jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Jackrabbit: Welcome to Apache Jackrabbit (page edited)
Date Thu, 29 Jan 2009 17:32:00 GMT
Welcome to Apache Jackrabbit (JCR) edited by Jukka Zitting
      Page: http://cwiki.apache.org/confluence/display/JCR/Welcome+to+Apache+Jackrabbit
   Changes: http://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=68666&originalVersion=27&revisedVersion=28


Apache Jackrabbit is a fully conforming implementation of the Content Repository for Java
Technology API (JCR). A content repository is a hierarchical content store with support for
structured and unstructured content, full text search, versioning, transactions, observation,
and more. Typical applications that use content repositories include content management, document
management, and records management systems.

Version 1.0 of the JCR API was specified by the [Java Specification Request 170|http://jcp.org/en/jsr/detail?id=170]
(JSR 170) and work on the JCR version 2.0 has begun in [JSR 283|http://jcp.org/en/jsr/detail?id=283].

Apache Jackrabbit is a project of the [Apache Software Foundation|http://www.apache.org/].

h2. Apache Jackrabbit News

*January 29, 2009: Michael Dürig joins the Jackrabbit team as a committer*
The Jackrabbit PMC recently decided to offer Michael committership based on his contributions
especially to the SPI layer. Michael accepted, and as of today he is a committer and a PMC
member of the Apache Jackrabbit project. See the [Jackrabbit Team] page for the rest of our

*January 29, 2009: jackrabbit-core 1.4.8 released*
This release fixes a number of minor issues. See the [downloads page|Downloads] for more details.

*January 20, 2009: Apache Jackrabbit 1.5.2 released*
Apache Jackrabbit 1.5.2 is a security and bug fix release that fixes issues reported against
previous releases. This release is fully compatible with the earlier 1.5.0 release. See the
[downloads page|Downloads] for more details.

{note:title=CVE-2009-0026: Cross site scripting issues in webapp (JCR-1925)}
The search.jsp and swr.jsp pages in the Jackrabbit webapp are vulnerable to script injection.
This release fixes the issue by properly escaping all user input.

This issue affects both the Jackrabbit 1.4 and 1.5.0 releases. If you are unable to upgrade
to 1.5.2 at this point, you can work around this issue by disabling the search.jsp and swr.jsp
pages in the Jackrabbit webapp.

*January 20, 2009: jackrabbit-core 1.4.7 released*
This release fixes a number of minor issues.

*December 8, 2008: Apache Jackrabbit 1.5.0 released*
Apache Jackrabbit 1.5 is an incremental feature release. While remaining compatible with previous
releases, Jackrabbit 1.5 introduces a number of new features, improvements and fixes to known

See the [news archive|News archive] for past news.

This message is automatically generated by Confluence

Unsubscribe or edit your notifications preferences

If you think it was sent incorrectly contact one of the administrators

If you want more information on Confluence, or have a bug to report see

View raw message