::
wj
原始邮件
发件人:Jonathan Moules
时间:2013-1-30 20:59
收件人:David Winslow
抄送:Geoserver-devel
主题:Re: [Geoserver-devel] Upgrading Wicket
For reference, there appear to be a number of open CVE issues with Apache
Wicket < 1.4.21 (I'm guessing its the same thing)
The security wicket code was done by Justin and me, it depends on the
specific problem. AFAIK Justin does not change the author tag in the header
if he does modifications. The same holds true for me, the author is always
the creator of the class.
I am skiing next week, so I can have a look at the
On Tue, Jan 29, 2013 at 4:17 PM, David Winslow wrote:
> Hey guys,
>
> It's come up a couple of times recently that we're on a quite old version
> of Wicket (1.4 when the latest is 6.5, although that's not as bad as it
> might sound since the Wicket project went straight from 1.5 to 6.0.)
>
> In p
On Wed, Jan 30, 2013 at 1:58 PM, Jonathan Moules <
jonathanmou...@warwickshire.gov.uk> wrote:
> For reference, there appear to be a number of open CVE issues with Apache
> Wicket < 1.4.21 (I'm guessing its the same thing):
>
> https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wicket
>
> I don't kno
For reference, there appear to be a number of open CVE issues with Apache
Wicket < 1.4.21 (I'm guessing its the same thing):
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wicket
I don't know which specific wicket version is being used, but if its less
than 1.4.21, then GeoServer may be vulnera
Hey guys,
It's come up a couple of times recently that we're on a quite old version
of Wicket (1.4 when the latest is 6.5, although that's not as bad as it
might sound since the Wicket project went straight from 1.5 to 6.0.)
In particular, in the recent palette patch [1], it was mentioned that we
