Hello everyone, For the case that it's a known issue, please excuse this mail.
Today I noticed in the maven installation logging, while the installation of 'bower', a link to a blog post about a security issue: https://snyk.io/blog/severe-security-vulnerability-in-bowers-zip-archive-extraction/. So I updated the package configuration file (https://github.com/DSpace/DSpace/blob/dspace-6.3/dspace-xmlui-mirage2/src/main/webapp/package.json) to bower version 1.8.8. The installation also runs with the new version. Kind regards, Paul Münch -- Philipps-Universität Marburg | UB Digitale Dienste | Deutschhausstraße 9 | D228 Tel. +49 06421 28-24624 -- -- All messages to this mailing list should adhere to the DuraSpace Code of Conduct: https://duraspace.org/about/policies/code-of-conduct/ --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/ffb18339-aef5-799a-f617-4e2eaf948f90%40staff.uni-marburg.de.
signature.asc
Description: OpenPGP digital signature
