publish 1.16 with security notice
diff --git a/_src/content/2023-allura-1.16.0.md b/_src/content/2023-allura-1.16.0.md
new file mode 100644
index 0000000..edfa6b7
--- /dev/null
+++ b/_src/content/2023-allura-1.16.0.md
@@ -0,0 +1,56 @@
+Title: Apache Allura 1.16.0 released with critical security fix
+Date: 2023-11-06
+Tags: release
+Slug: allura-1.16.0
+Summary: Version 1.16.0 of Allura released with critical security fix
+
+#### What's New?
+
+Apache Allura 1.16.0 has been released. It has a critical security fix and also drops Python 3.7 support.
+
+For full details of all the changes and fixes, see the [CHANGES file](https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES).
+
+#### Critical Security Fix
+
+CVE-2023-46851 sensitive information exposure via import
+
+Severity: Critical<br>
+Versions Affected: 1.0.1 through 1.15.0
+
+**Description:**<br>
+Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution.
+
+**Mitigation:**<br>
+Users of Allura should upgrade to Allura 1.16.0 immediately.
+
+If you are unable to upgrade, set this in your .ini config file:
+
+```
+disable_entry_points.allura.importers = forge-tracker, forge-discussion
+```
+
+That same .ini setting is also recommend for users who want maximum security on their Allura instance and don't need those importers available.
+
+**Credit:**<br>
+This issue was discovered by Stefan Schiller (Sonar)
+
+#### Python 3.8 through 3.11 supported
+
+This release drops support for Python 3.7 and supports Python 3.8 through Python 3.11
+
+#### Upgrade Instructions
+
+To install updated dependencies, run: `pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed`
+
+Run: `paster ensure_index development.ini` in Allura dir
+
+If switching to a new version of Python, you will need to make a completely new python virtual environment,
+and run `pip install ...` in it, and then use it to run Allura.
+
+If using docker, rebuild the allura image and restart containers.
+
+Feel free to ask any questions on the [dev mailing list](https://lists.apache.org/list.html?dev@allura.apache.org).
+
+#### Get 1.16.0
+
+[Download Allura](//allura.apache.org/download.html) and [install it](https://forge-allura.apache.org/docs/getting_started/installation.html) today.
diff --git a/_src/pelicanconf.py b/_src/pelicanconf.py
index a5be8f9..c7265bb 100644
--- a/_src/pelicanconf.py
+++ b/_src/pelicanconf.py
@@ -45,9 +45,9 @@
CURRENT_YEAR = dt.date.today().year
-RELEASE_VERSION = '1.15.0'
-RELEASE_DATE = 'Sep 2023'
-RELEASE_NEWS = 'posts/2023-allura-1.15.0.html'
+RELEASE_VERSION = '1.16.0'
+RELEASE_DATE = 'Nov 2023'
+RELEASE_NEWS = 'posts/2023-allura-1.16.0.html'
DIST_URL = 'https://downloads.apache.org/allura/'
FORGE_ALLURA_URL = 'https://forge-allura.apache.org/'
diff --git a/download.html b/download.html
index d9e681a..91dabd8 100644
--- a/download.html
+++ b/download.html
@@ -54,15 +54,15 @@
<div class="col-20 no-float auto-margin">
<div class="row">
<p class="pad-md">
- <a href="https://www.apache.org/dyn/closer.cgi/allura/allura-1.15.0.tar.gz">Download Allura v1.15.0</a>. This is the latest release of Apache Allura, released Sep 2023.
- <a href="posts/2023-allura-1.15.0.html">Read what's new.</a>
+ <a href="https://www.apache.org/dyn/closer.cgi/allura/allura-1.16.0.tar.gz">Download Allura v1.16.0</a>. This is the latest release of Apache Allura, released Nov 2023.
