Uploaded image for project: 'Jackrabbit Content Repository'
  1. Jackrabbit Content Repository
  2. JCR-3912

Jackrabbit depends on obsolete commons-httpclient library

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Duplicate
    • 2.10.1, 2.11.0
    • None
    • security
    • Debian GNU/Linux

    Description

      Hello,

      jackrabbit depends on commons-httpclient. https://hc.apache.org/httpclient-3.x/

      This library has reached EOL status four years ago and was replaced by Apache httpcomponents-client:

      https://hc.apache.org/httpcomponents-client-ga/index.html

      commons-httpclient was affected by multiple security issues in the past but is no longer supported by its upstream developers. This makes it difficult for Linux distributions to provide any support for applications and libraries which still depend on commons-httpclient.

      Please consider to make the switch to httpcomponents-client

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. JCR-2406 Upgrade httpclient dependency to 4.x

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          Activity

            People

              Unassigned Unassigned
              apo Markus Koschany
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: