Marek has posted 3 posts at DZone. View Full User Profile

Seam 2.2.1.CR2 was released

08.12.2010
| 1592 views |
  • submit to reddit
Location: 
http://seamframework.org/Community/Seam221CR2IsAvailableForPublic
The Second Candidate Release of 2.2.1 was aimed to bring
security fixes and also bug fixes found in previous CR1. It is recommended to upgrade although it is not final release of 2.2.1.

This release is IMPORTANT, because it fixes the security issue in parametrized JBoss
Expression Language (EL) expressions - CVE-2010-1871. Seam team
thanks Meder Kydyraliev of the Google Security Team for responsibly
reporting this issue to JBoss.

Next security fix is in upgrade of Spring dependency from 2.5.6.SEC01 to
2.5.6.SEC02.

As addition to these security issue, we fixed 39 issues including some
performance ones and also bugs with JBoss AS 6 M3/4 or documentation
fixes. More in Release notes.

Seam downloads are available here

Documentation for 2.2.1.CR2 is available at http://www.seamframework.org/Seam2/Documentation (e.g
html doc.
0
Published at DZone with permission of its author, Marek Novotný.

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)