+ <a href="posts/2023-allura-1.16.0.html">Read what's new.</a>
</p>
<p>
Verify the download:
</p>
<ul>
- <li><a href="https://downloads.apache.org/allura/allura-1.15.0.tar.gz.sha512">SHA-512</a> checksum</li>
- <li>PGP <a href="https://downloads.apache.org/allura/allura-1.15.0.tar.gz.asc">signature</a> & <a href="https://downloads.apache.org/allura/KEYS">keys</a></li>
+ <li><a href="https://downloads.apache.org/allura/allura-1.16.0.tar.gz.sha512">SHA-512</a> checksum</li>
+ <li>PGP <a href="https://downloads.apache.org/allura/allura-1.16.0.tar.gz.asc">signature</a> & <a href="https://downloads.apache.org/allura/KEYS">keys</a></li>
</ul>
<p>
<a href="https://www.apache.org/info/verification.html">Instructions for how to verify a download using these files.</a>
diff --git a/feeds/all.atom.xml b/feeds/all.atom.xml
index 23c2c57..250cc25 100644
--- a/feeds/all.atom.xml
+++ b/feeds/all.atom.xml
@@ -1,5 +1,33 @@
<?xml version="1.0" encoding="utf-8"?>
-<feed xmlns="http://www.w3.org/2005/Atom"><title>Apache Allura</title><link href="//allura.apache.org/" rel="alternate"></link><link href="//allura.apache.org/feeds/all.atom.xml" rel="self"></link><id>//allura.apache.org/</id><updated>2023-09-18T00:00:00+00:00</updated><entry><title>Apache Allura 1.15.0 released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html" rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><updated>2023-09-18T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2023-09-18:/posts/2023-allura-1.15.0.html</id><summary type="html"><p>Version 1.15.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4>
+<feed xmlns="http://www.w3.org/2005/Atom"><title>Apache Allura</title><link href="//allura.apache.org/" rel="alternate"></link><link href="//allura.apache.org/feeds/all.atom.xml" rel="self"></link><id>//allura.apache.org/</id><updated>2023-11-06T00:00:00+00:00</updated><entry><title>Apache Allura 1.16.0 released with critical security fix</title><link href="//allura.apache.org/posts/2023-allura-1.16.0.html" rel="alternate"></link><published>2023-11-06T00:00:00+00:00</published><updated>2023-11-06T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2023-11-06:/posts/2023-allura-1.16.0.html</id><summary type="html"><p>Version 1.16.0 of Allura released with critical security fix</p></summary><content type="html"><h4>What's New?</h4>
+<p>Apache Allura 1.16.0 has been released. It has a critical security fix and also drops Python 3.7 support.</p>
+<p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p>
+<h4>Critical Security Fix</h4>
+<p>CVE-2023-46851 sensitive information exposure via import </p>
+<p>Severity: Critical<br>
+Versions Affected: 1.0.1 through 1.15.0</p>
+<p><strong>Description:</strong><br>
+Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution.</p>
+<p><strong>Mitigation:</strong><br>
+Users of Allura should upgrade to Allura 1.16.0 immediately.</p>
+<p>If you are unable to upgrade, set this in your .ini config file:</p>
+<div class="highlight"><pre><span></span><code>disable_entry_points.allura.importers = forge-tracker, forge-discussion
+</code></pre></div>
+
+<p>That same .ini setting is also recommend for users who want maximum security on their Allura instance and don't need those importers available.</p>
+<p><strong>Credit:</strong><br>
+This issue was discovered by Stefan Schiller (Sonar)</p>
+<h4>Python 3.8 through 3.11 supported</h4>
+<p>This release drops support for Python 3.7 and supports Python 3.8 through Python 3.11</p>
+<h4>Upgrade Instructions</h4>
+<p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p>
+<p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p>
+<p>If switching to a new version of Python, you will need to make a completely new python virtual environment,
+and run <code>pip install ...</code> in it, and then use it to run Allura.</p>
+<p>If using docker, rebuild the allura image and restart containers.</p>
+<p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?dev@allura.apache.org">dev mailing list</a>.</p>
+<h4>Get 1.16.0</h4>
+<p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.15.0 released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html" rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><updated>2023-09-18T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2023-09-18:/posts/2023-allura-1.15.0.html</id><summary type="html"><p>Version 1.15.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4>
<p>Apache Allura 1.15.0 has been released, after a long time since 1.14.0. This release adds support for more Python versions (see next section) and Content-Security-Policy headers. Many other fixes and improvements are also included, they relate to SEO, performance and different parts of Allura.</p>
