Thanks Oleg. S, does that mean the only solution for removing this vulnerability is to upgrade HC 3.1 to 4.x.
Thanks in Advance. BR, Ruchika On Tue, Aug 5, 2014 at 1:52 PM, Oleg Kalnichevski <[email protected]> wrote: > On Tue, 2014-08-05 at 13:00 +0530, Ruchika Mahajan wrote: > > Hi, > > > > We are using "*commons-httpclient-3.1.jar*" in our project and observed > > "CVE-2012-5783" vulnerability in it. > > Do we have any update or patch for commons-httpclient-3.x jar for > removing > > this vulnerability. > > > > BR, > > Ruchika > > HC 3.1 is at end of life since Jan 2011. It is no longer supported or > updated. > > Oleg > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
