Google Git
Sign in
apache / sling-site / refs/heads/asf-site / . / news.html
blob: c6400cc0252f350a87c23dfab129ada63f481c33 [file] [log] [blame]
<!DOCTYPE html><html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/>
<title>Apache Sling :: News</title>
<link rel="icon" href="/favicon.ico"/>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bulma/0.7.5/css/bulma.min.css"/>
<link rel="stylesheet" href="/res/css/site.css"/>
<script src='https://www.apachecon.com/event-images/snippet.js'></script><link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/styles/default.min.css"/>
<script src='https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/highlight.min.js'></script><script>
hljs.initHighlightingOnLoad();
</script>
<!-- Matomo Web Analytics -->
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
/* We explicitly disable cookie tracking to avoid privacy issues */
_paq.push(['disableCookies']);
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="https://matomo.privacy.apache.org/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '6']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
<!-- End Matomo Code -->
<link href='/pagefind/pagefind-ui.css' rel='stylesheet'><script src='/pagefind/pagefind-ui.js' type='text/javascript'></script>
<script>
window.addEventListener('DOMContentLoaded', (event) => {
new PagefindUI({ element: "#searchbox" });
});
</script>
</head> <body>
<div class="section">
<div class="level is-marginless">
<div class="logo">
<a href="https://sling.apache.org">
<img border="0" alt="Apache Sling" src="/res/logos/sling.svg"/>
</a>
</div><div class="header">
<a href="https://www.apache.org">
<img border="0" alt="Apache" src="/res/logos/apache.png"/>
</a>
</div>
</div><section class="searchbox level is-marginless">
<div id="searchbox"></div>
</section><div class="columns is-gapless">
<div class="column is-narrow sidemenu">
<div class="container">
<nav class="menu">
<ul class="menu-list box is-shadowless is-marginless">
<li>
<p class="menu-label">
<strong>Documentation</strong>
</p><ul>
<li><a href="/documentation.html">Overview</a></li><li><a href="/documentation/getting-started.html">Getting Started</a></li><li><a href="/documentation/the-sling-engine.html">The Sling Engine</a></li><li><a href="/documentation/development.html">Development</a></li><li><a href="/documentation/bundles.html">Bundles</a></li><li><a href="/documentation/tutorials-how-tos.html">Tutorials &amp; How-Tos</a></li><li><a href="/components/">Maven Plugins</a></li><li><a href="/documentation/configuration.html">Configuration</a></li>
</ul>
</li><li>
<p class="menu-label">
<strong>API Docs</strong>
</p><ul>
<li><a href="/apidocs/sling12/index.html">Sling 12</a></li><li><a href="/apidocs/sling11/index.html">Sling 11</a></li><li><a href="/apidocs/sling10/index.html">Sling 10</a></li><li><a href="/apidocs/sling9/index.html">Sling 9</a></li><li><a href="/documentation/apidocs.html">All versions</a></li>
</ul>
</li><li>
<p class="menu-label">
<strong>Support</strong>
</p><ul>
<li><a href="https://s.apache.org/sling.wiki">Wiki</a></li><li><a href="https://s.apache.org/sling.faq">FAQ</a></li><li><a href="/sitemap.html">Sitemap</a></li>
</ul>
</li><li>
<p class="menu-label">
<strong>Project Info</strong>
</p><ul>
<li><a href="/downloads.cgi">Downloads</a></li><li><a href="https://www.apache.org/licenses/">License</a></li><li><a href="/news.html">News</a></li><li><a href="/releases.html">Releases</a></li><li><a href="https://issues.apache.org/jira/browse/SLING">Issue Tracker</a></li><li><a href="/links.html">Links</a></li><li><a href="/contributing.html">Contributing</a></li><li><a href="/project-information.html">Project Information</a></li><li><a href="/project-information/security.html">Security</a></li>
</ul>
</li><li>
<p class="menu-label">
<strong>Source</strong>
</p><ul>
<li><a href="/repolist.html">Repositories</a></li><li><a href="https://gitbox.apache.org/repos/asf?s=sling">Git at Apache</a></li>
</ul>
</li><li>
<p class="menu-label">
<strong>Apache Software<br>Foundation</strong>
</p><ul>
<li><a href="https://www.apache.org/foundation/thanks.html">Thanks!</a></li><li><a href="https://www.apache.org/foundation/sponsorship.html">Become a Sponsor</a></li><li><a href="https://www.apache.org/foundation/buy_stuff.html">Buy Stuff</a></li>
</ul>
</li><li>