<p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p>
<h4>Python 3.7 through 3.11 supported</h4>
diff --git a/feeds/tag.release.atom.xml b/feeds/tag.release.atom.xml
index a83d9e4..2b7e98c 100644
--- a/feeds/tag.release.atom.xml
+++ b/feeds/tag.release.atom.xml
@@ -1,5 +1,33 @@
<?xml version="1.0" encoding="utf-8"?>
-<feed xmlns="http://www.w3.org/2005/Atom"><title>Apache Allura - release</title><link href="//allura.apache.org/" rel="alternate"></link><link href="//allura.apache.org/feeds/tag.release.atom.xml" rel="self"></link><id>//allura.apache.org/</id><updated>2023-09-18T00:00:00+00:00</updated><entry><title>Apache Allura 1.15.0 released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html" rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><updated>2023-09-18T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2023-09-18:/posts/2023-allura-1.15.0.html</id><summary type="html"><p>Version 1.15.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4>
+<feed xmlns="http://www.w3.org/2005/Atom"><title>Apache Allura - release</title><link href="//allura.apache.org/" rel="alternate"></link><link href="//allura.apache.org/feeds/tag.release.atom.xml" rel="self"></link><id>//allura.apache.org/</id><updated>2023-11-06T00:00:00+00:00</updated><entry><title>Apache Allura 1.16.0 released with critical security fix</title><link href="//allura.apache.org/posts/2023-allura-1.16.0.html" rel="alternate"></link><published>2023-11-06T00:00:00+00:00</published><updated>2023-11-06T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2023-11-06:/posts/2023-allura-1.16.0.html</id><summary type="html"><p>Version 1.16.0 of Allura released with critical security fix</p></summary><content type="html"><h4>What's New?</h4>
+<p>Apache Allura 1.16.0 has been released. It has a critical security fix and also drops Python 3.7 support.</p>
+<p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p>
+<h4>Critical Security Fix</h4>
+<p>CVE-2023-46851 sensitive information exposure via import </p>
+<p>Severity: Critical<br>
+Versions Affected: 1.0.1 through 1.15.0</p>
+<p><strong>Description:</strong><br>
+Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution.</p>
+<p><strong>Mitigation:</strong><br>
+Users of Allura should upgrade to Allura 1.16.0 immediately.</p>
+<p>If you are unable to upgrade, set this in your .ini config file:</p>
+<div class="highlight"><pre><span></span><code>disable_entry_points.allura.importers = forge-tracker, forge-discussion
+</code></pre></div>
+
+<p>That same .ini setting is also recommend for users who want maximum security on their Allura instance and don't need those importers available.</p>
+<p><strong>Credit:</strong><br>
+This issue was discovered by Stefan Schiller (Sonar)</p>
+<h4>Python 3.8 through 3.11 supported</h4>
+<p>This release drops support for Python 3.7 and supports Python 3.8 through Python 3.11</p>
+<h4>Upgrade Instructions</h4>
+<p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p>
+<p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p>
+<p>If switching to a new version of Python, you will need to make a completely new python virtual environment,
+and run <code>pip install ...</code> in it, and then use it to run Allura.</p>
+<p>If using docker, rebuild the allura image and restart containers.</p>
+<p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?dev@allura.apache.org">dev mailing list</a>.</p>
+<h4>Get 1.16.0</h4>
+<p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.15.0 released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html" rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><updated>2023-09-18T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2023-09-18:/posts/2023-allura-1.15.0.html</id><summary type="html"><p>Version 1.15.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4>
<p>Apache Allura 1.15.0 has been released, after a long time since 1.14.0. This release adds support for more Python versions (see next section) and Content-Security-Policy headers. Many other fixes and improvements are also included, they relate to SEO, performance and different parts of Allura.</p>
<p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p>
<h4>Python 3.7 through 3.11 supported</h4>
diff --git a/index.html b/index.html
index 5cfa5ab..61f6e85 100644
--- a/index.html
+++ b/index.html
@@ -84,18 +84,18 @@
<h3 class="text-center">Get the Latest Version of Allura</h3>
<div class="row pad-vert-md">
<div id="release" class="col-12 auto-margin pad-vert-xs text-center">
