You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jackrabbit.apache.org by "Markus Koschany (JIRA)" <ji...@apache.org> on 2015/09/30 18:49:04 UTC

[jira] [Created] (JCR-3912) Jackrabbit depends on obsolete commons-httpclient library

Markus Koschany created JCR-3912:
------------------------------------

             Summary: Jackrabbit depends on obsolete commons-httpclient library
                 Key: JCR-3912
                 URL: https://issues.apache.org/jira/browse/JCR-3912
             Project: Jackrabbit Content Repository
          Issue Type: Bug
          Components: security
    Affects Versions: 2.11.0, 2.10.1
         Environment: Debian GNU/Linux
            Reporter: Markus Koschany


Hello,

jackrabbit depends on commons-httpclient. https://hc.apache.org/httpclient-3.x/

This library has reached EOL status four years ago and was replaced by Apache httpcomponents-client:

https://hc.apache.org/httpcomponents-client-ga/index.html

commons-httpclient was affected by multiple security issues in the past but is no longer supported by its upstream developers. This makes it difficult for Linux distributions to provide any support for applications and libraries which still depend on commons-httpclient.

Please consider to make the switch to httpcomponents-client




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)