[
https://issues.apache.org/jira/browse/TINKERPOP-1934?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16429176#comment-16429176
]
ASF GitHub Bot commented on TINKERPOP-1934:
-------------------------------------------
GitHub user spmallette opened a pull request:
https://github.com/apache/tinkerpop/pull/832
TINKERPOP-1934 Bumped httpclient to 4.5.5
https://issues.apache.org/jira/browse/TINKERPOP-1934
Removed httpcore NOTICE entry as this more recent version does not contain
that designation in its NOTICE.
All tests pass with `docker/build.sh -t -n -i`
VOTE +1
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/apache/tinkerpop TINKERPOP-1934
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/tinkerpop/pull/832.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #832
----
commit d0901649389da33324e6833b0c84884cf6ec801a
Author: Stephen Mallette <spmva@...>
Date: 2018-04-05T12:11:59Z
TINKERPOP-1934 Bumped httpclient to 4.5.5
Removed httpcore NOTICE entry as this more recent version does not contain
that designation in its NOTICE.
----
> Bump to latest version of httpclient
> ------------------------------------
>
> Key: TINKERPOP-1934
> URL: https://issues.apache.org/jira/browse/TINKERPOP-1934
> Project: TinkerPop
> Issue Type: Improvement
> Components: build-release
> Affects Versions: 3.2.7
> Reporter: stephen mallette
> Assignee: stephen mallette
> Priority: Major
> Fix For: 3.4.0, 3.2.9, 3.3.3
>
>
> Should probably go to 4.5.5 which will cleanly get us away from:
> https://nvd.nist.gov/vuln/detail/CVE-2013-4366
> We seem to reference httpclient in a bunch of places - should probably unify
> the version if possible.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
