Versions Compared

Old Version 44

changes.mady.by.user Luigi Andrea Pascarelli (4Science)

Saved on

compared with

New Version 45

changes.mady.by.user Luigi Andrea Pascarelli (4Science)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


Welcome to Release 4.6, a security release for the DSpace 4.x platform. For information on upgrading to DSpace 4, please see Upgrading DSpace.  

 4.7 Release Notes
 

Note
titleWe highly recommend ALL users of DSpace 4.x upgrade to 4.7

DSpace 4.7 contain security fix for both the XMLUI and JSPUI. To ensure your 4.x site is secure, we highly recommend ALL DSpace 4.x users upgrade to DSpace 4.7.

DSpace 4.7 upgrade instructions are available at: Upgrading DSpace

 

D DSpace 4.7 is a security fix release to resolve an issue located in DSpace 4.x XMLUI and JSPUI. As it only provides a security-fix, DSpace 4.7 should constitute an easy upgrade from DSpace 4.x for most users. No database changes or additional configuration changes should be necessary when upgrading from DSpace 4.x to 4.7.

 This release addresses the following security issues discovered in DSpace 4.x and below:

  •  

...

  • JSPUI security fix:
  • JSPUI, XMLUI, REST security fix:
    • [MEDIUM SEVERITY] Bitstreams of embargoed and/or withdrawn items can be accessed by anyone (DS-3097 - requires a JIRA account to access)
      • Reported by Franziska Ackermann
         

 

In addition, this release fixes minor bugs in the 4.x releases. For more information, see the Changes in 4.x page.

 

...

4.6 Release Notes

Note
titleWe highly recommend ALL users of DSpace 4.x upgrade to 4.6

DSpace 4.6 contain security fix for both the XMLUI and JSPUI. To ensure your 4.x site is secure, we highly recommend ALL DSpace 4.x users upgrade to DSpace 4.6.

DSpace 4.6 upgrade instructions are available at: Upgrading DSpace

...