[jira] [Created] (JENA-2222) Dependency updates for jena-geosparql and jena-fuseki-geosparql

Andy Seaborne (Jira) Sat, 18 Dec 2021 03:12:34 -0800

Andy Seaborne created JENA-2222:
-----------------------------------

             Summary: Dependency updates for jena-geosparql and 
jena-fuseki-geosparql
                 Key: JENA-2222
                 URL: https://issues.apache.org/jira/browse/JENA-2222
             Project: Apache Jena
          Issue Type: Task
          Components: GeoSPARQL
    Affects Versions: Jena 4.3.2
            Reporter: Andy Seaborne
            Assignee: Andy Seaborne
             Fix For: Jena 4.4.0



Found by running

{{mvn org.sonatype.ossindex.maven:ossindex-maven-plugin:audit -fn -f pom.xml}}

{{jdom:jdom2}} and {{commons-beanutils:commons-beanutils}} are dependencies and 
need updates.

jdom:jdom2 : CVE-2021-33813 : 2.0.6 -> 2.0.6.1
beanutils: CVE-2019-10086 :1.9.3->1.9.4

Also:

Ideally, the version of all dependencies should be controlled in the Jena top 
POM.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (JENA-2222) Dependency updates for jena-geosparql and jena-fuseki-geosparql

Reply via email to