[
https://issues.apache.org/jira/browse/GEODE-4030?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16301698#comment-16301698
]
ASF GitHub Bot commented on GEODE-4030:
---------------------------------------
metatype commented on a change in pull request #1199: GEODE-4030, GEODE-3495:
Bump dependencies to new versions
URL: https://github.com/apache/geode/pull/1199#discussion_r158528539
##########
File path:
geode-assembly/src/test/java/org/apache/geode/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
##########
@@ -585,21 +622,6 @@ public void testSSLWithTLSProtocol() throws Exception {
validateConnection(restEndpoint, "TLS", props);
}
- @Test
- public void testSSLWithTLSv11Protocol() throws Exception {
Review comment:
The problem is that all cipher suites for TLSv11 have known vulnerabilities
and have been disabled by Jetty. If we bump the Jetty version we are
essentially removing support for TLS v1.1.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> Upgrade to the latest dependencies
> ----------------------------------
>
> Key: GEODE-4030
> URL: https://issues.apache.org/jira/browse/GEODE-4030
> Project: Geode
> Issue Type: Bug
> Components: build, logging, rest (admin), rest (dev)
> Reporter: Swapnil Bawaskar
> Assignee: Swapnil Bawaskar
> Fix For: 1.4.0
>
>
> We need to update the following dependencies:
> {noformat}
> name from to
> ------------------------------------------------------------
> Jackson 2.8.6 2.9.2
> log4j2 2.8.2 2.10.0
> spring 4.3.6 4.3.13
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
