Thanks to you both for the testing and feedback. For some reason Greg's email got routed to my spam folder and I did not see it until going to the archives today: https://lists.apache.org/thread/033pr0jqtxg2ls1gw36sx8so5vz0pp2q
I'll sort this out and get another RC ready in the next few days. Dave On Sun, Mar 16, 2025 at 7:39 PM Michael Bien <mbie...@gmail.com> wrote: > thanks for the reminder, i got swamped with things, then I forgot about > this vote - sorry. > > Unfortunately I encountered the same security violation errors (code 500) > as Greg. > > e.g table creation for example doesn't work for me without navigating back > again and pressing the button again - second attempt works. (page reload is > not sufficient, I have to navigate back) > > when I navigate out of the roller-ui to a blog entry for example. wait 3s > and press back i get "document expired" error from firefox, reload produces > the security error again. > > -1 from me unfortunately due to the regression > > best regards, > michael > > > On 3/16/25 18:07, Dave wrote: > > Just a gentle reminder that we have a release to vote out. Please take a > > look and cast your vote. > > > > Dave > > > > > > On Wed, Feb 19, 2025 at 6:44 PM Dave <snoopd...@gmail.com> wrote: > > > >> Dear Apache Roller Community, > >> > >> I am pleased to call for a vote on the release of Apache Roller > 6.1.5-RC1. > >> This release includes significant improvements to session management, > >> security enhancements, and important dependency updates. The release > >> candidate files can be found at: > >> > >> https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.5/ > >> > >> Please review the release candidate and cast your vote: > >> > >> [ ] +1 Release this package as Apache Roller 6.1.5 > >> [ ] 0 No opinion > >> [ ] -1 Do not release this package because... > >> > >> The vote will be open for at least 72 hours. > >> > >> ## Key Changes in Apache Roller 6.1.5 > >> > >> ### Security & Session Management > >> * New RollerLoginSessionManager implementation for improved session > >> tracking > >> * Enhanced session invalidation for disabled users and password changes > >> * Improved cache handling for user sessions > >> > >> ### Dependency Updates > >> * Added Java 23 support to test matrix > >> * Log4j2 updated to 2.24.3 > >> * Lucene updated to 9.12.1 > >> * Spring Security updated to 5.8.14 > >> * Ant updated to 1.10.15 > >> * Commons libraries refreshed to latest versions > >> * jQuery UI updated to 1.14.1 > >> > >> ### UI Improvements > >> * New SVG favicons for better visual scaling across devices > >> * Updated web interface components > >> > >> ### Testing Enhancements > >> * New comprehensive test suite for session management > >> * Enhanced Selenium test compatibility > >> * Additional unit test coverage > >> > >> ## Complete Dependency Updates > >> * ASM 9.7 → 9.7.1 > >> * Commons Codec 1.17.1 → 1.18.0 > >> * Commons Text 1.12.0 → 1.13.0 > >> * Commons Lang3 3.16.0 → 3.17.0 > >> * Eclipse Link 4.0.4 → 4.0.5 > >> * Mockito 5.12.0 → 5.15.2 > >> * Instancio 5.0.1 → 5.3.0 > >> * Velocity 2.3 → 2.4.1 > >> > >> Thank you for your time and contributions to the Apache Roller project. > >> > >> Best regards, > >> Dave Johnson > >> > >> > >
