You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ofbiz.apache.org by jl...@apache.org on 2016/04/15 19:56:07 UTC

svn commit: r1739340 - /ofbiz/trunk/tools/security/dependency-check/suppress.xml

Author: jleroux
Date: Fri Apr 15 17:56:06 2016
New Revision: 1739340

URL: http://svn.apache.org/viewvc?rev=1739340&view=rev
Log:
No functional changes, updates suppress.xml, I will ask why we have to put all those suppressions about Tomcat 8.0.33 which is the last available version!

Modified:
    ofbiz/trunk/tools/security/dependency-check/suppress.xml

Modified: ofbiz/trunk/tools/security/dependency-check/suppress.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/tools/security/dependency-check/suppress.xml?rev=1739340&r1=1739339&r2=1739340&view=diff
==============================================================================
--- ofbiz/trunk/tools/security/dependency-check/suppress.xml (original)
+++ ofbiz/trunk/tools/security/dependency-check/suppress.xml Fri Apr 15 17:56:06 2016
@@ -27,7 +27,7 @@
        <cpe>cpe:/a:apache:tomcat:3.0</cpe>
     </suppress>
 
-    <!-- About Tomcat 8.0.33 vulnerabilities (start with jsp-api-2.3.jar): I put not suppress (there are - too much - tons of them) because none concern OFBIZ .
+    <!-- About Tomcat 8.0.33 vulnerabilities (start with jsp-api-2.3.jar): I will ask why we have to put all those suppressions :/
             Note that CVE-2013-2185 is disputed by the Tomcat team, see OFBIZ-6752 for details -->
 
     <suppress>