Dear Jackrabbit users,recently, a potentially critical vulnerability was reported to us (CVE and details will follow).
We advise users of Jackrabbit 2.20.x (Java 8) and 2.22.x (Java 11) to update to the latest versions (2.20.17 and 2.22.1).
For the 2.23 beta branch, the fix is in version 2.23.2-beta.Earlier branches (2.0.x to 2.19.x) have reached EOL already, and we recommend that users of these branches update to 2.20.17 or 2.22.1.
Best regards, the Apache Jackrabbit PMC
