[jira] [Updated] (ISIS-1635) Upgrade dependency to resteasy
[
https://issues.apache.org/jira/browse/ISIS-1635?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andi Huber updated ISIS-1635:
-
Fix Version/s: (was: 2.0.0-M1)
2.0.0-M2
> Upgrade dependency to resteasy
> --
>
> Key: ISIS-1635
> URL: https://issues.apache.org/jira/browse/ISIS-1635
> Project: Isis
> Issue Type: Improvement
> Components: Core: Viewer: RestfulObjects
>Affects Versions: 1.14.0
>Reporter: Jörg Rade
>Priority: Major
> Fix For: 2.0.0-M2
>
> Attachments: Dependency-Check.png
>
>
> org.codehaus.jackson brings in some vulnerabilities:
> !Dependency-Check.png|thumbnail!
> {code}
> [INFO] | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
> [INFO] | | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
> [INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
> [INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
> [INFO] | | | | | | \-
> com.sun.istack:istack-commons-runtime:jar:2.16:compile
> [INFO] | | | | | \-
> com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
> [INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
> [INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
> [INFO] | | | | +-
> org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
> [INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
> {code}
> Please upgrade to 3.1.3Final if feasible:
> {code}
>
> org.jboss.resteasy
> resteasy-jaxb-provider
> 3.1.3.Final
>
>
> org.jboss.resteasy
> resteasy-jackson-provider
> 3.1.3.Final
>
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (ISIS-1635) Upgrade dependency to resteasy
[
https://issues.apache.org/jira/browse/ISIS-1635?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dan Haywood updated ISIS-1635:
--
Fix Version/s: 2.0.0-M1
> Upgrade dependency to resteasy
> --
>
> Key: ISIS-1635
> URL: https://issues.apache.org/jira/browse/ISIS-1635
> Project: Isis
> Issue Type: Improvement
> Components: Core: Viewer: RestfulObjects
>Affects Versions: 1.14.0
>Reporter: Jörg Rade
>Priority: Major
> Fix For: 2.0.0-M1
>
> Attachments: Dependency-Check.png
>
>
> org.codehaus.jackson brings in some vulnerabilities:
> !Dependency-Check.png|thumbnail!
> {code}
> [INFO] | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
> [INFO] | | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
> [INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
> [INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
> [INFO] | | | | | | \-
> com.sun.istack:istack-commons-runtime:jar:2.16:compile
> [INFO] | | | | | \-
> com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
> [INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
> [INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
> [INFO] | | | | +-
> org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
> [INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
> {code}
> Please upgrade to 3.1.3Final if feasible:
> {code}
>
> org.jboss.resteasy
> resteasy-jaxb-provider
> 3.1.3.Final
>
>
> org.jboss.resteasy
> resteasy-jackson-provider
> 3.1.3.Final
>
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (ISIS-1635) Upgrade dependency to resteasy
[
https://issues.apache.org/jira/browse/ISIS-1635?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dan Haywood updated ISIS-1635:
--
Fix Version/s: 2.2.0
> Upgrade dependency to resteasy
> --
>
> Key: ISIS-1635
> URL: https://issues.apache.org/jira/browse/ISIS-1635
> Project: Isis
> Issue Type: Improvement
> Components: Core: Viewer: RestfulObjects
>Affects Versions: 1.14.0
>Reporter: Jörg Rade
> Fix For: 2.2.0
>
> Attachments: Dependency-Check.png
>
>
> org.codehaus.jackson brings in some vulnerabilities:
> !Dependency-Check.png|thumbnail!
> {code}
> [INFO] | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
> [INFO] | | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
> [INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
> [INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
> [INFO] | | | | | | \-
> com.sun.istack:istack-commons-runtime:jar:2.16:compile
> [INFO] | | | | | \-
> com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
> [INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
> [INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
> [INFO] | | | | +-
> org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
> [INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
> {code}
> Please upgrade to 3.1.3Final if feasible:
> {code}
>
> org.jboss.resteasy
> resteasy-jaxb-provider
> 3.1.3.Final
>
>
> org.jboss.resteasy
> resteasy-jackson-provider
> 3.1.3.Final
>
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Updated] (ISIS-1635) Upgrade dependency to resteasy
[
https://issues.apache.org/jira/browse/ISIS-1635?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jörg Rade updated ISIS-1635:
Description:
org.codehaus.jackson brings in some vulnerabilities:
!Dependency-Check.png|thumbnail!
