[jira] [Commented] (TAP5-2794) Upgrade away from vulnerable commons-io and commons-fileupload dependencies

ASF subversion and git services (Jira) Sat, 26 Oct 2024 09:53:47 -0700


    [ 
https://issues.apache.org/jira/browse/TAP5-2794?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17893076#comment-17893076
 ]


ASF subversion and git services commented on TAP5-2794:
-------------------------------------------------------

Commit 1289d554b11e380c75af782c367b31a69f606721 in tapestry-5's branch 
refs/heads/master from Thiago H. de Paula Figueiredo
[ https://gitbox.apache.org/repos/asf?p=tapestry-5.git;h=1289d554b ]

TAP5-2794: upgrade commons-io and commons-fileupload

dependencies so we don't use versions with known security
vulnerabilities.


> Upgrade away from vulnerable commons-io and commons-fileupload dependencies
> ---------------------------------------------------------------------------
>
>                 Key: TAP5-2794
>                 URL: https://issues.apache.org/jira/browse/TAP5-2794
>             Project: Tapestry 5
>          Issue Type: Bug
>          Components: tapestry-http, tapestry-upload
>            Reporter: Thiago Henrique De Paula Figueiredo
>            Assignee: Thiago Henrique De Paula Figueiredo
>            Priority: Critical
>
> The vulnerabilities can be seen at 
> https://mvnrepository.com/artifact/org.apache.tapestry/tapestry-upload/5.9.0-preview-2.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (TAP5-2794) Upgrade away from vulnerable commons-io and commons-fileupload dependencies

Reply via email to