David Sean Taylor created JS2-1371:
--------------------------------------
Summary: Security Vulnerabilities Update
Key: JS2-1371
URL: https://issues.apache.org/jira/browse/JS2-1371
Project: Jetspeed 2
Issue Type: Improvement
Components: Dependencies
Affects Versions: 2.3.1
Reporter: David Sean Taylor
Assignee: David Sean Taylor
Fix For: 2.3.2
The following direct dependencies have been highlighted as having security
vulnerabilities (along with the suggested remediation):
Apache Commons BeanUtils 1.9.2 (update to 1.9.4)
Apache Commons FileUpload 1.3.1 (update to 1.4)
Apache CXF 2.2.5 (update to cxf-3.4.1)
Apache Lucene 3.1.0 (update to 8.7.0)
Apache lucene-solr 3.1.0 (update to 8.7.0)
Castor 1.1.1 (update to 1.4.1)
dom4j 1.6.1 (update to 20040902.021138)
slf4j 1.5.6 (update to 1.7.30)
Spring-core 3.2.9RELEASE (update to 5.3.2)
Spring-aop 3.2.9.RELEASE (update to 5.3.2)
Spring-beans 3.2.9.RELEASE (update to 5.3.2)
Spring-context 3.2.9.RELEASE (update to 5.3.2)
Spring-context-support 3.2.9.RELEASE (update to 5.3.2)
Spring-web 3.2.9.RELEASE (update to 5.3.2)
Spring-orm 3.2.9.RELEASE (update to 5.3.2)
Spring-jdbc 3.2.9.RELEASE (update to 5.3.2)
Spring-ldap 1.3.0 (update to 2.0.3)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscr...@portals.apache.org
For additional commands, e-mail: jetspeed-dev-h...@portals.apache.org
