You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tinkerpop.apache.org by "Sven Delmas (JIRA)" <ji...@apache.org> on 2015/12/28 20:06:49 UTC

[jira] [Commented] (TINKERPOP-1068) Bump to support jbcrypt-0.4m.jar

    [ https://issues.apache.org/jira/browse/TINKERPOP-1068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15073026#comment-15073026 ] 

Sven Delmas commented on TINKERPOP-1068:
----------------------------------------

Unclear who owns what at this point. We are building our own version internally. This might just be someone who also wants a fixed version in some maven repo. Question is how legit the guy is :-).  

> Bump to support jbcrypt-0.4m.jar
> --------------------------------
>
>                 Key: TINKERPOP-1068
>                 URL: https://issues.apache.org/jira/browse/TINKERPOP-1068
>             Project: TinkerPop
>          Issue Type: Improvement
>    Affects Versions: 3.1.0-incubating
>            Reporter: Marko A. Rodriguez
>
> Sven says there is a security issue in {{jbcrypt-0.3m.jar}}, where {{0.4}} solves it. I am told that 0.4 is not out yet in Central Repo so we will have to wait. However, a quick Google search revealed:
> http://mvnrepository.com/artifact/de.svenkubiak/jBCrypt/0.4
> Different {{groupId}}/etc. but same "mindrot" development group. ??



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)