[ https://issues.apache.org/jira/browse/SLING-11131?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrei Dulvac resolved SLING-11131. ----------------------------------- Resolution: Fixed Fixed by https://github.com/apache/sling-org-apache-sling-testing-clients/commit/3e677d306d0ee7e807bcb3dc4c4b8634681f28ac > Update Apache HTTP Client Dependency for CVE-2020-13956 > ------------------------------------------------------- > > Key: SLING-11131 > URL: https://issues.apache.org/jira/browse/SLING-11131 > Project: Sling > Issue Type: Task > Components: Apache Sling Testing Clients > Affects Versions: Apache Sling Testing Clients 3.0.10 > Reporter: Andrei Tuicu > Assignee: Andrei Dulvac > Priority: Major > Fix For: Apache Sling Testing Clients 3.0.12 > > Time Spent: 1h 10m > Remaining Estimate: 0h > > org.apache.httpcomponents.httpclient 4.4.1 is vulnerable to > CVE-2020-13956(MEDIUM)[0]. > We need to update to the latest version of the Apache HTP Client 4.5.13. > [0] https://www.cvedetails.com/cve/CVE-2020-13956/ -- This message was sent by Atlassian Jira (v8.20.1#820001)