[jira] [Closed] (AXIS2-5996) Axis contains a vulnerable dependecy

Robert Lazarski (Jira) Wed, 10 Mar 2021 12:36:04 -0800


     [ 
https://issues.apache.org/jira/browse/AXIS2-5996?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Robert Lazarski closed AXIS2-5996.
----------------------------------
    Resolution: Implemented

The axis2 git repo already has been upgraded - we have Dependabot configured to 
handle upgrades automatically.

If you need to fix this immediately you can build from source here:

git clone [https://github.com/apache/axis-axis2-java-core.git]

 

> Axis contains a vulnerable dependecy
> ------------------------------------
>
>                 Key: AXIS2-5996
>                 URL: https://issues.apache.org/jira/browse/AXIS2-5996
>             Project: Axis2
>          Issue Type: Bug
>    Affects Versions: 1.7.9
>            Reporter: Joseph
>            Priority: Major
>              Labels: security
>
> Axis 2 is dependent on Apache Client 4.5.3 which is vulnerable to 
> CVE-2020-13956 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Closed] (AXIS2-5996) Axis contains a vulnerable dependecy

Reply via email to