<a class="acevent" data-format="square" data-event="random"></a>
</li><li>
<a href="https://apache.org/foundation/contributing.html" class="column">
<img border="0" alt="Support the Apache Software Foundation!" src="/res/images/SupportApache-small.png" width="125"/>
</a>
</li>
</ul>
</nav>
</div>
</div><div class="column main">
<div class="box is-shadowless is-marginless">
<div class="level">
<div class="pagenav">
<div class="breadcrumb">
<ul>
<li>
<a href="/">
Home
</a>
</li>
</ul>
</div>
</div><div class="tags">
<span class="tag">
<a href="/tags/news.html">
news
</a>
</span>
</div>
</div><h1 class="title">
News
</h1><div class="content is-marginless">
<div class="row" data-pagefind-body="true"><div><section><ul>
<li>Security Advisory: <a href="./security/CVE-2023-6378.html">Apache Sling advisory regarding CVE-2023-6378</a></li>
<li>Vulnerability report: CVE-2024-23673: Apache Sling Servlets Resolver: Malicious code execution via path traversal, see <a href="https://www.cve.org/CVERecord?id=CVE-2024-23673">https://www.cve.org/CVERecord?id=CVE-2024-23673</a></li>
<li>Vulnerability report: CVE-2022-47937: Multiple parsing problems in the Apache Sling Commons JSON module, see <a href="https://www.cve.org/CVERecord?id=CVE-2022-47937">https://www.cve.org/CVERecord?id=CVE-2022-47937</a></li>
<li>Vulnerability report and fix: CVE-2022-37734: Apache GraphQL Core: Upgraded graphql-java to version 20.1 which contains the fix for the vulnerability, see <a href="https://www.cve.org/CVERecord?id=CVE-2022-37734">https://www.cve.org/CVERecord?id=CVE-2022-37734</a></li>
<li>Vulnerability report and fix: CVE-2022-45064: Apache Sling Engine: Include-based XSS (April 12th, 2023), see <a href="https://www.cve.org/CVERecord?id=CVE-2022-45064">https://www.cve.org/CVERecord?id=CVE-2022-45064</a></li>
<li>Vulnerability report and fix: CVE-2023-26513: Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS (Mar 20th, 2023), see <a href="https://www.cve.org/CVERecord?id=CVE-2023-26513">https://www.cve.org/CVERecord?id=CVE-2023-26513</a></li>
<li>Vulnerability report and fix: CVE-2023-25621: Apache Sling does not allow to handle i18n content in a secure way (Feb 23rd, 2023), see <a href="https://www.cve.org/CVERecord?id=CVE-2023-25621">https://www.cve.org/CVERecord?id=CVE-2023-25621</a></li>
<li>Vulnerability report and fix: CVE-2023-25141: Apache Sling JCR Base JNDI injection (February 14th, 2023), see <a href="https://www.cve.org/CVERecord?id=CVE-2023-25141">https://www.cve.org/CVERecord?id=CVE-2023-25141</a></li>
<li>Vulnerability report and fix: CVE-2023-22849: Apache Sling App CMS: XSS in CMS Reference / UI Components (Feb 3rd, 2023), see <a href="https://www.cve.org/CVERecord?id=CVE-2023-22849">https://www.cve.org/CVERecord?id=CVE-2023-22849</a></li>
<li>Vulnerability report and fix: CVE-2022-46769: Apache Sling CMS Reflected XSS Vulnerability (January 1st, 2022), see <a href="https://www.cve.org/CVERecord?id=CVE-2022-46769">https://www.cve.org/CVERecord?id=CVE-2022-46769</a></li>
<li>Vulnerability report and fix: CVE-2022-43670: Apache Sling CMS Reflected XSS Vulnerability (November 1st, 2022), see <a href="http://s.apache.org/CVE-2022-43670">http://s.apache.org/CVE-2022-43670</a></li>
<li>Released <a href="/news/sling-12-released.html">Apache Sling 12</a> (March 18th, 2022).</li>
<li>Security Advisory: <a href="./security/log4shell.html">Apache Sling advisory regarding CVE-2021-44228 and LOGBACK-1591</a></li>
<li>Our documentation pages now have an edit link in their footer: patches, which are very welcome, are now easier than ever!</li>
<li>The new <a href="./sitemap.html">hierarchical sitemap</a> helps you find the right page, along with the existing <a href="./tags/development.html">tags pages</a>.</li>
<li>Released <a href="https://github.com/apache/sling-org-apache-sling-adapter-annotations">Apache Sling Adapter Annotations 2.0</a>, a new module that implements OSGi DS 1.4 component property type annotations for Sling Adapters.</li>
<li>The virtual adaptTo() 2020 conference took place in September and <a href="https://adapt.to/2020/en/schedule.html">video recordings will be available soon</a>.</li>
<li>Vulnerability report and fix: CVE-2020-1949: Apache Sling CMS Reflected XSS Vulnerability (March 24th, 2020), see <a href="http://s.apache.org/CVE-2020-1949">http://s.apache.org/CVE-2020-1949</a></li>
