Uploaded image for project: 'Groovy'
  1. Groovy
  2. GROOVY-9552

Bump Ant versions to address: [CVE-2020-1945] Apache Ant insecure temporary file vulnerability

    XMLWordPrintableJSON

    Details

    • Type: Dependency upgrade
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.0.0-alpha-1, 3.0.4, 2.5.12
    • Component/s: None
    • Labels:
      None

      Description

      I think it is a low risk for Groovy users but we might as well get the latest Ant and have the extra mechanisms in place as described by:
      https://lists.apache.org/thread.html/r8e592bbfc016a5dbe2a8c0e81ff99682b9c78c453621b82c14e7b75e%40%3Cdev.ant.apache.org%3E

        Attachments

          Activity

            People

            • Assignee:
              paulk Paul King
              Reporter:
              paulk Paul King
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: