Groovy
  1. Groovy
  2. GROOVY-6210

Fix javadoc/groovydoc vulnerability

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.1.5
    • Fix Version/s: 2.1.6, 1.8.10
    • Component/s: Documentation
    • Labels:
      None

      Description

      Both javadoc and groovydoc are vulnerable to an issue fixed only in JDK 1.7.0 update 25.

      See
      [1] http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
      [2] http://www.kb.cert.org/vuls/id/225657

      The build should be patched to fix the generated files independently of the JDK being used to build Groovy.

        Activity

        Cédric Champeau created issue -
        Cédric Champeau made changes -
        Field Original Value New Value
        Resolution Fixed [ 1 ]
        Status Open [ 1 ] Resolved [ 5 ]
        Fix Version/s 2.1.6 [ 19335 ]
        Cédric Champeau made changes -
        Fix Version/s 1.8.10 [ 19098 ]
        Paul King made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Mark Thomas made changes -
        Project Import Sun Apr 05 13:32:57 UTC 2015 [ 1428240777691 ]
        Mark Thomas made changes -
        Workflow jira [ 12735122 ] Default workflow, editable Closed status [ 12746865 ]
        Mark Thomas made changes -
        Project Import Mon Apr 06 02:11:23 UTC 2015 [ 1428286283443 ]
        Mark Thomas made changes -
        Workflow jira [ 12972653 ] Default workflow, editable Closed status [ 12980470 ]

          People

          • Assignee:
            Cédric Champeau
            Reporter:
            Cédric Champeau
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development