You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@myfaces.apache.org by "Udo Schnurpfeil (JIRA)" <de...@myfaces.apache.org> on 2017/04/05 19:36:42 UTC
[jira] [Resolved] (TOBAGO-1730) Update dependencies with respect to
CVE
[ https://issues.apache.org/jira/browse/TOBAGO-1730?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Udo Schnurpfeil resolved TOBAGO-1730.
-------------------------------------
Resolution: Fixed
> Update dependencies with respect to CVE
> ---------------------------------------
>
> Key: TOBAGO-1730
> URL: https://issues.apache.org/jira/browse/TOBAGO-1730
> Project: MyFaces Tobago
> Issue Type: Task
> Components: Build
> Reporter: Udo Schnurpfeil
> Assignee: Udo Schnurpfeil
> Priority: Trivial
> Fix For: 3.0.4, 3.1.0
>
>
> * Using portlet api from apache instead of javax, because of parsing error of the pom.xml (contains unknown entity reference
> * update logback because of CVE-2017-5929
> * update openjpa, because of asm dependency (only old addressbook)
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)