David Campbell created FOP-3106:
-----------------------------------
Summary: CVE-2022-40146 fix BATIK-1335 in batik dependency not yet
included in FOP build
Key: FOP-3106
URL: https://issues.apache.org/jira/browse/FOP-3106
Project: FOP
Issue Type: Bug
Affects Versions: 2.7
Reporter: David Campbell
There is a security issue [https://nvd.nist.gov/vuln/detail/CVE-2022-40146] in
batik which is dependency of FOP.
I understand that https://issues.apache.org/jira/browse/BATIK-1335 is the fix
for security issue, but there's no new FOP build that includes the fixed batik
version 1.15 as a dependency.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
