You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Andy (JIRA)" <ji...@apache.org> on 2018/04/27 19:56:00 UTC
[jira] [Created] (SLING-7626) disclosure vulnerability affecting
Apache Sling Servlets Post 2.3.6 and earlier versions
Andy created SLING-7626:
---------------------------
Summary: disclosure vulnerability affecting Apache Sling Servlets Post 2.3.6 and earlier versions
Key: SLING-7626
URL: https://issues.apache.org/jira/browse/SLING-7626
Project: Sling
Issue Type: Task
Affects Versions: Testing Sling Mock 2.2.18, Servlet Helpers 1.1.4, Testing JCR Mock 1.3.2
Reporter: Andy
There is a high security vulnerability from OWASP dependencies check scan affecting Apache Sling Servlets Post 2.3.6 and earlier versions. Please update to Apache Sling Servlets Post 2.3.8.
This is the Adobe fixes for reference, but the following modules need to address this
https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html
org.apache.sling.servlet-helpers-1.1.4.jar|
org.apache.sling.testing.sling-mock-2.2.18.jar
org.apache.sling.testing.jcr-mock-1.3.2.jar
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)