You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Emmanuel Lécharny (Jira)" <ji...@apache.org> on 2023/04/06 04:57:00 UTC
[jira] [Resolved] (DIRAPI-390) Upgrade commons-text as it flags the project with CVE-2022-42889
[ https://issues.apache.org/jira/browse/DIRAPI-390?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lécharny resolved DIRAPI-390.
--------------------------------------
Resolution: Fixed
Fixed with commit 261f68b5d51dca0b28bb1af2846a81a8c9b40903
> Upgrade commons-text as it flags the project with CVE-2022-42889
> ----------------------------------------------------------------
>
> Key: DIRAPI-390
> URL: https://issues.apache.org/jira/browse/DIRAPI-390
> Project: Directory Client API
> Issue Type: Task
> Affects Versions: 2.1.2
> Reporter: Emmanuel Lécharny
> Priority: Major
> Fix For: 2.1.3
>
>
> We use commons-text, which is subject to CVE-2022-42889.
> Even if we don't use the part that triggers this CVE, tools are now flagging the LDAP API as vulnerable because we depends on this library.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org