<li>The <a href="https://adapt.to/2019/">adaptTo() 2019 conference</a> took place in Berlin, Germany. (September 2-4, 2019).</li>
<li>Released <a href="/news/sling-11-released.html">Apache Sling 11</a> (October 23rd, 2018).</li>
<li>The <a href="https://adapt.to/2018/">adaptTo() 2018 conference</a> took place in Potsdam, Germany. (September 10-12, 2018).</li>
<li>Released <a href="/documentation/bundles/sling-pipes.html">Apache Sling Pipes 2.0.2</a> (February 7th, 2018).</li>
<li>Released <a href="/news/sling-10-released.html">Apache Sling 10</a> (February 6th, 2018).</li>
<li>Released <a href="/news/sling-ide-tooling-12-released.html">Apache Sling IDE Tooling for Eclipse 1.2.0</a> (January 21st, 2018).</li>
<li>Sling has moved to Git (October 20, 2017)</li>
<li>The <a href="https://adapt.to/2017/en.html">adaptTo() 2017 conference</a> took place in Berlin. (September 25-27, 2017).</li>
<li>Released <a href="/news/sling-launchpad-9-released.html">Apache Sling 9</a> (June 12th, 2017)</li>
<li>The <a href="https://adapt.to/2016/en.html">adaptTo() 2016 conference</a> took place in Berlin. (September 26-28, 2016).</li>
<li>Released <a href="/news/sling-ide-tooling-11-released.html">Apache Sling IDE Tooling for Eclipse 1.1.0</a> (March 14th, 2016)</li>
<li>Released <a href="/news/sling-launchpad-8-released.html">Apache Sling 8</a> (October 16th, 2015)</li>
<li>The <a href="https://adapt.to/2015/en.html">adaptTo() 2015 conference</a> took place in Berlin. (September 28-30, 2015).</li>
<li>Released Apache Sling 7 (October 3th, 2014)</li>
<li>The <a href="https://adapt.to/2014/en.html">adaptTo() 2014 conference</a> took place in Berlin. (September 22-24, 2014).</li>
<li>The <a href="https://adapt.to/2013/en.html">adaptTo() 2013 conference</a> took place in Berlin. (September 23-25, 2013).</li>
<li>The <a href="https://adapt.to/2012/en.html">adaptTo() 2012 conference</a> took place in Berlin. (September 26-28, 2012).</li>
<li>Vulnerability report and fix: CVE-2012-2138 Apache Sling denial of service vulnerability (July 6th, 2012), see <a href="http://s.apache.org/CVE-2012-2138">http://s.apache.org/CVE-2012-2138</a></li>
<li>The <a href="https://adapt.to/2011/en.html">adaptTo() 2011 conference</a> took place in Berlin. (September 15-16, 2011).</li>
<li>Released <a href="http://markmail.org/thread/hv5vd5774ofwqu6j">Apache Sling 6</a> (March 28, 2011)</li>
<li>Sling site at http://sling.apache.org live (June 29, 2009)</li>
<li>Mailing lists moved to dev(a)sling.apache.org and commits(a)sling.apache.org (June 29, 2009)</li>
<li>SVN moved to http://svn.apache.org/repos/asf/sling (June 18, 2009)</li>
<li>Apache Sling has graduated into a top level project! (June 17, 2009)</li>
</ul>
<h1><a href="#history" id="history">History</a></h1>
<p>Sling started as an internal project at <a href="http://www.day.com">Day Software</a> , and entered the Apache Incubator in September 2007. As of June, 17th, 2009 Apache Sling is a top level project of the Apache Software Foundation.</p>
<p>The name &quot;Sling&quot; has been proposed by Roy Fielding who explained it like this:</p>
<blockquote>
<p>[The name is] Biblical in nature. The story of David: the weapon he uses to slay the giant Goliath is a sling. Hence, our David's [David Nuescheler, CTO of Day Software] favorite weapon.</p>
<p>It is also the simplest device for delivering content very fast.</p>
</blockquote>
</section></div></div><div data-pagefind-body="true" data-pagefind-weight="7.0" style="display:none;"> - ( News )</div>
</div>
</div>
</div>
</div><footer class="footer">
<div class="content has-text-centered is-small">
<div class="editpagelink">
This page can be edited on GitHub at <a href="https://github.com/apache/sling-site/edit/master/src/main/jbake/content/news.md">
content/news.md
</a>
</div> <div class="revisionInfo">
Last modified by <span class="author">Robert Munteanu</span> on <span class="comment">2024-02-06</span>
</div><p>
Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project
logo are trademarks of The Apache Software Foundation. All other marks mentioned
may be trademarks or registered trademarks of their respective owners.
</p><p>
Copyright © 2007-2024<a href="https://www.apache.org/">
The Apache Software Foundation
</a>|<a href="https://privacy.apache.org/policies/privacy-policy-public.html">
Privacy Policy
</a>
</p>
</div>
</footer>
</div>
</body>
</html>