You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Robert Munteanu (Jira)" <ji...@apache.org> on 2022/02/07 15:42:00 UTC
[jira] [Resolved] (SLING-7626) disclosure vulnerability affecting Apache Sling Servlets Post 2.3.6 and earlier versions
[ https://issues.apache.org/jira/browse/SLING-7626?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Munteanu resolved SLING-7626.
------------------------------------
Resolution: Not A Problem
No feedback in 3+ years, closing.
> disclosure vulnerability affecting Apache Sling Servlets Post 2.3.6 and earlier versions
> ----------------------------------------------------------------------------------------
>
> Key: SLING-7626
> URL: https://issues.apache.org/jira/browse/SLING-7626
> Project: Sling
> Issue Type: Task
> Affects Versions: Testing JCR Mock 1.3.2, Servlet Helpers 1.1.4, Testing Sling Mock 2.2.18
> Reporter: Andy
> Priority: Blocker
>
> There is a high security vulnerability from OWASP dependencies check scan affecting Apache Sling Servlets Post 2.3.6 and earlier versions. Please update to Apache Sling Servlets Post 2.3.8.
> This is the Adobe fixes for reference, but the following modules need to address this
> https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html
> org.apache.sling.servlet-helpers-1.1.4.jar
> org.apache.sling.testing.sling-mock-2.2.18.jar
> org.apache.sling.testing.jcr-mock-1.3.2.jar
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)