[jira] [Resolved] (SLING-11131) Update Apache HTTP Client Dependency for CVE-2020-13956

Andrei Dulvac (Jira) Wed, 09 Feb 2022 05:21:14 -0800


     [ 
https://issues.apache.org/jira/browse/SLING-11131?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Andrei Dulvac resolved SLING-11131.
-----------------------------------
    Resolution: Fixed

Fixed by 
https://github.com/apache/sling-org-apache-sling-testing-clients/commit/3e677d306d0ee7e807bcb3dc4c4b8634681f28ac
 

> Update Apache HTTP Client Dependency for CVE-2020-13956
> -------------------------------------------------------
>
>                 Key: SLING-11131
>                 URL: https://issues.apache.org/jira/browse/SLING-11131
>             Project: Sling
>          Issue Type: Task
>          Components: Apache Sling Testing Clients
>    Affects Versions: Apache Sling Testing Clients 3.0.10
>            Reporter: Andrei Tuicu
>            Assignee: Andrei Dulvac
>            Priority: Major
>             Fix For: Apache Sling Testing Clients 3.0.12
>
>          Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> org.apache.httpcomponents.httpclient 4.4.1 is vulnerable to 
> CVE-2020-13956(MEDIUM)[0].
> We need to update to the latest version of the Apache HTP Client 4.5.13. 
> [0] https://www.cvedetails.com/cve/CVE-2020-13956/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-11131) Update Apache HTTP Client Dependency for CVE-2020-13956

Reply via email to