GWT 2.8.2: All All ---
##### Description Security Vulnerability Detected in gwt-dev.jar & gwt-servlet.jar are reported by Dependency checker tool https://jeremylong.github.io/DependencyCheck/ Below are the details - 1. Gwt-dev.jar - 1.1 Vulnerable version of jetty library(current version-- 9.2.14, available ) 1.2 Vulnerable version of commons-collections(current version - 3.2.1) 1.3 Vulnerable version of org.apache.httpcomponents:httpclient(current version - 4.3.1) 2. Gwt-servlet.jar 1.1 Vulnerable version of Google Protobuf(current version - 2.5.0, available version - 3.4.0) ##### Steps to reproduce Refer instruction from following web site. https://jeremylong.github.io/DependencyCheck/dependency-check-ant/index.html Is community going to update 3rd party library used by GWT to remove these Vulnerability ? -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-web-toolkit. For more options, visit https://groups.google.com/d/optout.
