You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@abdera.apache.org by "David Jarrin (JIRA)" <ji...@apache.org> on 2016/06/28 16:08:56 UTC

[jira] [Created] (ABDERA-695) Dependent library commons-httpclient has a critical security issue

David Jarrin created ABDERA-695:
-----------------------------------

             Summary: Dependent library commons-httpclient has a critical security issue
                 Key: ABDERA-695
                 URL: https://issues.apache.org/jira/browse/ABDERA-695
             Project: Abdera
          Issue Type: Bug
    Affects Versions: 1.1.3
         Environment: All
            Reporter: David Jarrin
            Priority: Blocker


A critical security issue has been uncovered in the old commons-httpclient library. Please read the details here:

https://issues.apache.org/jira/browse/HTTPCLIENT-644

Any support for commons-httpclient was stopped as of 2007 so there is no hope that the security issue will be fixed on that code base. The new HttpComponents does not have this security issue. 
It would be extremely helpful (and urgent in my opinion) for Abdera development to provide a version that works with the new HttpComponents library. 

Please consider prioritizing this important update. In my particular case, a new release of the product I am responsible for cannot happen until the security issue is resolved by upgrading to use HttpComponents, but because Abdera does not support HttpComponents we have little options left to meet our release deadline.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)