[ https://issues.apache.org/jira/browse/AMQ-7103?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16688557#comment-16688557 ]
Christopher L. Shannon commented on AMQ-7103: --------------------------------------------- Well we will look at updating the dependencies either way where we can. (assuming non breaking changes, etc) > Dependency updates flagged by OWASP Dependency Check > ---------------------------------------------------- > > Key: AMQ-7103 > URL: https://issues.apache.org/jira/browse/AMQ-7103 > Project: ActiveMQ > Issue Type: Improvement > Affects Versions: 5.15.7 > Reporter: Christopher L. Shannon > Priority: Major > Fix For: 5.15.9 > > > Original text from Jira issue from [~ABakerIII] - > > Please determine if > # The 458 vulnerabilities are true vulnerabilities or false positives > # Are there newer versions of the vulnerable libraries available > # Will updating the pom to use the new libraries break the build/test or not > # If updates some do break the build/test, please update the code to work. -- This message was sent by Atlassian JIRA (v7.6.3#76005)