On Sat, Feb 09, 2019 at 01:11:52AM +0100, gregor herrmann wrote: > On Fri, 08 Feb 2019 23:37:20 +0100, Moritz Muehlenhoff wrote: > > > This was assigned CVE-2018-1000652: > > https://github.com/JabRef/jabref/issues/4229 > > https://github.com/JabRef/jabref/commit/89f855d76713b4cd25ac0830c719cd61c511851e
<--snip--> > private static final Logger LOGGER = > LoggerFactory.getLogger(MsBibImporter.class); > ^ > symbol: class Logger > location: class MsBibImporter > > > Seems like we either need a new build dependency, or remove the > logging part, or rewrite it … I'd be grateful for help from Java > experts :) Hi Gregor, Thank you for doing this. I guess upstream switched out the logging implementation in their patch. I'll push an updated patch this weekend. Cheers, tony
signature.asc
Description: PGP signature