Today we'd like to also announce DSpace 1.8.3, a security release for
the 1.8.x platform.
DSpace 1.8.3 addresses a security vulnerability in the JSPUI. Although
there are no known exploits of this vulnerability, we recommend all
1.8.x JSPUI users upgrade to 1.8.3 or 3.2. This JSPUI security fix has
been backported to 1.8.3 (from 3.2) as per our current DSpace Software
Support Policy .
This 1.8.3 release also contains minor improvements that make 1.8.x more
Git/GitHub friendly, allowing users to more easily work with 1.8 in
More details on the 1.8.3 release (including download links) can be
* We highly recommend that all 1.8.x JSPUI users either upgrade to 1.8.3
or 3.2 to fix the JSPUI security vulnerability.
* If you are unable to upgrade at this time, a manual patch has been
provided at https://jira.duraspace.org/browse/DS-1603 (you must register
to access this ticket)
1.8.3 Installation and Upgrade instructions:
* Installation: https://wiki.duraspace.org/display/DSDOC18/Installation
* Upgrade from 1.8.x to 1.8.3:
* Upgrade from 1.8.x to 3.2:
* Upgrade (general instructions):
DSpace would not exist without the hard work and support of the
community! We'd like to thank each of you for continuing to use DSpace,
support DSpace, test DSpace, and provide feedback to the developers.
Tim Donohue, on behalf of the DSpace Committers
 DSpace Software Support Policy: