David Campbell created FOP-3106: ----------------------------------- Summary: CVE-2022-40146 fix BATIK-1335 in batik dependency not yet included in FOP build Key: FOP-3106 URL: https://issues.apache.org/jira/browse/FOP-3106 Project: FOP Issue Type: Bug Affects Versions: 2.7 Reporter: David Campbell
There is a security issue [https://nvd.nist.gov/vuln/detail/CVE-2022-40146] in batik which is dependency of FOP. I understand that https://issues.apache.org/jira/browse/BATIK-1335 is the fix for security issue, but there's no new FOP build that includes the fixed batik version 1.15 as a dependency. -- This message was sent by Atlassian Jira (v8.20.10#820010)