ppalaga commented on PR #4902: URL: https://github.com/apache/camel-quarkus/pull/4902#issuecomment-1551124005
> There is, however, a major concern here: [CVE-2022-34169](https://nvd.nist.gov/vuln/detail/CVE-2022-34169). For me, it is unclear whether the issue is **actually** fixed in `2.7.3`, or whether it is just "gone" due to the missing dependencies. The fix commit seems to be this one https://github.com/apache/xalan-java/commit/2e60d0a9a5b822c4abf9051857973b1c6babfe81 That's definitely in Xalan. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
