Thank you, John.
I just moderated the message through. This should appear in the apache.org
archives within the next hour.
Kind regards,
Sally = = = = = vox +1 617 921 8656gvox +1 646 598 4616skype sallykhudairi
From: John Kinsella <[email protected]>
To: Sally Khudairi <[email protected]>
Cc: "<[email protected]>" <[email protected]>;
Rohit Yadav <[email protected]>
Sent: Friday, October 28, 2016 3:44 PM
Subject: Re: [ANNOUNCE] Apache CloudStack Security Releases 4.8.1.1, 4.9.0.1
My bad, didn’t realize that. I’ll send the advisory message to announce@, and
update our security release guidelines to follow that in the future.
On Oct 28, 2016, at 12:38 PM, Sally Khudairi <[email protected]> wrote:
Thanks, John.
However the Project wishes to announce is fine, however, the
[email protected] channel is where projects commonly list CVE notices, which
is why I mentioned it.
Examples are at [1], [2], and [3]. Do let me know should you reconsider.
Kind regards,
Sally
[1] http://mail-archives.apache.org/mod_mbox/www-announce/201607.mbox/browser
[2]
http://mail-archives.apache.org/mod_mbox/www-announce/201606.mbox/browser[3]
http://mail-archives.apache.org/mod_mbox/www-announce/201610.mbox/browser
--both pages 1 and 2 (=6 notices from Apache Tomcat)
= = = = = vox +1 617 921 8656gvox +1 646 598 4616skype sallykhudairi
From: John Kinsella <[email protected]>
To: "<[email protected]>" <[email protected]>;
Sally Khudairi <[email protected]>
Cc: Rohit Yadav <[email protected]>
Sent: Friday, October 28, 2016 2:13 PM
Subject: Re: [ANNOUNCE] Apache CloudStack Security Releases 4.8.1.1, 4.9.0.1
Seems like it’d be better to use that channel for upcoming releases that have
new functionality, not “just” a security fix?
On Oct 28, 2016, at 11:09 AM, Sally Khudairi <[email protected]> wrote:
Thanks, Rohit.
If you'd like to send this to [email protected] (Foundation-wide
announcements; will be included in the weekly Apache News Round-Up), I will be
happy to moderate it through.
Kind regards,
Sally = = = = = vox +1 617 921 8656gvox +1 646 598 4616skype sallykhudairi
From: Rohit Yadav <[email protected]>
To: [email protected]; "[email protected]"
<[email protected]>; "[email protected]"
<[email protected]>; "[email protected]"
<[email protected]>
Sent: Thursday, October 27, 2016 12:07 AM
Subject: [ANNOUNCE] Apache CloudStack Security Releases 4.8.1.1, 4.9.0.1
# Apache CloudStack Security Releases 4.8.1.1, 4.9.0.1
The Apache CloudStack project announces security releases 4.8.1.1, 4.9.0.1 that
fixes the bug causing vulnerability over previously released minor versions
4.8.1 and 4.9.0 respectively. As a security release, no new features are
included but only includes the fix for CVE-2016-6813.
Apache CloudStack is an integrated Infrastructure-as-a-Service (IaaS) software
platform that allows users to build feature-rich public and private cloud
environments. CloudStack includes an intuitive user interface and rich API for
managing the compute, networking, software, and storage resources. The project
became an Apache top level project in March 2013.
More information about Apache CloudStack can be found at:
http://cloudstack.apache.org/
## Upgrade Notes
Affected users are only required to upgrade their management server(s) to
suitable security release version. The upgrade does not require any database or
systemvm-template related change.
## Downloads
The official source code release can be downloaded from:
http://cloudstack.apache.org/ downloads.html
In addition to the official source code release, individual contributors have
also made convenience binaries available on the Apache CloudStack download
page, and as follows:
http://www.shapeblue.com/ packages/
http://cloudstack.apt-get.eu/ ubuntu/dists/ (packages to be published soon)
http://cloudstack.apt-get.eu/ centos/6/ (packages to be published soon)
http://cloudstack.apt-get.eu/ centos/7/ (packages to be published soon)
###
Regards,Rohit Yadav
