All Versions
- DSpace 7.x (Current Release)
- DSpace 8.x (Unreleased)
- DSpace 6.x (EOL)
- DSpace 5.x (EOL)
- More Versions...
Page History
...
Welcome to Release 6.something, a security and bug-fix release for the DSpace 6.x platform. For information on upgrading to DSpace 6, please see Upgrading DSpace.
5.1??? Release Notes
| Note | ||
|---|---|---|
| ||
DSpace 5.1 contains security fixes for both the XMLUI and JSPUI. To ensure your 5.x site is secure, we highly recommend all DSpace 5.x users upgrade to DSpace 5.1. We also highly recommend removing any "allowLinking=true" settings from your Tomcat's <Context> configuration. Previously our installation documentation erroneously listed examples which included "allowLinking=true", while the Tomcat documentation lists it as a possible security concern. The XMLUI Directory Traversal Vulnerability (see below) is also exacerbated by this setting. |
| Info | ||
|---|---|---|
| ||
Several of the security vulnerabilities patched in DSpace 5.1 (and backported to 4.3 and 3.4) also affect sites running unsupported DSpace 1.x.x releases. In order to ensure your site is patched, we highly recommend upgrading to DSpace 3.4, DSpace 4.3 or DSpace 5.1. If you are considering an upgrade from DSpace 1.x.x, note that, as of DSpace 5, your existing data (i.e. database contents, search/browse indexes) will now be automatically upgraded from ANY prior version of DSpace. Therefore, you may wish to consider upgrading directly to DSpace 5.1, as the 5.x upgrade process is simplified. |
DSpace 5.1??? is a security and bug fix release to resolve several issues located in DSpace 5.0. As it only provides only bug fixes, DSpace 5.1 should constitute an easy upgrade from DSpace 5.0 for most users. No database changes or additional configuration changes should be necessary when upgrading from DSpace 5.0 to 5.1.
...
In addition, this release fixes a variety of minor bugs in the 5.0??? release.
For more information, see the Changes in 5.x page.
...
Overview
Content Tools