Thanks. --> TOMAHAWK-1025
On 6/16/07, Matthias Wessendorf <[EMAIL PROTECTED]> wrote:
Manfred, I noticed, that the Javadoc JAR doesn't contain notice and license. Thanks, Matthias On 6/13/07, Manfred Geiler <[EMAIL PROTECTED]> wrote: > The Apache MyFaces team is pleased to announce the release of "MyFaces > Tomahawk 1.1.6". > > Please note: This release is a security update that fixes a severe > cross-site scripting vulnerability when using the "autoscroll" feature > (CVE-2007-3101). > > MyFaces Tomahawk provides a series of JavaServer Faces components that > go beyond the JSF specification. These components are compatible with > the Sun JSF 1.1 Reference Implementation (RI) or any other JSF 1.1 > compatible implementation. Of course the custom components can also be > used with the Apache JSF implementation "MyFaces Core 1.1.5". > > MyFaces Tomahawk 1.1.6 is available in both binary and source distributions. > > * http://myfaces.apache.org/download.html > > MyFaces Tomahawk is also available in the central Maven repository > under Group ID "org.apache.myfaces.tomahawk". > > Enjoy! > Manfred > > > > Release Notes - MyFaces Tomahawk - Version 1.1.6 > > ** Bug > * [TOMAHAWK-983] - Cross-site scripting in autoscroll parameter > * [TOMAHAWK-1021] - CVE-2007-3101 > -- Matthias Wessendorf further stuff: blog: http://matthiaswessendorf.wordpress.com/ mail: matzew-at-apache-dot-org
-- http://www.irian.at Your JSF powerhouse - JSF Consulting, Development and Courses in English and German Professional Support for Apache MyFaces
