4f5ad9d313
This eliminates the last Makefile in our code base.
Also change the section style within ReleaseNotes from asciidoc style to
asciidoctor style.
Also I feel that put images/link.png under ReleaseNotes and deal with
all the resource packing is too stupid, so I used the unicode emoji
instead of the picture ("🔗"). If this is too crazy, we can also use "#"
instead :) This also affects documentation rendering.
Other side effects:
1. The css of release notes switched from default asciidoc css into
default asciidoctor css.
2. The section anchors for ReleaseNotes/index.html changed from "2_13"
to "s2_13", because asciidoctorj is unhappy with anchors without
letters.
Change-Id: I4adf2ce090385cc6b699445012f10a009892aaac
21 lines
760 B
Plaintext
21 lines
760 B
Plaintext
= Release notes for Gerrit 2.5.3
|
|
|
|
Gerrit 2.5.3 is now available:
|
|
|
|
link:https://www.gerritcodereview.com/download/gerrit-2.5.3.war[https://www.gerritcodereview.com/download/gerrit-2.5.3.war]
|
|
|
|
There are no schema changes from any of the 2.5.x versions.
|
|
|
|
However, if upgrading from a version older than 2.5, follow the upgrade
|
|
procedure in the 2.5 link:ReleaseNotes-2.5.html[Release Notes].
|
|
|
|
== Security Fixes
|
|
* Patch vulnerabilities in OpenID client library
|
|
+
|
|
Installations using OpenID for authentication were vulnerable to a
|
|
number of attacks over the network. The openid4java client library
|
|
was identified as the entry point. In this release Gerrit updated to
|
|
the latest 0.9.8 release, which patches the known attack vectors.
|
|
|
|
No other changes since 2.5.2.
|