[
https://issues.apache.org/jira/browse/SLING-11305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oliver Lietz updated SLING-11305:
---------------------------------
Fix Version/s: (was: JCR Oak Server 1.2.10)
> Request to create a new Apache Sling JCR Oak Server release
> -----------------------------------------------------------
>
> Key: SLING-11305
> URL: https://issues.apache.org/jira/browse/SLING-11305
> Project: Sling
> Issue Type: Improvement
> Components: Oak
> Affects Versions: Starter 12
> Reporter: Yuri Simione
> Priority: Major
>
> One of +the official Sling 12+ bundle, the *Apache Sling JCR Oak Server* ver
> 1.2.10 has some vulnerabilities originated by the Google Guava library. This
> bundle has been updated in 2021 and the dependency of the Guava library
> removed SLING-10029 Remove Guava dependency - ASF JIRA (apache.org). Although
> the vulnerability has been resolved I request to create a new release of the
> Apache Sling JCR Oak Server, to add the new release as one of the standard
> components of the Sling 12 official release, updating the Sling 12 download
> page as well.
> The update is important because the Apache Sling JCR Oak Server ver 1.2.10 is
> the latest release and because of the Google Guava dependency all the major
> Sling projects, like the Apache Sling Starter, still need this library.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
