You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Radu Cotescu (JIRA)" <ji...@apache.org> on 2019/04/18 16:34:00 UTC
[jira] [Resolved] (SLING-8353) Change embedded ESAPI version in
sling.xss
[ https://issues.apache.org/jira/browse/SLING-8353?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Radu Cotescu resolved SLING-8353.
---------------------------------
Resolution: Fixed
Fixed in [commit 9a04848|https://github.com/apache/sling-org-apache-sling-xss/commit/9a04848] and [commit 458d454|https://github.com/apache/sling-org-apache-sling-xss/commit/458d454].
> Change embedded ESAPI version in sling.xss
> ------------------------------------------
>
> Key: SLING-8353
> URL: https://issues.apache.org/jira/browse/SLING-8353
> Project: Sling
> Issue Type: Bug
> Components: XSS Protection API
> Affects Versions: XSS Protection API 2.1.6
> Reporter: Ashok Kumar
> Assignee: Radu Cotescu
> Priority: Major
> Fix For: XSS Protection API 2.1.8
>
> Time Spent: 50m
> Remaining Estimate: 0h
>
> org.apache.sling.xss embeds esapi 2.1.0. It would be good if we update this to 2.1.0.1 atleast, which would bring more security fixes and still remains backward compatible.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)