Project Roller
Blogs, news and views
Blog Better! Roller is the open source Java blog server that drives Apache Software Foundation blogs and others. Read more on the about page.
Quick Links
Navigation
Apache Roller 5.2.3 released
07.11.2019 by Dave Johnson | 0 Comments
The Apache Roller community is pleased to announce the release of Roller v5.2.3, a bug fix release with some minor improvements. You can find the list of fixes and improvements at the end of this email.
Release may be downloaded from the Roller project download page:
http://roller.apache.org/downloads/downloads.html
Roller 5.2.3 also fixes a Cross-site Scripting (XSS) vulnerability (CVE-2019-0234) in Roller's comment authenticator, so users are strongly encouraged to upgrade as soon as possible.Thanks,
The Apache Roller community
Changes in Roller 5.2.3
Bug fixes:
[ROL-2100] - HTTPS Scheme Enforcement feature removed
[ROL-2127] - Automatic database upgrade fails
[ROL-2129] - duplicate index on roller_oauthconsumer as Primary Key
[ROL-2132] - Remember-me fails when LDAP used for auth
[ROL-2135] - Comment Authenticator fix
[ROL-2138] - NOTICE file does not have standard content
[ROL-2143] - Fix mvn jetty:run
Improvements:
[ROL-2137] - Require rememberme.key to be set
Tests:
[ROL-2142] - Skip RSS/Atom feed fetcher tests on Java 1.7