Re: [PR] Bump actions/upload-artifact from 3.1.3 to 4.3.1 [directory-studio]
PierreSmits merged PR #68: URL: https://github.com/apache/directory-studio/pull/68 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
Re: [PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.1 [directory-studio]
PierreSmits merged PR #69: URL: https://github.com/apache/directory-studio/pull/69 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
Re: [PR] Bump actions/checkout from 2.7.0 to 4.1.1 [directory-studio]
PierreSmits merged PR #70: URL: https://github.com/apache/directory-studio/pull/70 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[jira] [Closed] (DIRSTUDIO-1334) Bump org.codehaus.mojo:exec-maven-plugin from 3.1.1 to 3.2.0
[ https://issues.apache.org/jira/browse/DIRSTUDIO-1334?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pierre Smits closed DIRSTUDIO-1334. --- > Bump org.codehaus.mojo:exec-maven-plugin from 3.1.1 to 3.2.0 > > > Key: DIRSTUDIO-1334 > URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1334 > Project: Directory Studio > Issue Type: Improvement >Reporter: Pierre Smits >Assignee: Pierre Smits >Priority: Major > Fix For: 2.0.0-M18 > > -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
Re: [PR] DIRSTUDIO-1334 Bump org.codehaus.mojo:exec-maven-plugin from 3.1.1 to 3.2.0 [directory-studio]
PierreSmits merged PR #71: URL: https://github.com/apache/directory-studio/pull/71 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[jira] [Closed] (DIRSTUDIO-1304) vulnerability for poi-3.9.jar
[ https://issues.apache.org/jira/browse/DIRSTUDIO-1304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pierre Smits closed DIRSTUDIO-1304. --- > vulnerability for poi-3.9.jar > - > > Key: DIRSTUDIO-1304 > URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1304 > Project: Directory Studio > Issue Type: Task >Affects Versions: 2.0.0-M17 >Reporter: Krystian Tokarz >Assignee: Pierre Smits >Priority: Major > Fix For: 2.0.0-M18 > > > Our vulnerability system (Nessus) discovers that poi-3.9.jar file is > vulnerable (medium risk). This file is created when Apache Directory Studio > is started on our Windows 2016 Server OS. > Folders: > C:\Documents and > Settings\%username%\.eclipse\1407070357_win32_win32_x86_64\configuration\org.eclipse.osgi\65\0\.cp\lib\poi-3.9.jar > and > C:\Users\%username%\.eclipse\1407070357_win32_win32_x86_64\configuration\org.eclipse.osgi\65\0\.cp\lib\poi-3.9.jar > > Plugin ID: 106717 > Plugin description: The version of Apache POI installed on the remote host is > a version prior to 3.17. It is, therefore, affected by multiple DoS > vulnerabilities. Note that Nessus has not tested for these issues but has > instead relied only on the application's self-reported version number. > Apache POI < 3.17 Multiple DoS Vulnerabilities > > Could you provide any information about this issue? Can we patch this somehow? > -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[jira] [Resolved] (DIRSTUDIO-1304) vulnerability for poi-3.9.jar
[ https://issues.apache.org/jira/browse/DIRSTUDIO-1304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pierre Smits resolved DIRSTUDIO-1304. - Resolution: Done > vulnerability for poi-3.9.jar > - > > Key: DIRSTUDIO-1304 > URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1304 > Project: Directory Studio > Issue Type: Task >Affects Versions: 2.0.0-M17 >Reporter: Krystian Tokarz >Assignee: Pierre Smits >Priority: Major > Fix For: 2.0.0-M18 > > > Our vulnerability system (Nessus) discovers that poi-3.9.jar file is > vulnerable (medium risk). This file is created when Apache Directory Studio > is started on our Windows 2016 Server OS. > Folders: > C:\Documents and > Settings\%username%\.eclipse\1407070357_win32_win32_x86_64\configuration\org.eclipse.osgi\65\0\.cp\lib\poi-3.9.jar > and > C:\Users\%username%\.eclipse\1407070357_win32_win32_x86_64\configuration\org.eclipse.osgi\65\0\.cp\lib\poi-3.9.jar > > Plugin ID: 106717 > Plugin description: The version of Apache POI installed on the remote host is > a version prior to 3.17. It is, therefore, affected by multiple DoS > vulnerabilities. Note that Nessus has not tested for these issues but has > instead relied only on the application's self-reported version number. > Apache POI < 3.17 Multiple DoS Vulnerabilities > > Could you provide any information about this issue? Can we patch this somehow? > -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
Re: [PR] DIRSTUDIO-1304 Upgrade poi to 5.2.5 [directory-studio]
PierreSmits merged PR #73: URL: https://github.com/apache/directory-studio/pull/73 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[PR] DIRSTUDIO-1304 Upgrade poi to 5.2.5 [directory-studio]
PierreSmits opened a new pull request, #73: URL: https://github.com/apache/directory-studio/pull/73 (no comment) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
