[axis-axis2-java-rampart] branch master updated: Update actions/setup-java to v2

2021-12-19 Thread veithen 
This is an automated email from the ASF dual-hosted git repository.

veithen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git


The following commit(s) were added to refs/heads/master by this push:
 new cbfc948  Update actions/setup-java to v2
cbfc948 is described below

commit cbfc9483d79a2b84cc3e1534517c39a09273e4b6
Author: Andreas Veithen 
AuthorDate: Sun Dec 19 12:33:10 2021 +

Update actions/setup-java to v2
---
 .github/workflows/ci.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9b68f51..b03bc9e 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -42,8 +42,9 @@ jobs:
   maven-java-${{ matrix.java }}-
   maven-
 - name: Set up Java
-  uses: actions/setup-java@v1
+  uses: actions/setup-java@v2
   with:
+distribution: 'zulu'
 java-version: ${{ matrix.java }}
 - name: Build
   run: mvn -B -e -Papache-release -Dgpg.skip=true verify

[axis-axis2-java-core] branch master updated: Add missing 1.7.x release notes

2021-12-19 Thread veithen 
This is an automated email from the ASF dual-hosted git repository.

veithen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-core.git


The following commit(s) were added to refs/heads/master by this push:
 new 7e44d61  Add missing 1.7.x release notes
7e44d61 is described below

commit 7e44d61ffd4670e7b1fc20f7cf29428ae6d3d497
Author: Andreas Veithen 
AuthorDate: Sun Dec 19 16:19:55 2021 +

Add missing 1.7.x release notes
---
 src/site/markdown/release-notes/1.7.1.md  | 12 
 src/site/markdown/release-notes/1.7.10.md |  0
 src/site/markdown/release-notes/1.7.2.md  |  7 +++
 src/site/markdown/release-notes/1.7.3.md  | 21 +
 src/site/markdown/release-notes/1.7.4.md  | 18 ++
 src/site/markdown/release-notes/1.7.5.md  | 10 ++
 src/site/markdown/release-notes/1.7.6.md  | 20 
 src/site/markdown/release-notes/1.7.7.md  |  7 +++
 src/site/markdown/release-notes/1.7.8.md  |  7 +++
 src/site/markdown/release-notes/1.7.9.md  |  7 +++
 src/site/site.xml |  9 +
 11 files changed, 118 insertions(+)

