Apache Allura 1.8.1 released

New Features

Apache Allura 1.8.1 has been released. It contains a several improvements around spam prevention and content quality on discussions. It also includes a few performance optimizations, along with a number of fixes and smaller improvements. To see all the details, check out the release changelog.

Important Security Fix

CVE-2018-1319 Apache Allura HTTP response splitting

Severity: Important
Versions Affected: All

Attackers may craft URLs that cause HTTP response splitting. If a victim goes to a maliciously crafted URL, unwanted results may occur including XSS or service denial for the victim's browsing session.

Users of Allura should upgrade to Allura 1.8.1 immediately.

This issue was discovered by Everardo Padilla Saca

Get 1.8.1

Download Allura and install it today.