Sebastian Nagel created NUTCH-2979: -------------------------------------- Summary: Upgrade Commons Text to 1.10.0 Key: NUTCH-2979 URL: https://issues.apache.org/jira/browse/NUTCH-2979 Project: Nutch Issue Type: Bug Components: build Affects Versions: 1.19 Reporter: Sebastian Nagel Fix For: 1.20
In order to address [CVE-2022-42889|https://nvd.nist.gov/vuln/detail/CVE-2022-42889] we should upgrade to commons-text 1.10.0: - Nutch core depends on 1.4 which is not affected by the CVE - the plugins lib-htmlunit and any23 depend on a vulnerable commons-text version (1.5 - 1.9) -- This message was sent by Atlassian Jira (v8.20.10#820010)