[jira] [Updated] (SHIRO-723) Provide Minor Shiro Release that includes CVE-2019-10086 Fix

Francois Papon (Jira) Tue, 01 Oct 2019 05:43:34 -0700


     [ 
https://issues.apache.org/jira/browse/SHIRO-723?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Francois Papon updated SHIRO-723:
---------------------------------
    Fix Version/s: 1.5.0

> Provide Minor Shiro Release that includes CVE-2019-10086 Fix
> ------------------------------------------------------------
>
>                 Key: SHIRO-723
>                 URL: https://issues.apache.org/jira/browse/SHIRO-723
>             Project: Shiro
>          Issue Type: Request
>    Affects Versions: 1.4.1
>            Reporter: Mark Denihan
>            Priority: Major
>             Fix For: 1.5.0
>
>
> As a User of Shiro
> I want Shiro to pass security scans
> So that it doesn't break my pipeline
> The latest version of Shrio includes the risk from CVE-2019-10086. This has 
> been fixed in SHIRO-720 and is in master. However there is no release 
> available that includes the August Merge Request.
> ref:
> [https://github.com/apache/shiro/pull/167]
> https://issues.apache.org/jira/browse/SHIRO-720
> [https://nvd.nist.gov/vuln/detail/CVE-2019-10086]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (SHIRO-723) Provide Minor Shiro Release that includes CVE-2019-10086 Fix

Reply via email to