portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Sean Taylor (Jira)" <jetspeed-...@portals.apache.org>
Subject [jira] [Created] (JS2-1371) Security Vulnerabilities Update
Date Wed, 06 Jan 2021 18:50:00 GMT
David Sean Taylor created JS2-1371:
--------------------------------------

             Summary: Security Vulnerabilities Update
                 Key: JS2-1371
                 URL: https://issues.apache.org/jira/browse/JS2-1371
             Project: Jetspeed 2
          Issue Type: Improvement
          Components: Dependencies
    Affects Versions: 2.3.1
            Reporter: David Sean Taylor
            Assignee: David Sean Taylor
             Fix For: 2.3.2


The following direct dependencies have been highlighted as having security
vulnerabilities (along with the suggested remediation):


Apache Commons BeanUtils 1.9.2 (update to 1.9.4)
Apache Commons FileUpload 1.3.1 (update to 1.4)
Apache CXF 2.2.5 (update to cxf-3.4.1)
Apache Lucene 3.1.0 (update to 8.7.0)
Apache lucene-solr 3.1.0 (update to 8.7.0)
Castor 1.1.1 (update to 1.4.1)
dom4j 1.6.1 (update to 20040902.021138)
slf4j 1.5.6 (update to 1.7.30)
Spring-core 3.2.9RELEASE (update to 5.3.2)
Spring-aop 3.2.9.RELEASE (update to 5.3.2)
Spring-beans 3.2.9.RELEASE (update to 5.3.2)
Spring-context 3.2.9.RELEASE (update to 5.3.2)
Spring-context-support 3.2.9.RELEASE (update to 5.3.2)
Spring-web 3.2.9.RELEASE (update to 5.3.2)
Spring-orm 3.2.9.RELEASE (update to 5.3.2)
Spring-jdbc 3.2.9.RELEASE (update to 5.3.2)
Spring-ldap 1.3.0 (update to 2.0.3)



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message