svn commit: r1601081 - in /struts/site/trunk: content/index.html content/submitting-patches.html source/index.html source/submitting-patches.md
Author: lukaszlenart
Date: Sat Jun 7 09:40:12 2014
New Revision: 1601081
URL: http://svn.apache.org/r1601081
Log:
Adds info and note about Google's patch reward program
Modified:
struts/site/trunk/content/index.html
struts/site/trunk/content/submitting-patches.html
struts/site/trunk/source/index.html
struts/site/trunk/source/submitting-patches.md
Modified: struts/site/trunk/content/index.html
URL:
http://svn.apache.org/viewvc/struts/site/trunk/content/index.html?rev=1601081&r1=1601080&r2=1601081&view=diff
==
--- struts/site/trunk/content/index.html (original)
+++ struts/site/trunk/content/index.html Sat Jun 7 09:40:12 2014
@@ -129,9 +129,10 @@
http://struts.apache.org/release/2.3.x/docs/version-notes-23163.html";>Version
notes
- Struts up to 2.3.16.1: Zero-Day Exploit Mitigation!
- In Struts 2.3.16.1, an issue with ClassLoader manipulation via
request parameters was supposed to be resolved. Unfortunately,
-the correction wasn't sufficient, read more
+ Google's Patch Rewards program
+ During http://www.meetup.com/sfhtml5/";>SFHTML5 Google
announced that they extend their program
+to cover the Apache Struts project as well. Now you can earn some many
preparing patches for us!
+read more
Modified: struts/site/trunk/content/submitting-patches.html
URL:
http://svn.apache.org/viewvc/struts/site/trunk/content/submitting-patches.html?rev=1601081&r1=1601080&r2=1601081&view=diff
==
--- struts/site/trunk/content/submitting-patches.html (original)
+++ struts/site/trunk/content/submitting-patches.html Sat Jun 7 09:40:12 2014
@@ -182,6 +182,34 @@ your fork and branch to compare the diff
http://wiki.apache.org/general/GitAtApache";>Git at Apache
+Google's Patch Reward program
+
+During http://www.meetup.com/sfhtml5/";>SFHTML5 Google
announced that they adding the Apache Struts project to
+https://www.google.com/about/appsecurity/patch-rewards/";>the
Google's Security Patch Reward Program.
+
+What does it mean?
+
+If you prepared a patch that eliminates a security vulnerability or
improves existing security mechanism
+you can get a bounty :-) You will find more details on
+http://googleonlinesecurity.blogspot.com/2013/10/going-beyond-vulnerability-rewards.html";>the
Google's blog
+ or under the link above, just to give you a quick guideline how does it
work:
+
+
+prepare a patch and submit it to our https://issues.apache.org/jira/browse/WW";>JIRA,
+it can be a Pull Request on GitHub as well, but must reference the JIRA
ticket.
+let us know that you did something great, post a message to Struts Dev mailing list
+we will review the patch and if it's a real great thing then we will
merge it into our code base
+just wait on official release of the Apache Struts and now you can request
the reward from Google :-)
+
+
+NOTE
+
+If you are concerned that your patch can disclose a security vulnerability,
instead of submitting it as a ticket,
+send it directly to the mailto:secur...@struts.apache.org";>Struts
Security team. This will give us the possibility
+to prepare a new release with your patch in secret.
+
+Have fun and code!
+
Modified: struts/site/trunk/source/index.html
URL:
http://svn.apache.org/viewvc/struts/site/trunk/source/index.html?rev=1601081&r1=1601080&r2=1601081&view=diff
==
--- struts/site/trunk/source/index.html (original)
+++ struts/site/trunk/source/index.html Sat Jun 7 09:40:12 2014
@@ -26,9 +26,10 @@ title: Welcome to the Apache Struts proj
http://struts.apache.org/release/2.3.x/docs/version-notes-{{
site.current_version_short }}.html">Version notes
- Struts up to 2.3.16.1: Zero-Day Exploit Mitigation!
- In Struts 2.3.16.1, an issue with ClassLoader manipulation via
request parameters was supposed to be resolved. Unfortunately,
-the correction wasn't sufficient, read more
+ Google's Patch Rewards program
+ During http://www.meetup.com/sfhtml5/";>SFHTML5 Google
announced that they extend their program
+to cover the Apache Struts project as well. Now you can earn some many
preparing patches for us!
