[jira] [Created] (JCR-3912) Jackrabbit depends on obsolete commons-httpclient library

Markus Koschany (JIRA) Wed, 30 Sep 2015 09:50:23 -0700

Markus Koschany created JCR-3912:
------------------------------------

             Summary: Jackrabbit depends on obsolete commons-httpclient library
                 Key: JCR-3912
                 URL: https://issues.apache.org/jira/browse/JCR-3912
             Project: Jackrabbit Content Repository
          Issue Type: Bug
          Components: security
    Affects Versions: 2.11.0, 2.10.1
         Environment: Debian GNU/Linux
            Reporter: Markus Koschany



Hello,

jackrabbit depends on commons-httpclient. https://hc.apache.org/httpclient-3.x/

This library has reached EOL status four years ago and was replaced by Apache 
httpcomponents-client:

https://hc.apache.org/httpcomponents-client-ga/index.html

commons-httpclient was affected by multiple security issues in the past but is 
no longer supported by its upstream developers. This makes it difficult for 
Linux distributions to provide any support for applications and libraries which 
still depend on commons-httpclient.

Please consider to make the switch to httpcomponents-client




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (JCR-3912) Jackrabbit depends on obsolete commons-httpclient library

Reply via email to