Steffen Schuler 13 Years Ago Nice, can you tell us something about custom portlets? Please sign in to reply. Reply as... Cancel
Marcelo Ruiz Camauër 13 Years Ago How should we submit sites made in Liferay for review and publication here? Please sign in to reply. Reply as... Cancel Steffen Schuler Marcelo Ruiz Camauër 13 Years Ago Contacting Ronald Sarayudej should work for you... Please sign in to reply. Reply as... Cancel Oliver Bayer Steffen Schuler 13 Years Ago Hi Steffen, both systems (portal and CMS) are based on Liferay 5.2.3 CE. We've been trying to follow the jira tickets and integrate the bugfixes in our EXT e.g. disable the listing of users via url parameter. Thanks for the info. If you find any other security holes let me know ;-). Please sign in to reply. Reply as... Cancel Steffen Schuler Oliver Bayer 13 Years Ago I was thinking about how the community could build/provide bugfixes based on JIRA for the community, too. Can you give me some details about your approach? Is it a mostly a manual one or did you find a way of "auto" build sec. patches based on JIRA issues/fixes? Can you tell me if it might be possible to build an auto updater with some help from the community from your point of view? With a release cycle > 6 month, the CE version is treated like a step child - from a sec point of view and it would be great if this could be fixed for all CE installations out there. Please sign in to reply. Reply as... Cancel
Steffen Schuler Marcelo Ruiz Camauër 13 Years Ago Contacting Ronald Sarayudej should work for you... Please sign in to reply. Reply as... Cancel Oliver Bayer Steffen Schuler 13 Years Ago Hi Steffen, both systems (portal and CMS) are based on Liferay 5.2.3 CE. We've been trying to follow the jira tickets and integrate the bugfixes in our EXT e.g. disable the listing of users via url parameter. Thanks for the info. If you find any other security holes let me know ;-). Please sign in to reply. Reply as... Cancel Steffen Schuler Oliver Bayer 13 Years Ago I was thinking about how the community could build/provide bugfixes based on JIRA for the community, too. Can you give me some details about your approach? Is it a mostly a manual one or did you find a way of "auto" build sec. patches based on JIRA issues/fixes? Can you tell me if it might be possible to build an auto updater with some help from the community from your point of view? With a release cycle > 6 month, the CE version is treated like a step child - from a sec point of view and it would be great if this could be fixed for all CE installations out there. Please sign in to reply. Reply as... Cancel
Oliver Bayer Steffen Schuler 13 Years Ago Hi Steffen, both systems (portal and CMS) are based on Liferay 5.2.3 CE. We've been trying to follow the jira tickets and integrate the bugfixes in our EXT e.g. disable the listing of users via url parameter. Thanks for the info. If you find any other security holes let me know ;-). Please sign in to reply. Reply as... Cancel Steffen Schuler Oliver Bayer 13 Years Ago I was thinking about how the community could build/provide bugfixes based on JIRA for the community, too. Can you give me some details about your approach? Is it a mostly a manual one or did you find a way of "auto" build sec. patches based on JIRA issues/fixes? Can you tell me if it might be possible to build an auto updater with some help from the community from your point of view? With a release cycle > 6 month, the CE version is treated like a step child - from a sec point of view and it would be great if this could be fixed for all CE installations out there. Please sign in to reply. Reply as... Cancel
Steffen Schuler Oliver Bayer 13 Years Ago I was thinking about how the community could build/provide bugfixes based on JIRA for the community, too. Can you give me some details about your approach? Is it a mostly a manual one or did you find a way of "auto" build sec. patches based on JIRA issues/fixes? Can you tell me if it might be possible to build an auto updater with some help from the community from your point of view? With a release cycle > 6 month, the CE version is treated like a step child - from a sec point of view and it would be great if this could be fixed for all CE installations out there. Please sign in to reply. Reply as... Cancel
Oliver Bayer 13 Years Ago Hi Steffen, you can take a look at the "small" summary we wrote at the university IT center page: http://www.hs-weingarten.de/web/rechenzentrum/webserver. This is only an excerpt of the modifications we've implemented. If you have any additional questions feel free to ask (http://portal.hs-weingarten.de/web/bayero). Please sign in to reply. Reply as... Cancel Steffen Schuler Oliver Bayer 13 Years Ago I just read the german pdf ... two questions: You mentioned a seperated CMS - is this CMS a different product or another instance of liferay?Which version are you running - CE or EE? I'am asking this, because it seems like there are currently a lot of CE versions out there in production, which seems to be a potential security risk - "Bob" only needs to take a closer look at open JIRA issues ... especially IT students might spend some time trying to hack a CE portal. Please sign in to reply. Reply as... Cancel
Steffen Schuler Oliver Bayer 13 Years Ago I just read the german pdf ... two questions: You mentioned a seperated CMS - is this CMS a different product or another instance of liferay?Which version are you running - CE or EE? I'am asking this, because it seems like there are currently a lot of CE versions out there in production, which seems to be a potential security risk - "Bob" only needs to take a closer look at open JIRA issues ... especially IT students might spend some time trying to hack a CE portal. Please sign in to reply. Reply as... Cancel
