[
https://issues.apache.org/jira/browse/KNOX-3191?focusedWorklogId=985143&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-985143
]
ASF GitHub Bot logged work on KNOX-3191:
----------------------------------------
Author: ASF GitHub Bot
Created on: 30/Sep/25 11:11
Start Date: 30/Sep/25 11:11
Worklog Time Spent: 10m
Work Description: smolnar82 commented on PR #1086:
URL: https://github.com/apache/knox/pull/1086#issuecomment-3351439930
> I will try to test the demo-ldap part, though I have no prior experience
with this Repo , it might take me some time.
@devaspatikrishnatri - then why did you submit this change?
The Knox team checks the project dependencies time to time, we always fix
issue with Critical/High CVEs.
In this particular case, the project already uses `2.0.27`, which, at the
moment, has **`0`** CVEs:
<img width="1380" height="836" alt="image"
src="https://github.com/user-attachments/assets/913b8592-5d2d-4bf8-9759-7a23cd9825a5";
/>
I checked [KNOX-3191](https://issues.apache.org/jira/browse/KNOX-3191),
where the only description I see:
```
Upgrade mina-core to 2.2.4 to fix CVEs.
```
Which CVEs are you referring to?
Issue Time Tracking
-------------------
Worklog Id: (was: 985143)
Time Spent: 40m (was: 0.5h)
> Upgrade mina-core to 2.2.4
> --------------------------
>
> Key: KNOX-3191
> URL: https://issues.apache.org/jira/browse/KNOX-3191
> Project: Apache Knox
> Issue Type: Improvement
> Reporter: Devaspati Krishnatri
> Priority: Minor
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Upgrade mina-core to 2.2.4 to fix CVEs.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
