Old Release

This documentation relates to an old version of DSpace, version 6.x. Looking for another version? See all documentation.

Support for DSpace 6 ended on July 1, 2023. See Support for DSpace 5 and 6 is ending in 2023

Changes in 3.x

Created by Tim Donohue, last modified on Jul 22, 2022

Changes in DSpace 3.6

https://github.com/DSpace/DSpace/milestone/61?closed=1

Changes in DSpace 3.5

https://github.com/DSpace/DSpace/milestone/60?closed=1

Changes in DSpace 3.4

https://github.com/DSpace/DSpace/milestone/59?closed=1

This release includes the following security fixes.

DS-1702 - Cross-site scripting (XSS injection) is possible in JSPUI Recent Submissions listings
DS-2044 - Cross-site scripting (XSS injection) is possible in JSPUI Discovery search form
DS-2445 - XMLUI Directory Traversal Vulnerabilities
- Also resolves related, minor theme access issues DS-1896 and DS-2130.
DS-2448 - JSPUI Directory Traversal Vulnerability

Changes in DSpace 3.3

https://github.com/DSpace/DSpace/milestone/57?closed=1

Changes in DSpace 3.2

https://github.com/DSpace/DSpace/milestone/54?closed=1

This release also includes the following security fix:

DS-1603 - Resolves a security issue in JSPUI

Changes in DSpace 3.1

https://github.com/DSpace/DSpace/milestone/55?closed=1

Changes in DSpace 3.0

https://github.com/DSpace/DSpace/milestone/45?closed=1

No labels

All content on the LYRASIS Wiki is licensed under the CC BY (Attribution) license, unless otherwise noted.