- <a href="//allura.apache.org/download.html"><button class="auto-margin">Download v1.15.0</button></a>
- <span class="text-white">Sep 2023 —</span>
- <a href="posts/2023-allura-1.15.0.html">What's New</a>
+ <a href="//allura.apache.org/download.html"><button class="auto-margin">Download v1.16.0</button></a>
+ <span class="text-white">Nov 2023 —</span>
+ <a href="posts/2023-allura-1.16.0.html">What's New</a>
</div>
<div id="news" class="col-12 auto-margin pad-vert-xs text-center">
<h5>News</h5>
<ul>
+ <li><a href="//allura.apache.org/posts/2023-allura-1.16.0.html">Apache Allura 1.16.0 released with critical security fix</a></li>
<li><a href="//allura.apache.org/posts/2023-allura-1.15.0.html">Apache Allura 1.15.0 released</a></li>
<li><a href="//allura.apache.org/posts/2022-allura-1.14.0.html">Apache Allura 1.14.0 released</a></li>
<li><a href="//allura.apache.org/posts/2021-allura-1.13.0.html">Apache Allura 1.13.0 released</a></li>
<li><a href="//allura.apache.org/posts/2019-allura-1.12.0.html">Apache Allura 1.12.0 released</a></li>
- <li><a href="//allura.apache.org/posts/2019-allura-1.11.1.html">Apache Allura 1.11.1 released</a></li>
<li><a href="//allura.apache.org/news.html">All News →</a></li>
</ul>
</div>
diff --git a/news.html b/news.html
index 45d8591..1b18538 100644
--- a/news.html
+++ b/news.html
@@ -53,6 +53,17 @@
<div class="row bg-white pad-bot-md text-center">
<div class="row pad-top-md">
+ <h3><a class="text-black" href="//allura.apache.org/posts/2023-allura-1.16.0.html">Apache Allura 1.16.0 released with critical security fix</a></h3>
+ </div>
+
+ <div class="post-info">
+ Published:
+ <abbr class="published" title="2023-11-06T00:00:00+00:00">
+ Mon 06 November 2023
+ </abbr>
+ </div>
+ <div class="entry-content"> <p>Version 1.16.0 of Allura released with critical security fix</p> </div>
+ <div class="row pad-top-md">
<h3><a class="text-black" href="//allura.apache.org/posts/2023-allura-1.15.0.html">Apache Allura 1.15.0 released</a></h3>
</div>
diff --git a/posts/2023-allura-1.16.0.html b/posts/2023-allura-1.16.0.html
new file mode 100644
index 0000000..e76bc7e
--- /dev/null
+++ b/posts/2023-allura-1.16.0.html
@@ -0,0 +1,135 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ <title> Apache Allura 1.16.0 released with critical security fix
+</title>
+ <meta charset="utf-8">
+ <meta name="description" content="Allura is an open source implementation of a software forge, a site that manages source code repositories, bug reports, discussions, and more for projects.">
+ <meta name="keywords" content="">
+ <meta name="author" content="">
+ <link rel="canonical" href="//allura.apache.org">
+
+ <!-- Facebook Meta Info-->
+ <meta property="og:url" content="//allura.apache.org">
+ <meta property="og:image" content="//allura.apache.org/theme/img/logo-asf-apache.png">
+ <meta property="og:description" content="Allura is an open source implementation of a software forge, a site that manages source code repositories, bug reports, discussions, and more for projects.">
+ <meta property="og:title" content="Apache Allura">
+ <meta property="og:site_name" content="Apache Allura">
+ <meta property="og:see_also" content="//allura.apache.org">
+
+ <!-- Twitter Meta Info-->
+ <meta name="twitter:card" content="Allura is an open source implementation of a software forge, a site that manages source code repositories, bug reports, discussions, and more for projects.">
+ <meta name="twitter:url" content="//allura.apache.org">
+ <meta name="twitter:title" content="Apache Allura">
+ <meta name="twitter:description" content="Allura is an open source implementation of a software forge, a site that manages source code repositories, bug reports, discussions, and more for projects.">
+ <meta name="twitter:image" content="//allura.apache.org/theme/img/logo-asf-apache.png">
+
+ <!-- Google+ Meta Info-->
+ <meta itemprop="name" content="Apache Allura">
+ <meta itemprop="description" content="Allura is an open source implementation of a software forge, a site that manages source code repositories, bug reports, discussions, and more for projects.">
+ <meta itemprop="image" content="//allura.apache.org/theme/img/logo-asf-apache.png">
+
+ <link rel="stylesheet" type="text/css" href="//allura.apache.org/theme/css/flex.min.css">
+ <link rel="stylesheet" type="text/css" href="//allura.apache.org/theme/css/style.css">
+ <link rel="stylesheet" type="text/css" href="//allura.apache.org/theme/css/article.css">
+
+
+</head>
+
+<body cz-shortcut-listen="true" class="pg-">
+ <section id="content_wrapper" class="mobile-desktop row">
+ <div id="header" class="row ">
+ <header id="login_header" class="row">
+ <div class="bg-shadow pad-vert-md">
