oldnews-2014.xml

kkolinko Fri, 27 Feb 2015 03:38:48 -0800

Author: kkolinko
Date: Fri Feb 27 11:38:13 2015
New Revision: 1662662

URL: http://svn.apache.org/r1662662
Log:
Announcement for Standard Taglib 1.2.3.


I do not like the CVE link (goes to announce@a.o mail archive) and CHANGES link 
(goes to SVN), as I noted in a FIXME comment in index.xml.  Any better ideas?

Modified:
    tomcat/site/trunk/docs/index.html
    tomcat/site/trunk/docs/oldnews-2014.html
    tomcat/site/trunk/xdocs/index.xml
    tomcat/site/trunk/xdocs/oldnews-2014.xml

Modified: tomcat/site/trunk/docs/index.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1662662&r1=1662661&r2=1662662&view=diff
==============================================================================
--- tomcat/site/trunk/docs/index.html (original)
+++ tomcat/site/trunk/docs/index.html Fri Feb 27 11:38:13 2015
@@ -224,6 +224,36 @@ project logo are trademarks of the Apach
 
 
 </div>
+<h3 id="Apache_Standard_Taglib_1.2.3_Released">
+<span style="float: right;">2015-02-20</span> Apache Standard Taglib 1.2.3 
Released</h3>
+<div class="text">
+
+
+<p>
+The Apache Tomcat Project is proud to announce the release of version 1.2.3 of 
+the Standard Taglib. This tag library provides Apache's implementation 
+of the JSTL 1.2 specification.
+</p>
+
+<p>
+Version 1.2.3 is a security and bug fix release. It fixes a few bugs found
+in Standard Taglib 1.2.1 and provides protection against
+<a 
href="http://mail-archives.apache.org/mod_mbox/www-announce/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E";>CVE-2015-0254</a>
+vulnerability (XXE and RCE via XSL extension in JSTL XML tags).
+</p>
+
+<p>
+Please see the <a href="taglibs/standard/">Standard Taglib site</a> for more 
details. 
+</p>
+
+<p style="text-align: center;">
+
+<a href="download-taglibs.cgi">Download</a> |
+<a 
href="http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/CHANGES.txt";>Changes</a>
+
+</p>
+
+</div>
 <h3 id="Tomcat_8.0.20_Released">
 <span style="float: right;">2015-02-20</span> Tomcat 8.0.20 Released</h3>
 <div class="text">
@@ -368,27 +398,6 @@ This version fixes few bugs found in pre
 
 </p>
 
-</div>
-<h3 id="Apache_Standard_Taglib_1.2.1_Released">
-<span style="float: right;">2014-01-02</span> Apache Standard Taglib 1.2.1 
Released</h3>
-<div class="text">
-
-<p>
-The Apache Tomcat Project is proud to announce the release of version 1.2.1 of 
-the Standard Taglib. This is the first official release of Apache's 
implementation 
-of the JSTL 1.2 specification. 
-</p>
-
-<p>
-Please see the <a href="taglibs/standard/">Standard Taglib site</a> for more 
details. 
-</p>
-
-<p style="text-align: center;">
-
-<a href="download-taglibs.cgi">Download</a>
-
-</p>
-
 </div>
 <h3 id="Tomcat_Maven_Plugin_2.2_Released">
 <span style="float: right;">2013-11-11</span> Tomcat Maven Plugin 2.2 
Released</h3>

Modified: tomcat/site/trunk/docs/oldnews-2014.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/oldnews-2014.html?rev=1662662&r1=1662661&r2=1662662&view=diff
==============================================================================
--- tomcat/site/trunk/docs/oldnews-2014.html (original)
+++ tomcat/site/trunk/docs/oldnews-2014.html Fri Feb 27 11:38:13 2015
@@ -1047,6 +1047,27 @@ Full details of these changes, and all t
 </p>
 
 </div>
+<h3 id="Apache_Standard_Taglib_1.2.1_Released">
+<span style="float: right;">2014-01-02</span> Apache Standard Taglib 1.2.1 
Released</h3>
+<div class="text">
+
+<p>
+The Apache Tomcat Project is proud to announce the release of version 1.2.1 of 
+the Standard Taglib. This is the first official release of Apache's 
implementation 
+of the JSTL 1.2 specification. 
+</p>
+
+<p>
+Please see the <a href="taglibs/standard/">Standard Taglib site</a> for more 
details. 
+</p>
+
+<p style="text-align: center;">
+
+<a href="download-taglibs.cgi">Download</a>
+
+</p>
+
+</div>
 </div>
 </div>
 </div>

