All Versions


DSpace Documentation


Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note
titleWe highly recommend ALL users of DSpace 4.x upgrade to 4.78

DSpace 4.8 contain security fixes for both the XMLUI and JSPUI. To ensure your 4.x site is secure, we highly recommend ALL DSpace 4.x users upgrade to DSpace 4.8.

DSpace 4.8 upgrade instructions are available at: Upgrading DSpace

...

  • DSpace API security fixes:
    • [LOW HIGH SEVERITY]  Apache Commons Collections vulnerability (COLLECTIONS-580) (DS-3520   BasicWorkflow system is vulnerable to unauthorized manipulations (DS-3647 - requires a JIRA account to access)
      • Reported by Alan Orthby Pascal-Nicolas Becker
    • [HIGH LOW SEVERITY]  BasicWorkflow system is vulnerable to unauthorized manipulations (was: DS-3431  Apache Commons Collections vulnerability (COLLECTIONS-580) (DS-36473520 - requires a JIRA account to access)
      • Reported by
      Pascal-Nicolas Becker
      • Alan Orth

In addition, this release fixes minor bugs in the 4.x releases. For more information, see the Changes in 4.x page.

...

The following individuals provided code or bug fixes to the 4.8 release: Pascal-Nicolas Becker (pnbecker), Tim Donohue (tdonohue), Samuel Cambien (samuelcambien), Jonas Van Goolen (Jonas VG (atmire)), Mark Wood (mwood).

 4.7 Release Notes 

Note
titleWe highly recommend ALL users of DSpace 4.x upgrade to 4.7

DSpace 4.7 contain security fix for both the XMLUI and JSPUI. To ensure your 4.x site is secure, we highly recommend ALL DSpace 4.x users upgrade to DSpace 4.7.

DSpace 4.7 upgrade instructions are available at: Upgrading DSpace

...