-
Bug
-
Resolution: Done
-
Major
-
9.0.0.CVE-2015-7501-GA
-
None
Tracker JIRA to house things to do to prepare for 9.0.1 / 9.1.0 branches & builds.
Because JBDS 9.0.0 includes the compromised version of
apache.commons.collections (JBDS-3560, JBDS-3561), we need to at some point respin it, which
will include:
a) updated JBT/JBDS target platforms 4.50.1.* and 4.51.1.*
b) repin of JBDS update sites and installer jars
To that end, I've created the following new branches:
https://github.com/jbosstools/jbosstools-target-platforms/commits/4.50.1.x
https://github.com/jbosstools/jbosstools-target-platforms/commits/4.51.1.x
And I've bumped the version of the target platforms in the 4.50.x and
4.51.x branches to 4.50.2.Beta1-SNAPSHOT and 4.51.2.Beta1-SNAPSHOT,
respectively.
JBDS is now at version 9.1.0 in the 4.3.x branch and 9.0.1 in the
4.3.1.x branch.
https://github.com/jbdevstudio/jbdevstudio-product/commits/jbosstools-4.3.1.x
(new, 9.0.1)
https://github.com/jbdevstudio/jbdevstudio-product/commits/jbosstools-4.3.x
(updated to 9.1.0)
So, now we just need to ensure that the correct BUILD_ALIAS (CR1 for
9.0.1, Beta1 for 9.1.0) and target platforms are used.