You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by eo...@apache.org on 2019/06/04 12:33:38 UTC
[maven-archetype] branch master updated: ARCHETYPE-567: switch to
dom4j 2.1.1 (and Java 8) dom4j 2.1.1 requires Java 8 dom4j 2.0.2 would
retain Java 7 but is vulnerable to CVE-2018-1000632 dom4j 2.0.3 fixes
CVE-2018-1000632 but has been pending for ~1 year
This is an automated email from the ASF dual-hosted git repository.
eolivelli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/maven-archetype.git
The following commit(s) were added to refs/heads/master by this push:
new fc9a5ff ARCHETYPE-567: switch to dom4j 2.1.1 (and Java 8) dom4j 2.1.1 requires Java 8 dom4j 2.0.2 would retain Java 7 but is vulnerable to CVE-2018-1000632 dom4j 2.0.3 fixes CVE-2018-1000632 but has been pending for ~1 year
fc9a5ff is described below
commit fc9a5ff0efe1b076313b51180ac53d841d430620
Author: Tony Homer <to...@intel.com>
AuthorDate: Fri May 31 11:45:31 2019 -0700
ARCHETYPE-567: switch to dom4j 2.1.1 (and Java 8)
dom4j 2.1.1 requires Java 8
dom4j 2.0.2 would retain Java 7 but is vulnerable to CVE-2018-1000632
dom4j 2.0.3 fixes CVE-2018-1000632 but has been pending for ~1 year
Signed-off-by: Tony Homer <to...@intel.com>
---
Jenkinsfile | 2 +-
archetype-common/pom.xml | 2 +-
pom.xml | 6 +++---
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/Jenkinsfile b/Jenkinsfile
index ddbf133..fbaa780 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -17,4 +17,4 @@
* under the License.
*/
-asfMavenTlpPlgnBuild(tmpWs: true)
+asfMavenTlpPlgnBuild(tmpWs: true, jdk:['8','11','12','13'])
diff --git a/archetype-common/pom.xml b/archetype-common/pom.xml
index 84eec1a..f20dacf 100644
--- a/archetype-common/pom.xml
+++ b/archetype-common/pom.xml
@@ -78,7 +78,7 @@
<version>1.5.5</version>
</dependency>
<dependency>
- <groupId>dom4j</groupId>
+ <groupId>org.dom4j</groupId>
<artifactId>dom4j</artifactId>
</dependency>
<dependency>
diff --git a/pom.xml b/pom.xml
index e72cec7..bf1bb1f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -74,7 +74,7 @@
<properties>
<maven.archetype.scm.devConnection>scm:git:https://gitbox.apache.org/repos/asf/maven-archetype.git</maven.archetype.scm.devConnection>
<mavenVersion>3.0</mavenVersion>
- <javaVersion>7</javaVersion>
+ <javaVersion>8</javaVersion>
<netbeans.hint.useExternalMaven>true</netbeans.hint.useExternalMaven>
<wagonVersion>2.8</wagonVersion>
<surefire.version>2.21.0</surefire.version>
@@ -193,9 +193,9 @@
</exclusions>
</dependency>
<dependency>
- <groupId>dom4j</groupId>
+ <groupId>org.dom4j</groupId>
<artifactId>dom4j</artifactId>
- <version>1.6.1</version>
+ <version>2.1.1</version>
</dependency>
<dependency>
<groupId>jdom</groupId>