{code}
[INFO] | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
[INFO] | | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
[INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
[INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
[INFO] | | | | | | \-
com.sun.istack:istack-commons-runtime:jar:2.16:compile
[INFO] | | | | | \- com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
[INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
[INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
[INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
{code}
Please upgrade to 3.1.3Final if feasible:
{code}
org.jboss.resteasy
resteasy-jaxb-provider
3.1.3.Final
org.jboss.resteasy
resteasy-jackson-provider
3.1.3.Final
{code}
was:
org.codehaus.jackson brings in some vulnerabilities:
!Dependency-Check.png|thumbnail!
{code}
[INFO] | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
[INFO] | | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
[INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
[INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
[INFO] | | | | | | \-
com.sun.istack:istack-commons-runtime:jar:2.16:compile
[INFO] | | | | | \- com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
[INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
[INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
[INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
{code}
Please upgrade to 3.1.3Final if feasible:
{code}
org.jboss.resteasy
resteasy-jaxb-provider
3.1.3.Final
{code}
> Upgrade dependency to resteasy
> --
>
> Key: ISIS-1635
> URL: https://issues.apache.org/jira/browse/ISIS-1635
> Project: Isis
> Issue Type: Improvement
> Components: Core: Viewer: RestfulObjects
>Affects Versions: 1.14.0
>Reporter: Jörg Rade
> Attachments: Dependency-Check.png
>
>
> org.codehaus.jackson brings in some vulnerabilities:
> !Dependency-Check.png|thumbnail!
> {code}
> [INFO] | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
> [INFO] | | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
> [INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
> [INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
> [INFO] | | | | | | \-
> com.sun.istack:istack-commons-runtime:jar:2.16:compile
> [INFO] | | | | | \-
> com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
> [INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
> [INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
> [INFO] | | | | +-
> org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
> [INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
> {code}
> Please upgrade to 3.1.3Final if feasible:
> {code}
>
> org.jboss.resteasy
> resteasy-jaxb-provider
> 3.1.3.Final
>
[jira] [Updated] (ISIS-1635) Upgrade dependency to resteasy
[
https://issues.apache.org/jira/browse/ISIS-1635?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jörg Rade updated ISIS-1635:
Description:
org.codehaus.jackson brings in some vulnerabilities:
!Dependency-Check.png|thumbnail!
{code}
[INFO] | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
[INFO] | | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
[INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
[INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
[INFO] | | | | | | \-
com.sun.istack:istack-commons-runtime:jar:2.16:compile
[INFO] | | | | | \- com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
[INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
[INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
[INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
{code}
Please upgrade to 3.1.3Final if feasible:
{code}
org.jboss.resteasy
resteasy-jaxb-provider
3.1.3.Final
{code}
was:
org.codehaus.jackson brings in some vulnerabilities:
!Dependency-Check.png|thumbnail!
{code}
[INFO] | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
[INFO] | | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
[INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
[INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
[INFO] | | | | | | \-
com.sun.istack:istack-commons-runtime:jar:2.16:compile
[INFO] | | | | | \- com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
[INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
[INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
[INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
{code}
Please upgrade to 3.1.3Final if feasible:
{code}
org.jboss.resteasy
resteasy-jackson-provider
3.1.3.Final
{code}
> Upgrade dependency to resteasy
> --
>
> Key: ISIS-1635
> URL: https://issues.apache.org/jira/browse/ISIS-1635
> Project: Isis
> Issue Type: Improvement
> Components: Core: Viewer: RestfulObjects
>Affects Versions: 1.14.0
>Reporter: Jörg Rade
> Attachments: Dependency-Check.png
>
>
> org.codehaus.jackson brings in some vulnerabilities:
> !Dependency-Check.png|thumbnail!
> {code}
> [INFO] | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
> [INFO] | | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
> [INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
> [INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
> [INFO] | | | | | | \-
> com.sun.istack:istack-commons-runtime:jar:2.16:compile
> [INFO] | | | | | \-
> com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
> [INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
> [INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
> [INFO] | | | | +-
> org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
> [INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
> {code}
> Please upgrade to 3.1.3Final if feasible:
> {code}
>
> org.jboss.resteasy
> resteasy-jaxb-provider
> 3.1.3.Final
>
> {code}
--
This message was sent by Atlassian JIRA
[jira] [Updated] (ISIS-1635) Upgrade dependency to resteasy
[
https://issues.apache.org/jira/browse/ISIS-1635?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jörg Rade updated ISIS-1635:
Affects Version/s: 1.14.0
> Upgrade dependency to resteasy
> --
>
> Key: ISIS-1635
> URL: https://issues.apache.org/jira/browse/ISIS-1635
> Project: Isis
> Issue Type: Improvement
> Components: Core: Viewer: RestfulObjects
>Affects Versions: 1.14.0
>Reporter: Jörg Rade
> Attachments: Dependency-Check.png
>
>
> org.codehaus.jackson brings in some vulnerabilities:
> !Dependency-Check.png|thumbnail!