diff --git a/src/site/markdown/release-notes/1.7.1.md 
b/src/site/markdown/release-notes/1.7.1.md
new file mode 100644
index 000..5d27872
--- /dev/null
+++ b/src/site/markdown/release-notes/1.7.1.md
@@ -0,0 +1,12 @@
+Apache Axis2 1.7.1 Release Note
+---
+
+Apache Axis2 1.7.1 is a maintenance release that fixes a critical issue in ADB
+causing it to produce messages that don't conform to the XML schema (see
+[AXIS2-5741][]). All users of ADB in Axis2 1.7.0 should upgrade to 1.7.1
+as soon as possible.
+
+This release also fixes an issue with the Eclipse plugins (see [AXIS2-5738][]).
+
+[AXIS2-5741]: https://issues.apache.org/jira/browse/AXIS2-5741
+[AXIS2-5738]: https://issues.apache.org/jira/browse/AXIS2-5738
diff --git a/src/site/markdown/release-notes/1.7.10.md 
b/src/site/markdown/release-notes/1.7.10.md
new file mode 100644
index 000..e69de29
diff --git a/src/site/markdown/release-notes/1.7.2.md 
b/src/site/markdown/release-notes/1.7.2.md
new file mode 100644
index 000..5498e03
--- /dev/null
+++ b/src/site/markdown/release-notes/1.7.2.md
@@ -0,0 +1,7 @@
+Apache Axis2 1.7.2 Release Note
+---
+
+Apache Axis2 1.7.2 is a maintenance release that upgrades Apache Axiom to
+version 1.2.19 and fixes several [issues][1] reported since 1.7.1.
+
+[1]: 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=10611&version=12334939
diff --git a/src/site/markdown/release-notes/1.7.3.md 
b/src/site/markdown/release-notes/1.7.3.md
new file mode 100644
index 000..bd69af6
--- /dev/null
+++ b/src/site/markdown/release-notes/1.7.3.md
@@ -0,0 +1,21 @@
+Apache Axis2 1.7.3 Release Note
+---
+
+Apache Axis2 1.7.3 is a security release that contains a fix for 
[CVE-2010-3981][]. That security
+vulnerability affects the admin console that is part of the Axis2 Web 
application and was originally
+reported for SAP BusinessObjects (which includes a version of Axis2). That 
report didn't mention
+Axis2 at all and the Axis2 project only recently became aware (thanks to 
Devesh Bhatt and Nishant
+Agarwala) that the issue affects Apache Axis2 as well.
+
+The admin console now has a CSRF prevention mechanism and all known XSS 
vulnerabilities as well as
+two non-security bugs in the admin console ([AXIS2-4764][] and [AXIS2-5716][]) 
have been fixed.
+Users of the Axis2 WAR distribution are encouraged to upgrade to 1.7.3 to take 
advantage of these
+improvements.
+
+This release also fixes a regression in the HTTP client code that is triggered 
by the presence of
+certain types of cookies in HTTP responses (see [AXIS2-5772][]).
+
+[CVE-2010-3981]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3981
+[AXIS2-4764]: https://issues.apache.org/jira/browse/AXIS2-4764
+[AXIS2-5716]: https://issues.apache.org/jira/browse/AXIS2-5716
+[AXIS2-5772]: https://issues.apache.org/jira/browse/AXIS2-5772
diff --git a/src/site/markdown/release-notes/1.7.4.md 
b/src/site/markdown/release-notes/1.7.4.md
new file mode 100644
index 000..addc610
--- /dev/null
+++ b/src/site/markdown/release-notes/1.7.4.md
@@ -0,0 +1,18 @@
+Apache Axis2 1.7.4 Release Note
+---
+
+Apache Axis2 1.7.4 is a maintenance release that includes fixes for several
+issues, including the following security issues:
+
+* Session fixation ([AXIS2-4739][]) and XSS ([AXIS2-5683][]) vulnerabilities
+  affecting the admin console.
+
+* A dependency on an Apache HttpClient version affected by known security
+  vulnerabilities (CVE-2012-6153 and CVE-2014-3577); see [AXIS2-5757][].
+
+The complete list of issues fixed in this version can be found [here][1].
+
+[AXIS2-4739]: https://issues.apache.org/jira/browse/AXIS2-4739
+[AXIS2-5683]: https://issues.apache.org/jira/browse/AXIS2-5683
+[AX

[axis-axis2-java-core] branch master updated: setup-java v2

2021-12-19 Thread veithen 
This is an automated email from the ASF dual-hosted git repository.

veithen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-core.git


The following commit(s) were added to refs/heads/master by this push:
 new 1cf184c  setup-java v2
 new b9e87c3  Merge pull request #241 from sullis/gha-temurin-jdk
1cf184c is described below

commit 1cf184c6df07313af868016f4673548bcca87b43
Author: Sean C. Sullivan 
AuthorDate: Sat Dec 18 19:46:52 2021 -0800

setup-java v2

https://github.com/actions/setup-java/blob/main/README.md
---
 .github/workflows/ci.yml | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9364ead..2a036e2 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -42,9 +42,10 @@ jobs:
   maven-java-${{ matrix.java }}-
   maven-
 - name: Set up Java
-  uses: actions/setup-java@v1
+  uses: actions/setup-java@v2
   with:
 java-version: ${{ matrix.java }}
+distribution: 'zulu'
 - name: Build
   run: mvn -B -e -Papache-release -Dgpg.skip=true verify
 - name: Remove Snapshots
@@ -66,9 +67,10 @@ jobs:
   maven-deploy-
   maven-
 - name: Set up Java
-  uses: actions/setup-java@v1
+  uses: actions/setup-java@v2
   with:
 java-version: 15
+distribution: 'zulu'
 server-id: apache.snapshots.https
 server-username: NEXUS_USER
 server-password: NEXUS_PW

[axis-axis2-java-core] branch master updated (b9e87c3 -> b83045d)

2021-12-19 Thread veithen 
This is an automated email from the ASF dual-hosted git repository.

veithen pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-core.git.


from b9e87c3  Merge pull request #241 from sullis/gha-temurin-jdk
 add b83045d  Bump maven-bundle-plugin from 5.1.2 to 5.1.3

No new revisions were added by this update.

Summary of changes:
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)