You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Emmanuel Lécharny (Jira)" <ji...@apache.org> on 2023/04/06 04:57:00 UTC

[jira] [Resolved] (DIRAPI-390) Upgrade commons-text as it flags the project with CVE-2022-42889

     [ https://issues.apache.org/jira/browse/DIRAPI-390?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Emmanuel Lécharny resolved DIRAPI-390.
--------------------------------------
    Resolution: Fixed

Fixed with commit 261f68b5d51dca0b28bb1af2846a81a8c9b40903

> Upgrade commons-text as it flags the project with CVE-2022-42889
> ----------------------------------------------------------------
>
>                 Key: DIRAPI-390
>                 URL: https://issues.apache.org/jira/browse/DIRAPI-390
>             Project: Directory Client API
>          Issue Type: Task
>    Affects Versions: 2.1.2
>            Reporter: Emmanuel Lécharny
>            Priority: Major
>             Fix For: 2.1.3
>
>
> We use commons-text, which is subject to CVE-2022-42889.
> Even if we don't use the part that triggers this CVE, tools are now flagging the LDAP API as vulnerable because we depends on this library.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org