Friday, January 25, 2013
RichFaces 4.3.0.CR2 Release Announcement
The second milestone release of RichFaces 4.3 (4.3.0.CR2) has been released. This release candidate for the RichFaces 4.3 is an incremental release on top of the previous release candidate (4.3.0.CR1), providing a few bug fixes and documentation enhancements.
Behaviour change for
The RichFaces notify* components did not previously escape message content. This can lead to a security vulnerability in your applications, so we’ve changed the notify* components to escape message content by default, and provided the
escape attribute to disable escaping of the message content.
escape=falseattribute to achieve the same behaviour as in previous RichFaces releases.
We’ll again let RichFaces 4.3.0.CR2 bake in the community for a few days. Be sure to try it our with your applications and report any regressions you should come across that may have been overlooked by our QE team. We are aiming to have a final release out next week.