Steve Loughran created SLIDER-1091:
--------------------------------------
Summary: Upgrade test-time dependency on Groovy
Key: SLIDER-1091
URL: https://issues.apache.org/jira/browse/SLIDER-1091
Project: Slider
Issue Type: Bug
Components: build, security, test
Affects Versions: Slider 0.90.2
Reporter: Steve Loughran
Assignee: Steve Loughran
[CVE-2015-3253|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3253]
means that the groovy version we use for tests must be considered insecure.
There is no vulnerability in Slider release: We don't distribute groovy. Nor we
do any object serialization, which is the vulnerability. However, we should
upgrade anyway
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
