Roller is the open source Java blog server that drives blogs.oracle.com, the blogs in IBM Lotus Connections, and others. Read more on the about page.

Site hosted by



Main | Next page »

Apache Roller 5.0.3 security fix release now available

01.11.2014 | 0 Comments

The Apache Roller project has announced the availability of a new Apache Roller 5.0.3 release. This new release is identical to Apache Roller 5.0.2 but includes an updated Apache XML-RPC library that fixes a security vulnerability in Roller's XML-RPC feature.

All Roller sites are urged to upgrade to Roller 5.0.3 as soon as possible. Download Apache Roller 5.0.3 at the Roller downloads page here.

You can find a little more information about the vulnerabilities at the links below:

Apache Roller 5.0.2 security fix release now available

11.03.2013 | 0 Comments

The Apache Roller project has announced the availability of a new Apache Roller 5.0.2 release. This new release is identical to Apache Roller 5.0.1 but with the addition of two security fixes: 1) fix for XSS vulnerability in Roller's search feeds 2) fix for remote code execution vulnerability.

All Roller sites are urged to upgrade to Roller 5.0.2 as soon as possible. Download Apache Roller 5.0.2 at the Roller downloads page here.

You can find a little more information about the vulnerabilities at the links below:

Roller on OpenShift

07.09.2013 | 0 Comments

Here's a wonderfully detailed and informative (even if you don't intend to use Roller) blog post from Roller committer Glen Mazza about how to install Roller on Red Hat's Open Shift platform as a service (PAAS) offering: Apache Roller on OpenShift

Apache Roller 5.0.1 security fix release now available

06.24.2012 | 0 Comments

The Apache Roller project has announced the availability of a new Apache Roller 5.0.1 release. This new release is identical to Apache Roller 5.0 but with the addition of two security fixes: 1) fix for Cross-Site Scripting (XSS) vulnerabilities and 2) fix for Cross-Site Resource Forgery (XRSF) vulnerabilities.

All Roller sites are urged to upgrade to Roller 5.0.1 as soon as possible. Download Apache Roller 5.0.1 at the Roller downloads page here

The two security vulnerabilities have been reported to the [Full Disclosure mailing-list at grok.org.uk|http://www.grok.org.uk/full-disclosure/] and the [Bugtraq list at SecurityFocus.com|http://www.securityfocus.com/archive/1]. You can find a little more information about the vulnerabilities at the links below:

Apache Roller 5.0 released

05.25.2011 | 0 Comments

Here's some more happy Roller news. Apache Roller 5.0 has been released!

The major new feature in Roller 5.0 is Media Blogging, a set of enhancements to Roller's file upload and management capabilities. Also included in 5.0 are simple multi-site support, ~OpenID and ~OAuth support for Roller's ~AtomPub interface. All major dependencies have been updated and Roller now uses Maven for build and dependency management. You can find a summary of Roller 5.0's new features on the Roller wiki.

The road to Roller 5.0 has been a long one and if you are interested the history, you might want to check Dave Johnson's What's New in Roller 5.0 presentation from ApacheCon US 2009. Roller 5.0 includes contributions from contributors from Google Summer of Code, San Jose State Univ. and the usual cast of Roller committers. Thanks to all who contributed to Roller 5.0 over the years.

To download Apache Roller 5.0 and documentation, visit the Apache Roller download page at the Apache Software Foundation's website.

Welcome Shelan Perera

05.23.2011 | 0 Comments

Here's some happy news. A new committer has joined the Roller project. Shelan Perera has been helping out on the mailing lists, submitting fixes and recently won a Google Summer of Code (GSOC) project to add mobile blogging features to Roller. He was nominated for committership and voted in on May 5, 2011.

Shelan's GSOC project is to add mobile theming capabilities to Roller. You can find the Mobile Theming for Roller proposal on the GSOC website. Shelan is seeking feedback on requirements and design for the project, and keeping the community in the loop by running a blog to journal his progress: Apache Roller Mobile Platform.

Welcome Shelan!

Roller needs YOU!

07.18.2010 | 0 Comments

If you’re a Roller user, developer, tester or technical writer then the Apache Roller project needs your help. This blog entry explains why Roller needs your help and how you can help. [Read More]

Apache Roller 4.0 Beginners Guide

12.17.2009 | 0 Comments

Alfonso Romero's new book Apache Roller 4.0 Beginners Guide is now available and it looks like a great resource for Roller beginners and even for more experienced users who want a step-by-step guide to customizing their Roller blog.

Here's the cover:

Roller book cover

And here's a blurb from the publisher's site:

Apache Roller enables you to build a fully-featured, multi-user blog server apt for all kinds of blogging sites. It is an ideal tool to create your own blogging network with unlimited users and blogs, forums, photo galleries, and more! While it is exciting to have a list of interesting features it can offer you, it might be a little difficult to get started with it by your self.

This book will teach you how to get started with Apache Roller and make the most of all its features using step-by-step, detailed instructions. You will learn how to establish your internet presence with an Apache Roller blog and use the latest web tools to enhance your posts and attract visitors. You will also learn how to promote your blog on popular social bookmarking services and customize it to suit your need.

There's also a very nice except of the book available online:

Working with Templates in Apache Roller 4.0

You can read more on the book's homepage at Pakt Publishing.

One more thing before I close out this entry: Big congratulations to Alfonso and thanks for helping beginning Roller users everywhere!

Main | Next page »