[
https://issues.apache.org/jira/browse/ZOOKEEPER-3256?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16752730#comment-16752730
]
Enrico Olivelli edited comment on ZOOKEEPER-3256 at 1/25/19 10:11 PM:
----------------------------------------------------------------------
while executing ant task I am seeing
[owasp:dependency-check] A new version of dependency-check is available.
Consider updating to version 4.0.2.
One or more dependencies were identified with vulnerabilities that have a CVSS
score greater than or equal to '0,0': CVE-2018-14719, CVE-2018-1000873,
CVE-2018-14718, CVE-2018-19362, CVE-2018-19361, CVE-2018-19360, CVE-2018-14721,
CVE-2018-14720
was (Author: eolivelli):
while executing ant task I am seeing
[owasp:dependency-check] A new version of dependency-check is available.
Consider updating to version 4.0.2.
[
> Enable OWASP checks to Maven build
> -----------------------------------
>
> Key: ZOOKEEPER-3256
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3256
> Project: ZooKeeper
> Issue Type: Sub-task
> Components: security
> Reporter: Enrico Olivelli
> Assignee: Enrico Olivelli
> Priority: Major
> Labels: pull-request-available
> Fix For: 3.6.0, 3.5.5, 3.4.14
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> Port OWASP check task to the Maven build, the suppressionsFile is the same as
> the ANT task
> use this command to run the check:
> {code:java}
> mvn org.owasp:dependency-check-maven:aggregate{code}
>
> ant based counterpart is:
> {code:java}
> ant owasp{code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
