You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@groovy.apache.org by "Paul King (Jira)" <ji...@apache.org> on 2020/11/26 07:13:00 UTC
[jira] [Updated] (GROOVY-9552) Bump Ant versions to address:
[CVE-2020-1945] Apache Ant insecure temporary file vulnerability
[ https://issues.apache.org/jira/browse/GROOVY-9552?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Paul King updated GROOVY-9552:
------------------------------
Fix Version/s: 2.4.21
> Bump Ant versions to address: [CVE-2020-1945] Apache Ant insecure temporary file vulnerability
> ----------------------------------------------------------------------------------------------
>
> Key: GROOVY-9552
> URL: https://issues.apache.org/jira/browse/GROOVY-9552
> Project: Groovy
> Issue Type: Dependency upgrade
> Reporter: Paul King
> Assignee: Paul King
> Priority: Major
> Fix For: 4.0.0-alpha-1, 3.0.4, 2.5.12, 2.4.21
>
>
> I think it is a low risk for Groovy users but we might as well get the latest Ant and have the extra mechanisms in place as described by:
> https://lists.apache.org/thread.html/r8e592bbfc016a5dbe2a8c0e81ff99682b9c78c453621b82c14e7b75e%40%3Cdev.ant.apache.org%3E
--
This message was sent by Atlassian Jira
(v8.3.4#803005)