> On Dec 30, 2020, at 12:10 PM, Louis Vetsch <lwvet...@gmail.com> wrote: > > Hi, > > > > Are there any plans to provide a new release of Jetspeed-2 using up-to-date > components for dependent open source components used by Jetspeed? We are > currently using Jetspeed-2 2.3.1 but are finding that many of the > dependencies used by Jetspeed-2 are out-dated and have security > vulnerabilities. > Would be nice to release 2.3.2. We’ve added some improvements that are worthy of a new release. Could you provide a list of dependencies that have security vulnerabilities?
Here are the issues for 2.3.2. We will probably trim that down some… https://issues.apache.org/jira/browse/JS2-1363?jql=project%20%3D%20JS2%20AND%20resolution%20%3D%20Unresolved%20AND%20fixVersion%20%3D%202.3.2%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC --------------------------------------------------------------------- To unsubscribe, e-mail: jetspeed-user-unsubscr...@portals.apache.org For additional commands, e-mail: jetspeed-user-h...@portals.apache.org