[jira] [Commented] (KARAF-7625) Upgrade to CXF 3.5.5

Jira Mon, 19 Dec 2022 04:45:40 -0800


    [ 
https://issues.apache.org/jira/browse/KARAF-7625?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17649314#comment-17649314
 ]


Jean-Baptiste Onofré commented on KARAF-7625:
---------------------------------------------

NB: Karaf doesn't directly provide or use CXF in the core (only for examples). 
So, users can always decide the CXF version they want to use.

> Upgrade to CXF 3.5.5
> --------------------
>
>                 Key: KARAF-7625
>                 URL: https://issues.apache.org/jira/browse/KARAF-7625
>             Project: Karaf
>          Issue Type: Dependency upgrade
>          Components: karaf
>            Reporter: Andre Schlegel-Tylla
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>
> In CXF are two new security vulnerabilities reportet 
> ([https://nvd.nist.gov/vuln/detail/CVE-2022-46363,] 
> [https://nvd.nist.gov/vuln/detail/CVE-2022-46364)|https://nvd.nist.gov/vuln/detail/CVE-2022-46364]
> So CXF should be updated to Version 3.5.5.
> FYI [~jbonofre] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (KARAF-7625) Upgrade to CXF 3.5.5

Reply via email to