[
https://issues.apache.org/jira/browse/JCR-4756?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17489436#comment-17489436
]
Julian Reschke edited comment on JCR-4756 at 2/9/22, 10:39 AM:
---------------------------------------------------------------
> Hello, any plans to update this in 2.20.x as well?
Yes. That's why the issue has the label "candidate_Jcr_2_20"
> Speaking of h2 vulnerabilities, apparently versions before 2.1.210 are
> affected by a couple of other vulnerabilities. Do you plan to update to
> 2.1.210+?
Yes, of course (but note that the h2 console is not in use in this project,
*and* it is only a test dependency)
was (Author: reschke):
> Hello, any plans to update this in 2.20.x as well?
Yes. That's why the issue has the label "candidate_Jcr_2_20"
> Speaking of h2 vulnerabilities, apparently versions before 2.1.210 are
> affected by a couple of other vulnerabilities. Do you plan to update to
> 2.1.210+?
Yes, of course (but note that the h2 console is not in use in this project).
> Update h2db dependency to 2.0.206
> ---------------------------------
>
> Key: JCR-4756
> URL: https://issues.apache.org/jira/browse/JCR-4756
> Project: Jackrabbit Content Repository
> Issue Type: Task
> Components: core
> Reporter: Julian Reschke
> Assignee: Julian Reschke
> Priority: Minor
> Labels: candidate_jcr_2_20
> Fix For: 2.22, 2.21.10
>
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
