[jira] [Updated] (GEODE-8471) Ignore

Brent Driskill (Jira) Mon, 31 Aug 2020 05:36:38 -0700


     [ 
https://issues.apache.org/jira/browse/GEODE-8471?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Brent Driskill updated GEODE-8471:
----------------------------------
    Description:     (was: The following libraries need to be updated to patch 
security vulnerabilities:

beanutils: 1.9.3 -> 1.9.4

jgroups: 3.6.14 -> 3.6.20

apache-shiro: 1.4.1 -> 1.4.2

spring-web: 5.2.1 -> 5.2.8

These were found using the owasp security gradle plugin.

Related CVE's: 

CVE-2018-1000613, CVE-2020-9547, CVE-2020-9548, CVE-2019-14379, CVE-2020-11619, 
CVE-2019-20330, CVE-2020-11620, CVE-2018-14719, CVE-2019-17531, CVE-2019-14540, 
CVE-2020-9546, CVE-2019-16942, CVE-2019-16943, CVE-2018-19362, CVE-2018-19361, 
CVE-2018-19360, CVE-2019-17267, CVE-2019-16335, CVE-2018-14721, CVE-2019-14893, 
CVE-2020-8840, CVE-2018-14720, CVE-2019-14892, CVE-2017-5645, CVE-2019-5736, 
CVE-2014-0048, CVE-2019-15752, CVE-2018-1270, CVE-2020-1938)
        Summary: Ignore  (was: Dependency security issues in geode-core-1.12)

> Ignore
> ------
>
>                 Key: GEODE-8471
>                 URL: https://issues.apache.org/jira/browse/GEODE-8471
>             Project: Geode
>          Issue Type: Bug
>          Components: build
>    Affects Versions: 1.12.0
>            Reporter: Brent Driskill
>            Priority: Major
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (GEODE-8471) Ignore

Reply via email to