[
https://issues.apache.org/jira/browse/DIRAPI-423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17931870#comment-17931870
]
Emmanuel Lécharny commented on DIRAPI-423:
------------------------------------------
Hi,
we can't, there is a big issue with TLS in 2.2.4 (currently working on it).
Regardless, LDAP API 2.1.7 is save, the CVE is related to a part of MINA we
don't use.
> Update Apache MINA Core from 2.2.3 to 2.2.4
> -------------------------------------------
>
> Key: DIRAPI-423
> URL: https://issues.apache.org/jira/browse/DIRAPI-423
> Project: Directory Client API
> Issue Type: Dependency upgrade
> Affects Versions: 2.1.7
> Reporter: Mark Hoare
> Priority: Minor
>
> Please consider bumping MINA Core dependency to 2.2.4 to address
> CVE-2024-52046.
> 2.2.4 was released in Dec 2024
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org
