Versions Compared

Old Version 34

changes.mady.by.user Tim Donohue

Saved on

compared with

New Version 35

changes.mady.by.user Luigi Andrea Pascarelli (4Science)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info
titleOnline Version of Documentation also available

This documentation was produced with Confluence software. A PDF version was generated directly from Confluence. An online, updated version of this 4.x Documentation is also available at: https://wiki.duraspace.org/display/DSDOC4x


Welcome to Release 4.56, a security release for the DSpace 4.x platform. For information on upgrading to DSpace 4, please see Upgrading DSpace.  

 

4.6 Release Notes

 

Note
titleWe highly recommend ALL users of DSpace 4.x upgrade to 4.6

DSpace 4.6 contains security fix for both the XMLUI and JSPUI. To ensure your 4.x site is secure, we highly recommend ALL DSpace 4.x users upgrade to DSpace 4.6.

DSpace 4.6 upgrade instructions are available at: Upgrading DSpace

 

DSpace 4.5 is a security fix release to resolve an issue located in DSpace 4.x XMLUI and JSPUI. As it only provides security-fix, DSpace 4.6 should constitute an easy upgrade from DSpace 4.x for most users. No database changes or additional configuration changes should be necessary when upgrading from DSpace 4.x to 4.6.

 

This release addresses the following security issues discovered in DSpace 4.x and below:

 

  • security fix:
    • [HIGH SEVERITY]  XML External Entity (XXE) vulnerability in pdfbox. (DS-3309 - requires a JIRA account to access)
      • Reported by Seth Robbins


4.5 Release Notes

Note
titleWe highly recommend ALL users of DSpace 4.x upgrade to 4.5

DSpace 4.5 contains security fixes for both the XMLUI and JSPUI. To ensure your 4.x site is secure, we highly recommend ALL DSpace 4.x users upgrade to DSpace 4.5.

DSpace 4.5 upgrade instructions are available at: Upgrading DSpace

...