[jira] [Updated] (SLING-7626) disclosure vulnerability affecting Apache Sling Servlets Post 2.3.6 and earlier versions

Fri, 27 Apr 2018 12:58:33 -0700 

     [ 
https://issues.apache.org/jira/browse/SLING-7626?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andy updated SLING-7626:
------------------------
    Description: 
There is a high security vulnerability from OWASP dependencies check scan 
affecting Apache Sling Servlets Post 2.3.6 and earlier versions. Please update 
to Apache Sling Servlets Post 2.3.8.

This is the Adobe fixes for reference, but the following modules need to 
address this

https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html 

org.apache.sling.servlet-helpers-1.1.4.jar

org.apache.sling.testing.sling-mock-2.2.18.jar

org.apache.sling.testing.jcr-mock-1.3.2.jar

 

  was:
There is a high security vulnerability from OWASP dependencies check scan 
affecting Apache Sling Servlets Post 2.3.6 and earlier versions. Please update 
to Apache Sling Servlets Post 2.3.8.

This is the Adobe fixes for reference, but the following modules need to 
address this

https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html 

org.apache.sling.servlet-helpers-1.1.4.jar|

org.apache.sling.testing.sling-mock-2.2.18.jar

org.apache.sling.testing.jcr-mock-1.3.2.jar

 


> disclosure vulnerability affecting Apache Sling Servlets Post 2.3.6 and 
> earlier versions
> ----------------------------------------------------------------------------------------
>
>                 Key: SLING-7626
>                 URL: https://issues.apache.org/jira/browse/SLING-7626
>             Project: Sling
>          Issue Type: Task
>    Affects Versions: Testing JCR Mock 1.3.2, Servlet Helpers 1.1.4, Testing 
> Sling Mock 2.2.18
>            Reporter: Andy
>            Priority: Blocker
>
> There is a high security vulnerability from OWASP dependencies check scan 
> affecting Apache Sling Servlets Post 2.3.6 and earlier versions. Please 
> update to Apache Sling Servlets Post 2.3.8.
> This is the Adobe fixes for reference, but the following modules need to 
> address this
> https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html 
> org.apache.sling.servlet-helpers-1.1.4.jar
> org.apache.sling.testing.sling-mock-2.2.18.jar
> org.apache.sling.testing.jcr-mock-1.3.2.jar
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to