> {code}
> [INFO] | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
> [INFO] | | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
> [INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
> [INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
> [INFO] | | | | | | \-
> com.sun.istack:istack-commons-runtime:jar:2.16:compile
> [INFO] | | | | | \-
> com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
> [INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
> [INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
> [INFO] | | | | +-
> org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
> [INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
> {code}
> Please upgrade to 3.1.3Final if feasible:
> {code}
>
> org.jboss.resteasy
> resteasy-jackson-provider
> 3.1.3.Final
>
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Updated] (ISIS-1635) Upgrade dependency to resteasy
[
https://issues.apache.org/jira/browse/ISIS-1635?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jörg Rade updated ISIS-1635:
Description:
org.codehaus.jackson brings in some vulnerabilities:
!Dependency-Check.png|thumbnail!
{code}
[INFO] | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
[INFO] | | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
[INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
[INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
[INFO] | | | | | | \-
com.sun.istack:istack-commons-runtime:jar:2.16:compile
[INFO] | | | | | \- com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
[INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
[INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
[INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
{code}
Please upgrade to 3.1.3Final if feasible:
{code}
org.jboss.resteasy
resteasy-jackson-provider
3.1.3.Final
{code}
was:
org.codehaus.jackson brings in some vulnerabilities:
!ScreenShot 757 Dependency-Check Report - Mozilla Firefox.pngl!
{code}
[INFO] | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
[INFO] | | +-
org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
[INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
[INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
[INFO] | | | | | | \-
com.sun.istack:istack-commons-runtime:jar:2.16:compile
[INFO] | | | | | \- com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
[INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
[INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
[INFO] | | | +-
org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
[INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
{code}
Please upgrade to 3.1.3Final if feasible:
{code}
org.jboss.resteasy
resteasy-jackson-provider
3.1.3.Final
{code}
> Upgrade dependency to resteasy
> --
>
> Key: ISIS-1635
> URL: https://issues.apache.org/jira/browse/ISIS-1635
> Project: Isis
> Issue Type: Improvement
> Components: Core: Viewer: RestfulObjects
>Reporter: Jörg Rade
> Attachments: Dependency-Check.png
>
>
> org.codehaus.jackson brings in some vulnerabilities:
> !Dependency-Check.png|thumbnail!
> {code}
> [INFO] | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
> [INFO] | | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
> [INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
> [INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
> [INFO] | | | | | | \-
> com.sun.istack:istack-commons-runtime:jar:2.16:compile
> [INFO] | | | | | \-
> com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
> [INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
> [INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
> [INFO] | | | | +-
> org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
> [INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
> {code}
> Please upgrade to 3.1.3Final if feasible:
> {code}
>
> org.jboss.resteasy
> resteasy-jackson-provider
> 3.1.3.Final
>
> {code}
--
This message was sent by Atlassian JIRA
[jira] [Updated] (ISIS-1635) Upgrade dependency to resteasy
[
https://issues.apache.org/jira/browse/ISIS-1635?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jörg Rade updated ISIS-1635:
Attachment: Dependency-Check.png
> Upgrade dependency to resteasy
> --
>
> Key: ISIS-1635
> URL: https://issues.apache.org/jira/browse/ISIS-1635
> Project: Isis
> Issue Type: Improvement
> Components: Core: Viewer: RestfulObjects
>Reporter: Jörg Rade
> Attachments: Dependency-Check.png
>
>
> org.codehaus.jackson brings in some vulnerabilities:
> !ScreenShot 757 Dependency-Check Report - Mozilla Firefox.pngl!
> {code}
> [INFO] | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
> [INFO] | | +-
> org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
> [INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
> [INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
> [INFO] | | | | | | \-
> com.sun.istack:istack-commons-runtime:jar:2.16:compile
> [INFO] | | | | | \-
> com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
> [INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile
> [INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
> [INFO] | | | +-
> org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
> [INFO] | | | | +-
> org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
> [INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
> [INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
> {code}
> Please upgrade to 3.1.3Final if feasible:
> {code}
>
> org.jboss.resteasy
> resteasy-jackson-provider
> 3.1.3.Final
>
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
