You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@felix.apache.org by "Carsten Ziegeler (Jira)" <ji...@apache.org> on 2021/03/18 05:59:00 UTC
[jira] [Closed] (FELIX-6391) Update embedded commons-io to 2.8.0
[ https://issues.apache.org/jira/browse/FELIX-6391?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Carsten Ziegeler closed FELIX-6391.
-----------------------------------
> Update embedded commons-io to 2.8.0
> -----------------------------------
>
> Key: FELIX-6391
> URL: https://issues.apache.org/jira/browse/FELIX-6391
> Project: Felix
> Issue Type: Bug
> Components: HTTP Service
> Affects Versions: http.jetty-4.1.4
> Reporter: Akanksha Jain
> Assignee: Carsten Ziegeler
> Priority: Major
> Fix For: http.jetty-4.1.6
>
> Attachments: sonatype-2018-0705.png
>
>
> Apache Felix Http Jetty: 4.1.4 has embedded commons-io.2.6.jar which is vulnerable to
> "sonatype-2018-0705".
> The vulnerability has been fixed in commons-io: 2.7.
> Related Commons-io JIRA: https://issues.apache.org/jira/browse/IO-556
> Need to update commons-io latest version in Apache Felix HTTP Jetty module.
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)