+ <span><h1 class="text-center"><a href="//allura.apache.org">Apache <img src="//allura.apache.org/theme/img/logo_white.png" width="94"> Allura<span class="tm">™</span></a></h1></span>
+ <span></span>
+ <h6 class="text-center">Open source project hosting platform</h6>
+ </div>
+ </header>
+ </div>
+
+ <div class="article-content">
+<div class="row bg-white pad-vert-lg">
+ <div class="row">
+ <h3 class="text-black text-center">Apache Allura 1.16.0 released with critical security fix</h3>
+ </div>
+
+ <div class="post-info text-center">
+ Published:
+ <abbr class="published" title="2023-11-06T00:00:00+00:00">
+ Mon 06 November 2023
+ </abbr>
+ <br>
+ Tagged:
+ <a href="//allura.apache.org/tag/release.html">release</a>
+ </div>
+
+ <div class="row">
+ <div class="col-20 no-float auto-margin">
+ <div class="row">
+ <div class="pad-md text-black"><h4>What's New?</h4>
+<p>Apache Allura 1.16.0 has been released. It has a critical security fix and also drops Python 3.7 support.</p>
+<p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p>
+<h4>Critical Security Fix</h4>
+<p>CVE-2023-46851 sensitive information exposure via import </p>
+<p>Severity: Critical<br>
+Versions Affected: 1.0.1 through 1.15.0</p>
+<p><strong>Description:</strong><br>
+Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution.</p>
+<p><strong>Mitigation:</strong><br>
+Users of Allura should upgrade to Allura 1.16.0 immediately.</p>
+<p>If you are unable to upgrade, set this in your .ini config file:</p>
+<div class="highlight"><pre><span></span><code>disable_entry_points.allura.importers = forge-tracker, forge-discussion
+</code></pre></div>
+
+<p>That same .ini setting is also recommend for users who want maximum security on their Allura instance and don't need those importers available.</p>
+<p><strong>Credit:</strong><br>
+This issue was discovered by Stefan Schiller (Sonar)</p>
+<h4>Python 3.8 through 3.11 supported</h4>
+<p>This release drops support for Python 3.7 and supports Python 3.8 through Python 3.11</p>
+<h4>Upgrade Instructions</h4>
+<p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p>
+<p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p>
+<p>If switching to a new version of Python, you will need to make a completely new python virtual environment,
+and run <code>pip install ...</code> in it, and then use it to run Allura.</p>
+<p>If using docker, rebuild the allura image and restart containers.</p>
+<p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?dev@allura.apache.org">dev mailing list</a>.</p>
+<h4>Get 1.16.0</h4>
+<p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></div>
+ </div>
+ </div>
+ </div>
+</div>
+</div>
+
+ <div class="row">
+ <footer id="footer" class="bg-black text-white col-24">
+ <p class="copy pad-top-sm text-center">Copyright © 2023 The Apache Software Foundation, Licensed under
+ <a href="http://www.apache.org/licenses/LICENSE-2.0.html">the Apache License, Version 2.0.</a></p>
+ <p class="copy pad-bot-sm text-center">Apache, Allura, Apache Allura, and the Apache feather logo are trademarks of The Apache Software Foundation.</p>
+ </footer>
+ </div>
+ </section>
+
+ <script type="application/javascript" src="//allura.apache.org/theme/js/jquery-1.11.2.min.js"></script>
+ <script type="application/javascript" src="//allura.apache.org/theme/js/frontend.js"></script>
+ <script type="application/javascript" src="//allura.apache.org/theme/js/article.js"></script>
+ <!-- Credits
+
+ Logo Design: Will Leonard
+ http://willleonard.org
+
+ Site design: Perry Merrity
+ https://perrymerrity.com/
+
+ bg-header-forge.jpg
+ Photo by: Stefan Schmitz
+ https://creativecommons.org/licenses/by-nd/2.0
+
+ bg-developers-fire.jpg
+ Photo by: Frédéric Bisson
+ https://creativecommons.org/licenses/by-nd/2.0
+ -->
+</body>
+</html>
\ No newline at end of file
diff --git a/tag/release.html b/tag/release.html
index 4ad8b4c..6e630f1 100644
--- a/tag/release.html
+++ b/tag/release.html
@@ -53,6 +53,17 @@
<div class="row bg-white pad-bot-md text-center">
<div class="row pad-top-md">
+ <h3><a class="text-black" href="//allura.apache.org/posts/2023-allura-1.16.0.html">Apache Allura 1.16.0 released with critical security fix</a></h3>
+ </div>
+
+ <div class="post-info">
+ Published:
+ <abbr class="published" title="2023-11-06T00:00:00+00:00">
+ Mon 06 November 2023
+ </abbr>
+ </div>
+ <div class="entry-content"> <p>Version 1.16.0 of Allura released with critical security fix</p> </div>
+ <div class="row pad-top-md">
<h3><a class="text-black" href="//allura.apache.org/posts/2023-allura-1.15.0.html">Apache Allura 1.15.0 released</a></h3>
</div>
