[FELIX-6391] Update embedded commons-io to 2.8.0 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: http.jetty-4.1.4
Fix Version/s: http.jetty-4.1.6
Component/s: HTTP Service
Labels:
None

Description

Apache Felix Http Jetty: 4.1.4 has embedded commons-io.2.6.jar which is vulnerable to
"sonatype-2018-0705".
The vulnerability has been fixed in commons-io: 2.7.

Related Commons-io JIRA: https://issues.apache.org/jira/browse/IO-556

Need to update commons-io latest version in Apache Felix HTTP Jetty module.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

sonatype-2018-0705.png
03/Mar/21 08:27
199 kB
Akanksha Jain

Issue Links

links to

GitHub Pull Request #72

Activity

People

Assignee:: Carsten Ziegeler

Reporter:: Akanksha Jain

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 03/Mar/21 08:25

Updated:: 18/Mar/21 05:58

Resolved:: 03/Mar/21 08:42