[ https://issues.apache.org/jira/browse/NUTCH-2979?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sebastian Nagel updated NUTCH-2979: ----------------------------------- Labels: help-wanted (was: ) > Upgrade Commons Text to 1.10.0 > ------------------------------ > > Key: NUTCH-2979 > URL: https://issues.apache.org/jira/browse/NUTCH-2979 > Project: Nutch > Issue Type: Bug > Components: build > Affects Versions: 1.19 > Reporter: Sebastian Nagel > Priority: Major > Labels: help-wanted > Fix For: 1.20 > > > In order to address > [CVE-2022-42889|https://nvd.nist.gov/vuln/detail/CVE-2022-42889] we should > upgrade to commons-text 1.10.0: > - Nutch core depends on 1.4 which is not affected by the CVE > - the plugins lib-htmlunit and any23 depend on a vulnerable commons-text > version (1.5 - 1.9) -- This message was sent by Atlassian Jira (v8.20.10#820010)