Dear XebiaLabs community,
We are pleased to announce the release of Deployit 3.9.5. This minor version of Deployit includes security updates, improvements and bug fixes.
Please see below for the release notes. Don't forget to review the upgrade manual for general upgrade instructions as well as version-specific upgrade instructions and deprecation notes.
The XebiaLabs Team.
- [DEPL-6642] - Upgrade commons-fileupload to avoid security risks CVE-2013-0248, CVE-2014-0050
- [DEPL-6643] - Upgrade Jackrabbit to avoid security risk JCR-3630 XSS
- [DEPL-6644] - Upgrade Spring framework to avoid security risk CVE-2013-7315
- [DEPL-6645] - Upgrade RESTEasy to avoid security risks RESTEASY-662, RESTEASY-669, RESTEASY-670
- [DEPL-6646] - Upgrade Spring Security and Spring Security LDAP to avoid security risk CVE-2014-0097
- [DEPL-6647] - Remove AntiSamy and Xerces to avoid security risk CVE-2009-2625
- [DEPL-6661] - Upgrade to xstream 1.4.7 to avoid security risk CVE-2013-7285
[DEPL-6419] - Deprecate targetFileName property of file.Folder type
[DEPL-6722] - In the database-plugin, when using dependencies for rollback scripts the subfolders are not uploaded