Modified: tomcat/site/trunk/xdocs/index.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/index.xml?rev=1662662&r1=1662661&r2=1662662&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/index.xml (original)
+++ tomcat/site/trunk/xdocs/index.xml Fri Feb 27 11:38:13 2015
@@ -37,6 +37,37 @@ project logo are trademarks of the Apach
 
 </section>
 
+<section name="Apache Standard Taglib 1.2.3 Released" rtext="2015-02-20">
+<!--
+  FIXME:
+   1. CVE link goes to accounce@a.o mail archive.
+      It cannot go to cve.mitre.org, as they have not published this CVE 
number.
+      It cannot go to announce@tomcat.a.o archive, as announcement is not 
there. Stuck in moderation?
+      There is no taglibs page at http://tomcat.apache.org/security.html
+   2. Changelog link goes to SVN repository.
+      Is the CHANGES file published on the site?
+      Maybe upload it to the download ares?
+-->
+<p>
+The Apache Tomcat Project is proud to announce the release of version 1.2.3 of 
+the Standard Taglib. This tag library provides Apache's implementation 
+of the JSTL 1.2 specification.
+</p>
+<p>
+Version 1.2.3 is a security and bug fix release. It fixes a few bugs found
+in Standard Taglib 1.2.1 and provides protection against
+<a 
href="http://mail-archives.apache.org/mod_mbox/www-announce/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E";>CVE-2015-0254</a>
+vulnerability (XXE and RCE via XSL extension in JSTL XML tags).
+</p>
+<p>
+Please see the <a href="taglibs/standard/">Standard Taglib site</a> for more 
details. 
+</p>
+<p style="text-align: center;">
+<a href="download-taglibs.cgi">Download</a> |
+<a 
href="http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/CHANGES.txt";>Changes</a>
+</p>
+</section>
+
 <section name="Tomcat 8.0.20 Released" rtext="2015-02-20">
 <p>
 The Apache Tomcat Project is proud to announce the release of version 8.0.20
@@ -133,20 +164,6 @@ This version fixes few bugs found in pre
 </p>
 </section>
 
-<section name="Apache Standard Taglib 1.2.1 Released" rtext="2014-01-02">
-<p>
-The Apache Tomcat Project is proud to announce the release of version 1.2.1 of 
-the Standard Taglib. This is the first official release of Apache's 
implementation 
-of the JSTL 1.2 specification. 
-</p>
-<p>
-Please see the <a href="taglibs/standard/">Standard Taglib site</a> for more 
details. 
-</p>
-<p style="text-align: center;">
-<a href="download-taglibs.cgi">Download</a>
-</p>
-</section>
-
 <section name="Tomcat Maven Plugin 2.2 Released" rtext="2013-11-11">
 <p>
 The Apache Tomcat team is pleased to announce the release of Tomcat Maven 
Plugin 2.2.

Modified: tomcat/site/trunk/xdocs/oldnews-2014.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/oldnews-2014.xml?rev=1662662&r1=1662661&r2=1662662&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/oldnews-2014.xml (original)
+++ tomcat/site/trunk/xdocs/oldnews-2014.xml Fri Feb 27 11:38:13 2015
@@ -595,5 +595,19 @@ Full details of these changes, and all t
 </p>
 </section>
 
+<section name="Apache Standard Taglib 1.2.1 Released" rtext="2014-01-02">
+<p>
+The Apache Tomcat Project is proud to announce the release of version 1.2.1 of 
+the Standard Taglib. This is the first official release of Apache's 
implementation 
+of the JSTL 1.2 specification. 
+</p>
+<p>
+Please see the <a href="taglibs/standard/">Standard Taglib site</a> for more 
details. 
+</p>
+<p style="text-align: center;">
+<a href="download-taglibs.cgi">Download</a>
+</p>
+</section>
+
 </body>
 </document>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1662662 - in /tomcat/site/trunk: docs/index.html docs/oldnews-2014.html xdocs/index.xml xdocs/oldnews-2014.xml

Reply via email to