[
https://issues.apache.org/jira/browse/CONNECTORS-1765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17905998#comment-17905998
]
Piergiorgio Lucidi commented on CONNECTORS-1765:
------------------------------------------------
The latest version of HSQL that is working without breaking our tests execution
is 2.6.1 so this means that actually we can't upgrade to 2.7.x yet.
> Fixing vulnerabilities in MCF
> -----------------------------
>
> Key: CONNECTORS-1765
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1765
> Project: ManifoldCF
> Issue Type: Improvement
> Components: Build
> Affects Versions: ManifoldCF 2.27
> Reporter: Guylaine Bassette
> Assignee: Piergiorgio Lucidi
> Priority: Major
> Fix For: ManifoldCF 2.28
>
> Attachments: trivy-report.txt
>
>
> This is for my pull request:
> https://github.com/apache/manifoldcf/pull/167
> The Trivy tool ([https://trivy.dev/]) reveals a number of vulnerabilities in
> ManifoldCF. This contribution fixes the critical ones on CXF, hadoop, Plexus
> utils, Postgresql, Retrofit and HSQL.
> We have tested Web connector and Windows Share which are still working
> properly.
> It seems that the HSQL update broke the tests-HSQLDB-framework, but even
> without the fix, I'm getting errors on the connectors-IT-HSQLDB... Are there
> other members of the community who could work on checking and updating the
> tests that are useful to them?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
