[
https://issues.apache.org/jira/browse/TAMAYA-386?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16824522#comment-16824522
]
Aaron Coburn commented on TAMAYA-386:
-------------------------------------
I saw this issue with vertx, too. Currently, that example project isn't built
at all, and if it were, there's a circular dependency issue because it relies
on some org.apache.tamaya.ext packages (tamaya-injection and
tamaya-injection-api). Maybe that example should be moved into the
tamaya-extensions repository.
> Fix CVE warnings in Tamaya-core: Vertx
> --------------------------------------
>
> Key: TAMAYA-386
> URL: https://issues.apache.org/jira/browse/TAMAYA-386
> Project: Tamaya
> Issue Type: Improvement
> Affects Versions: 0.4-incubating
> Reporter: Philipp Ottlinger
> Assignee: Philipp Ottlinger
> Priority: Major
> Fix For: 0.4-incubating
>
>
> Fix current CVE-alerts in Tamaya-Core:
> [https://github.com/apache/incubator-tamaya/network/alerts]
> * (/) Vertx >=3.5.4
> ** [https://nvd.nist.gov/vuln/detail/CVE-2018-12537]
> ** [https://nvd.nist.gov/vuln/detail/CVE-2018-12541]
> * (x) Checkstyle >=8.18 - [https://nvd.nist.gov/vuln/detail/CVE-2019-9658]
> ** Plain update does not work - see comment.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
