Friday, July 22, 2016

DSpace 5.5 Security and Bug Fixes Release

The 5.5 Release provides security fixes to both the XMLUI and JSPUI, along with bug fixes to the 5.x platform in general. Download 5.5 release 

Major bug fixes include:
  • XMLUI security fix
    • [HIGH SEVERITY] Directory traversal vulnerability in all XMLUI themes
  • JSPUI security fix
    • [MEDIUM SEVERITY] Directory traversal vulnerability in the JSPUI "Edit News" feature
  • REST fixes
    • Fixed the "/handle" endpoint (DS-2936)
    • REST webapp wasn't registering itself on startup (DS-2946)
  • OAI fixes
    • Fixed a few incorrect URL encoding issue (DS-3050)
    • Fixed the broken "NOT" filter (DS-2820)
  • Configuration Fixes
    • Fixed misspelling in dcterms registry (conformsTo) (DS-2998
    • Updated our default DataCite configurations to point at the updated DataCite test server (DS-2923)
  • Other minor fixes
    • Broken SQL query in Item.findByMetadataFieldAuthority API method (DS-2517)
    • Mirage2: Ensured printing the item page from doesn't include bitstream URLs (DS-2893)
For much more information on each of these and other fixes, please visit our DSpace 5.x Release Notes.
Post a Comment

Dspace Demo