Uploaded image for project: 'Slider'
  1. Slider
  2. SLIDER-1091

Upgrade test-time dependency on Groovy to 2.4.4

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: Slider 0.90.2
    • Fix Version/s: Slider 0.90.2
    • Component/s: build, security, test
    • Labels:
      None

      Description

      CVE-2015-3253 means that the groovy version we use for tests must be considered insecure.

      There is no vulnerability in Slider release: We don't distribute groovy. Nor we do any object serialization, which is the vulnerability. However, we should upgrade anyway

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                stevel@apache.org Steve Loughran
                Reporter:
                stevel@apache.org Steve Loughran
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: