Attach filesAttach ScreenshotVotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • Trunk
    • 14.12.01, 13.07.03, 16.11.01
    • framework
    • None
    • Bug Crush Event - 21/2/2015

    Description

      With OFBIZ-5801 I recently upgraded Axis2 to 1.6.3. But it still uses commons-httpclient-3.1 which is not only deprecated but also faces a number of vulnerabilties:

      https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5262
      https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3577
      https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6153

      This will also help to resolve OFBIZ-6755 (passport component)

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            jleroux Jacques Le Roux
            jleroux Jacques Le Roux
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Agile

                Completed Sprint:
                Bug Crush Event - 21/2/2015 ended 26/Feb/15
                View on Board

                Slack

                  Issue deployment