[jira] [Closed] (JAMES-2209) Upgrade libraries containing CVEs

Antoine Duprat (JIRA) Mon, 13 Nov 2017 01:16:42 -0800

     [ 
https://issues.apache.org/jira/browse/JAMES-2209?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Antoine Duprat closed JAMES-2209.
---------------------------------

> Upgrade libraries containing CVEs
> ---------------------------------
>
>                 Key: JAMES-2209
>                 URL: https://issues.apache.org/jira/browse/JAMES-2209
>             Project: James Server
>          Issue Type: Bug
>    Affects Versions: master
>            Reporter: Thibaut SAUTEREAU
>
> The following libraries were reported by the OWASP Dependency Checker as 
> containing CVEs:
> ActiveMQ (CVE-2015-5183 and CVE-2015-5184)
>         -> upgrade from 5.15.0 to 5.15.2 (last stable)
> logback-classic (CVE-2017-5929)
>         -> upgrade from 1.1.7 to 1.1.11 (last stable of 1.1.x)
> jetty (CVE-2017-9735)
>         -> upgrade from 9.4.4 to 9.4.7.v20170914 (last stable)



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org

[jira] [Closed] (JAMES-2209) Upgrade libraries containing CVEs

Reply via email to