GitHub user IanKrL created a discussion: OSGI Security Vulnerability
This security vulnerability appears to be present in Netbeans: https://www.cve.org/CVERecord?id=CVE-2023-54342 The problem is in Eclipse Equinox OSGi up to version 3.18. I see here that there are recent changes regarding osgi: https://github.com/apache/netbeans/commit/eb590dd30a465ec8aa8bf054b906e53569a611e2 It appears that after the latest changes the version in Netbeans remains at 3.9.1, but I'm unclear if these are the same versioning schemes. For my project using the Netbeans Platform I need to resolve this security problem, but I'm not sure what I need to do here to request that. Should I file a bug report with links and request a library upgrade? Should I report this as a "Security Vulnerability"? And before I request anything, can somebody verify which version of Equinox is netbeans actually using? I'd appreciate any guidance here. GitHub link: https://github.com/apache/netbeans/discussions/9401 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] For further information about the NetBeans mailing lists, visit: https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
