[ https://issues.apache.org/jira/browse/TINKERPOP-1934?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16429176#comment-16429176 ]
ASF GitHub Bot commented on TINKERPOP-1934: ------------------------------------------- GitHub user spmallette opened a pull request: https://github.com/apache/tinkerpop/pull/832 TINKERPOP-1934 Bumped httpclient to 4.5.5 https://issues.apache.org/jira/browse/TINKERPOP-1934 Removed httpcore NOTICE entry as this more recent version does not contain that designation in its NOTICE. All tests pass with `docker/build.sh -t -n -i` VOTE +1 You can merge this pull request into a Git repository by running: $ git pull https://github.com/apache/tinkerpop TINKERPOP-1934 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/tinkerpop/pull/832.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #832 ---- commit d0901649389da33324e6833b0c84884cf6ec801a Author: Stephen Mallette <spmva@...> Date: 2018-04-05T12:11:59Z TINKERPOP-1934 Bumped httpclient to 4.5.5 Removed httpcore NOTICE entry as this more recent version does not contain that designation in its NOTICE. ---- > Bump to latest version of httpclient > ------------------------------------ > > Key: TINKERPOP-1934 > URL: https://issues.apache.org/jira/browse/TINKERPOP-1934 > Project: TinkerPop > Issue Type: Improvement > Components: build-release > Affects Versions: 3.2.7 > Reporter: stephen mallette > Assignee: stephen mallette > Priority: Major > Fix For: 3.4.0, 3.2.9, 3.3.3 > > > Should probably go to 4.5.5 which will cleanly get us away from: > https://nvd.nist.gov/vuln/detail/CVE-2013-4366 > We seem to reference httpclient in a bunch of places - should probably unify > the version if possible. -- This message was sent by Atlassian JIRA (v7.6.3#76005)