDK 1.8 due to javadoc errors</li> <li><a href="https://issues.apache.org/jira/browse/QPID-7267";>QPID-7267</a> - [Java Broker] Content-Length header is set incorrectly when using compression</li> <li><a href="https://issues.apache.org/jira/browse/QPID-7268";>QPID-7268</a> - message sent over 0-10 can't be received over 1.0</li> <li><a href="https://issues.apache.org/jira/browse/QPID-7269";>QPID-7269</a> - broker issues disposition for delivery that is already settled</li> +<li><a href="https://issues.apache.org/jira/browse/QPID-7271";>QPID-7271</a> - [CVE-2016-3094] Prevent DoS from PlainSaslServer</li> </ul> <h2 id="tasks">Tasks</h2> http://git-wip-us.apache.org/repos/asf/qpid-site/blob/fa6be03d/input/releases/qpid-java-6.0.3/release-notes.md ---------------------------------------------------------------------- diff --git a/input/releases/qpid-java-6.0.3/release-notes.md b/input/releases/qpid-java-6.0.3/release-notes.md index 8f68fee..8e7c396 100644 --- a/input/releases/qpid-java-6.0.3/release-notes.md +++ b/input/releases/qpid-java-6.0.3/release-notes.md @@ -23,6 +23,8 @@ Qpid Java offers an AMQP-fluent implementation of JMS and a message broker written in Java that stores, routes, and forwards messages using AMQP. +**Note**: This release addresses security vulnerabilities CVE-2016-3094 and CVE-2016-4432. + For more information about this release, including download links and documentation, see the [release overview](index.html). @@ -34,7 +36,6 @@ documentation, see the [release overview](index.html). - [QPID-7211](https://issues.apache.org/jira/browse/QPID-7211) - [Java Broker, WMC] Do not transfer inherited context variables - [QPID-7216](https://issues.apache.org/jira/browse/QPID-7216) - [Java Broker, WMC] add new ManagedOperation to retrieve Connections less verbose - [QPID-7255](https://issues.apache.org/jira/browse/QPID-7255) - Support delivery delay - - [QPID-7271](https://issues.apache.org/jira/browse/QPID-7271) - Improve exception handling for PlainSaslServer ## Bugs fixed @@ -43,13 +44,14 @@ documentation, see the [release overview](index.html). - [QPID-7231](https://issues.apache.org/jira/browse/QPID-7231) - Example of REST call to invoke the Queue clear queue operation is incorrect - [QPID-7237](https://issues.apache.org/jira/browse/QPID-7237) - Excessive threads creation when suspending/resuming flow - [QPID-7253](https://issues.apache.org/jira/browse/QPID-7253) - [Java Client 0-10] Application allowed to create new JMS session whilst failover is in progress - - [QPID-7257](https://issues.apache.org/jira/browse/QPID-7257) - [Java Broker] Correct connection state logging + - [QPID-7257](https://issues.apache.org/jira/browse/QPID-7257) - [CVE-2016-4432] [Java Broker] Prevent possibility of by-passed authentication in AMQP 0-8..0-10 protocol implementations - [QPID-7260](https://issues.apache.org/jira/browse/QPID-7260) - apache-release profile fails under JDK 1.8 due to javadoc errors - [QPID-7267](https://issues.apache.org/jira/browse/QPID-7267) - [Java Broker] Content-Length header is set incorrectly when using compression - [QPID-7268](https://issues.apache.org/jira/browse/QPID-7268) - message sent over 0-10 can't be received over 1.0 - [QPID-7269](https://issues.apache.org/jira/browse/QPID-7269) - broker issues disposition for delivery that is already settled + - [QPID-7271](https://issues.apache.org/jira/browse/QPID-7271) - [CVE-2016-3094] Prevent DoS from PlainSaslServer ## Tasks - [QPID-7265](https://issues.apache.org/jira/browse/QPID-7265) - migrate the AMQP 0-10 JMS client docs out of the old combined doc book. - - [QPID-7266](https://issues.apache.org/jira/browse/QPID-7266) - RAT check fails on release archive due to generated file \ No newline at end of file + - [QPID-7266](https://issues.apache.org/jira/browse/QPID-7266) - RAT check fails on release archive due to generated file --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
