Uploaded image for project: 'OFBiz'
  1. OFBiz
  2. OFBIZ-1525 Issue to group security concerns
  3. OFBIZ-12713

Update Apache Shiro to 1.10.1

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 22.01.01
    • 22.01.01
    • framework
    • None
    • Bug Crush Event - 21/2/2015

    Description

      This security release contains 5 fixes since the 1.10.0 release and is
      available for Download now [1].

      Bug

      SHIRO-892 - No Guice binding for newly introduced ShiroFilterConfiguration
      SHIRO-893 - NPE caused by lack of default ShiroFilterConfiguration

      Test

      SHIRO-895 - Work around Guice 4’s Java 17 compatibliity for Java
      17-based tests

      Dependency upgrade

      SHIRO-894 - EasyMock 5.0.1 for Java 17 compatibility
      SHIRO-896 - HSQLDB 2.7.1

      Behavior Changes

      As of 1.10.1, the Guice injection will be fixed as we introduced a
      regression with 1.10.0 when using Guice with
      binder().requireExplicitBindings();.

      Download

      Release binaries (.jars) are also available through Maven Central and
      source bundles through Apache distribution mirrors.

      For more information on Shiro, please read the documentation [2].

      -The Apache Shiro Team

      [1] http://shiro.apache.org/download.html
      [2] http://shiro.apache.org/documentation.html

      Attachments

        Activity

          People

            jleroux Jacques Le Roux
            jleroux Jacques Le Roux
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: