Apache Directory Project

Update of Studio 1.5 through update site fails

View: New views
2 Messages — Rating Filter:   Alert me  

Update of Studio 1.5 through update site fails

by Michael Fladischer :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I just tried to run the update for the latest release of AD-Studio in
Eclipse 3.5 but it failed because at least one jar file is fetched
from a malicious URL (as it seems to me).

The URL in question (on a local mirror, not maintained by me) is:

http://mirror.deri.at/apache/directory/studio/update/1.x/plugins/plugins/org.apache.directory.studio.common.ui_1.5.0.v20091102.jar

Notice the duplicate "plugins" folder. If I strip one the "plugins"
from the URL the download works manually in my browser.
Is this an issue with the mirror or the site.xml?

Regards,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkr0Pg8ACgkQeJ3z1zFMUGY1kgCgh2venS9L8Fd8zIpb84T4mjrs
5hAAnj22O1BECoNneQaM40fAM5mU343+
=8bEp
-----END PGP SIGNATURE-----


Re: Update of Studio 1.5 through update site fails

by Pierre-Arnaud Marcelot-2 :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi Michael,

Thanks for the bug report.

The site.xml file was wrong.

I fixed it and it should up on the website within the hour (time for  
the mirrors to get updated).

Thanks,
Pierre-Arnaud


On 6 nov. 2009, at 16:17, Michael Fladischer wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I just tried to run the update for the latest release of AD-Studio in
> Eclipse 3.5 but it failed because at least one jar file is fetched
> from a malicious URL (as it seems to me).
>
> The URL in question (on a local mirror, not maintained by me) is:
>
> http://mirror.deri.at/apache/directory/studio/update/1.x/plugins/plugins/org.apache.directory.studio.common.ui_1.5.0.v20091102.jar
>
> Notice the duplicate "plugins" folder. If I strip one the "plugins"
> from the URL the download works manually in my browser.
> Is this an issue with the mirror or the site.xml?
>
> Regards,
> Michael
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkr0Pg8ACgkQeJ3z1zFMUGY1kgCgh2venS9L8Fd8zIpb84T4mjrs
> 5hAAnj22O1BECoNneQaM40fAM5mU343+
> =8bEp
> -----END PGP SIGNATURE-----
>

Free embeddable forum powered by Nabble Forum Help