commit 4374c18078489d940375497662ad1099ac49117c
author Michael Beckerle <mbeckerle@apache.org> Mon Dec 20 12:36:08 2021 -0500
committer Mike Beckerle <mbeckerle@apache.org> Mon Dec 20 12:50:12 2021 -0600
tree 2bd2de830ee43faae02ba2c788076c1e99146003
parent 6e73f67a3a61e60e64ebf04014551749a500104d

updates for 3.2.1-rc2

site/_releases/3.2.0.md

diff --git a/site/_releases/3.2.0.md b/site/_releases/3.2.0.md
index df48258..7ec8b47 100644
--- a/site/_releases/3.2.0.md
+++ b/site/_releases/3.2.0.md
@@ -5,8 +5,7 @@
 title: 3.2.0
 date: 2021-12-06
 summary: >
-    Checksum and CRC capability via DFDL extensions and pluggable
-    Jar files, Log4J support, miscellaneous bug fixes and improvements
+    WARNING: This release has been superceded. Use Release 3.2.1 instead.
 
 artifact-root: "https://www.apache.org/dyn/closer.lua/daffodil/3.2.0/"
 checksum-root: "https://downloads.apache.org/daffodil/3.2.0/"
@@ -24,6 +23,13 @@
 
 scala-version: 2.12
 ---
+<div class="alert alert-danger">
+WARNING
+<p/>
+This release has been superceded by <a href="../3.2.1">Release 3.2.1</a> due to security issues.
+<p/>
+The release notes below are still useful for understanding the features and functionality which are also part of <a href="../3.2.1">Release 3.2.1</a>.
+</div>
 
 #### New DFDL Language Extension Features
 

site/_releases/3.2.1.md

diff --git a/site/_releases/3.2.1.md b/site/_releases/3.2.1.md
index e202e1e..27f4317 100644
--- a/site/_releases/3.2.1.md
+++ b/site/_releases/3.2.1.md
@@ -3,15 +3,17 @@
 released: false
 apache: true
 title: 3.2.1
-date: 2021-12-16
+date: 2021-12-19
 summary: >
-    Upgrade dependencies to fix CVE-2021-44228 (Log4J)
+    Patch release supercedes 3.2.0. 
+    Provides updated dependencies to fix CVE-2021-44228 (Log4J), CVE-2021-45105 (Log4J),
     and CVE-2021-33813 (JDOM).
-    Fix unparse checksum and CRC capability (JIRA DAFFODIL-2609)
+    Fixes unparse checksum and CRC capability (JIRA DAFFODIL-2609)
+    Otherwise contains all the same functionality as Release 3.2.0 which it replaces.
 
 
-artifact-root: "https://dist.apache.org/repos/dist/dev/daffodil/3.2.1-rc1/"
-checksum-root: "https://dist.apache.org/repos/dist/dev/daffodil/3.2.1-rc1/"
+artifact-root: "https://dist.apache.org/repos/dist/dev/daffodil/3.2.1-rc2/"
+checksum-root: "https://dist.apache.org/repos/dist/dev/daffodil/3.2.1-rc2/"
 
 key-file: "https://downloads.apache.org/daffodil/KEYS"
 
@@ -27,11 +29,17 @@
 scala-version: 2.12
 ---
 
+This release is a patch on top of [Release 3.2.0](../3.2.0) to improve security and fix a major functional bug. 
+
+The [Release Notes for 3.2.0](../3.2.0)
+are still relevant to understand the features
+and functionality in this 3.2.1 patch release. 
+
 #### Security Improvements
 
-This release fixes two security CVEs by updating dependency versions.
+This release fixes three security CVEs by updating dependency versions.
 
-* {% jira 2610 %} Update log4J dependency to fix CVE-2021-44228
+* {% jira 2610 %} Update log4J dependency to fix CVE-2021-44228 and CVE-2021-45105
 * {% jira 2611 %} Update JDOM dependency to fix CVE-2021-33813
 
 #### Functional Improvements
@@ -61,8 +69,8 @@
 
 **Core**
 
-* Log4j core 2.16.0 <small>(update)</small>
-* Log4j api 2.16.0 <small>(update)</small>
+* Log4j core 2.17.0 <small>(update)</small>
+* Log4j api 2.17.0 <small>(update)</small>
 * JDOM2 2.0.6.1 <small>(update)</small>
 
 **Code Generator (runtime2)**