You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2016/04/28 13:51:09 UTC
svn commit: r1741416 [1/3] - in
/ofbiz/trunk/tools/security/dependency-check: dependency-check-report.html
suppress.xml
Author: jleroux
Date: Thu Apr 28 11:51:08 2016
New Revision: 1741416
URL: http://svn.apache.org/viewvc?rev=1741416&view=rev
Log:
Updates OWASP dependency check files.
Several changes, notably:
* removes all Tomcat libs suppresses (in catalina\lib) and rather adds a sole suppress based on CVEs (current Tomcat version not concerned)
* same for jsp-api-2.3
* a new vulnerability is identified: CVE-2015-1776 for hadoop libs (in solr component)
Modified:
ofbiz/trunk/tools/security/dependency-check/dependency-check-report.html
ofbiz/trunk/tools/security/dependency-check/suppress.xml