[jira] [Updated] (ARCHETYPE-567) Update to dom4j 2.1.1 and require Java 8

Enrico Olivelli (JIRA) Tue, 04 Jun 2019 05:38:15 -0700


     [ 
https://issues.apache.org/jira/browse/ARCHETYPE-567?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Enrico Olivelli updated ARCHETYPE-567:
--------------------------------------
    Summary:  Update to dom4j 2.1.1 and require Java 8  (was:  Update to dom4j 
2.1.1 )

>  Update to dom4j 2.1.1 and require Java 8
> -----------------------------------------
>
>                 Key: ARCHETYPE-567
>                 URL: https://issues.apache.org/jira/browse/ARCHETYPE-567
>             Project: Maven Archetype
>          Issue Type: Bug
>    Affects Versions: 3.1.0
>            Reporter: Tony Homer
>            Priority: Major
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> Maven archetype currently uses dom4j 1.6.1 which is vulnerable to 
> [CVE-2018-1000632|https://nvd.nist.gov/vuln/detail/CVE-2018-1000632].
> Upgrade to 2.1.1, which is the only released version of dom4j not vulnerable 
> to CVE-2018-1000632.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (ARCHETYPE-567) Update to dom4j 2.1.1 and require Java 8

Reply via email to