Thibaut SAUTEREAU created JAMES-2209:
----------------------------------------
Summary: Upgrade libraries containing CVEs
Key: JAMES-2209
URL: https://issues.apache.org/jira/browse/JAMES-2209
Project: James Server
Issue Type: Bug
Affects Versions: master
Reporter: Thibaut SAUTEREAU
The following libraries were reported by the OWASP Dependency Checker as
containing CVEs:
ActiveMQ (CVE-2015-5183 and CVE-2015-5184)
-> upgrade from 5.15.0 to 5.15.2 (last stable)
logback-classic (CVE-2017-5929)
-> upgrade from 1.1.7 to 1.1.11 (last stable of 1.1.x)
jetty (CVE-2017-9735)
-> upgrade from 9.4.4 to 9.4.7.v20170914 (last stable)
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