+read more
Modified: struts/site/trunk/source/submitting-patches.md
URL:
http://svn.apache.org/viewvc/struts/site/trunk/source/submitting-patches.md?rev=1601081&r1=1601080&r2=1601081&view=diff
==
--- struts/site/trunk/source/submitting-patches.md (original)
+++ struts/site/trunk/source/submitting-patches.md Sat Jun 7 09:40:12 2014
@@ -77,3 +77,29 @@ Finally hit `Create Pull Request` button
## Further reading
* [Git at Apache](http://wiki.apache.org/general/GitAtApache)
+
+# Google's Patch R
svn commit: r911689 - in /websites/production/struts/content: index.html submitting-patches.html
Author: lukaszlenart Date: Sat Jun 7 09:41:03 2014 New Revision: 911689 Log: Updates production Modified: websites/production/struts/content/index.html websites/production/struts/content/submitting-patches.html Modified: websites/production/struts/content/index.html == --- websites/production/struts/content/index.html (original) +++ websites/production/struts/content/index.html Sat Jun 7 09:41:03 2014 @@ -129,9 +129,10 @@ http://struts.apache.org/release/2.3.x/docs/version-notes-23163.html";>Version notes - Struts up to 2.3.16.1: Zero-Day Exploit Mitigation! - In Struts 2.3.16.1, an issue with ClassLoader manipulation via request parameters was supposed to be resolved. Unfortunately, -the correction wasn't sufficient, read more + Google's Patch Rewards program + During http://www.meetup.com/sfhtml5/";>SFHTML5 Google announced that they extend their program +to cover the Apache Struts project as well. Now you can earn some many preparing patches for us! +read more Modified: websites/production/struts/content/submitting-patches.html == --- websites/production/struts/content/submitting-patches.html (original) +++ websites/production/struts/content/submitting-patches.html Sat Jun 7 09:41:03 2014 @@ -182,6 +182,34 @@ your fork and branch to compare the diff http://wiki.apache.org/general/GitAtApache";>Git at Apache +Google's Patch Reward program + +During http://www.meetup.com/sfhtml5/";>SFHTML5 Google announced that they adding the Apache Struts project to +https://www.google.com/about/appsecurity/patch-rewards/";>the Google's Security Patch Reward Program. + +What does it mean? + +If you prepared a patch that eliminates a security vulnerability or improves existing security mechanism +you can get a bounty :-) You will find more details on +http://googleonlinesecurity.blogspot.com/2013/10/going-beyond-vulnerability-rewards.html";>the Google's blog + or under the link above, just to give you a quick guideline how does it work: + + +prepare a patch and submit it to our https://issues.apache.org/jira/browse/WW";>JIRA, +it can be a Pull Request on GitHub as well, but must reference the JIRA ticket. +let us know that you did something great, post a message to Struts Dev mailing list +we will review the patch and if it's a real great thing then we will merge it into our code base +just wait on official release of the Apache Struts and now you can request the reward from Google :-) + + +NOTE + +If you are concerned that your patch can disclose a security vulnerability, instead of submitting it as a ticket, +send it directly to the mailto:secur...@struts.apache.org";>Struts Security team. This will give us the possibility +to prepare a new release with your patch in secret. + +Have fun and code! +
svn commit: r1601083 - in /struts/site/trunk: content/index.html source/index.html
Author: lukaszlenart
Date: Sat Jun 7 10:28:58 2014
New Revision: 1601083
URL: http://svn.apache.org/r1601083
Log:
Corrects typo
Modified:
struts/site/trunk/content/index.html
struts/site/trunk/source/index.html
Modified: struts/site/trunk/content/index.html
URL:
http://svn.apache.org/viewvc/struts/site/trunk/content/index.html?rev=1601083&r1=1601082&r2=1601083&view=diff
==
--- struts/site/trunk/content/index.html (original)
+++ struts/site/trunk/content/index.html Sat Jun 7 10:28:58 2014
@@ -129,7 +129,7 @@
http://struts.apache.org/release/2.3.x/docs/version-notes-23163.html";>Version
notes
- Google's Patch Rewards program
+ Google's Patch Reward program
During http://www.meetup.com/sfhtml5/";>SFHTML5 Google
announced that they extend their program
to cover the Apache Struts project as well. Now you can earn some many
preparing patches for us!
read more
Modified: struts/site/trunk/source/index.html
URL:
http://svn.apache.org/viewvc/struts/site/trunk/source/index.html?rev=1601083&r1=1601082&r2=1601083&view=diff
==
--- struts/site/trunk/source/index.html (original)
+++ struts/site/trunk/source/index.html Sat Jun 7 10:28:58 2014
@@ -26,7 +26,7 @@ title: Welcome to the Apache Struts proj
http://struts.apache.org/release/2.3.x/docs/version-notes-{{
site.current_version_short }}.html">Version notes
- Google's Patch Rewards program
+ Google's Patch Reward program
During http://www.meetup.com/sfhtml5/";>SFHTML5 Google
announced that they extend their program
to cover the Apache Struts project as well. Now you can earn some many
preparing patches for us!
read more
svn commit: r911694 - /websites/production/struts/content/index.html
Author: lukaszlenart Date: Sat Jun 7 10:30:20 2014 New Revision: 911694 Log: Updates production Modified: websites/production/struts/content/index.html Modified: websites/production/struts/content/index.html == --- websites/production/struts/content/index.html (original) +++ websites/production/struts/content/index.html Sat Jun 7 10:30:20 2014 @@ -129,7 +129,7 @@ http://struts.apache.org/release/2.3.x/docs/version-notes-23163.html";>Version notes - Google's Patch Rewards program + Google's Patch Reward program During http://www.meetup.com/sfhtml5/";>SFHTML5 Google announced that they extend their program to cover the Apache Struts project as well. Now you can earn some many preparing patches for us! read more
[CONF] Confluence Changes in the last 24 hours
Confluence Changes in the last 24 hours Apache OpenOffice Community Pages Page: Release Planning Template edited by Andrea Pescetti [11:55 AM] (View Changes) Apache Roller Pages Page: Release Process edited by Glen Mazza [11:52 PM] (View Changes) Page: How to build Roller edited by Glen Mazza [11:38 AM] (View Changes) Apache Stratos Pages Page: 4.0.0 Customizing Themes created by Mariangela Hills [12:44 AM] Traffic Server Pages Page: What's new in v5.0.x edited by James Peach [07:40 PM] (View Changes) This message was sent by Atlassian Confluence 5.0.3, Team Collaboration Software
