[jira] [Updated] (SLING-12268) Fix CVE-2022-47937
[ https://issues.apache.org/jira/browse/SLING-12268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu updated SLING-12268: Fix Version/s: Commons JSON 2.0.22 > Fix CVE-2022-47937 > -- > > Key: SLING-12268 > URL: https://issues.apache.org/jira/browse/SLING-12268 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Assignee: Remo Liechti >Priority: Major > Fix For: Commons JSON 2.0.22 > > > Current version of apache commons json is affected by > [https://nvd.nist.gov/vuln/detail/CVE-2022-47937] > Due to the relicenced base library ([https://github.com/stleary/JSON-java)], > that now uses the 'public domain', the fix of that CVE is as simple as > migrating to the latest codebase of said library. > Along this, it would be beneficial to perform some side activities, such as > the upgrade to the latest parent pom and junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SLING-12268) Fix CVE-2022-47937
[ https://issues.apache.org/jira/browse/SLING-12268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu updated SLING-12268: Fix Version/s: Commons JSON 2.0.24 (was: Commons JSON 2.0.22) > Fix CVE-2022-47937 > -- > > Key: SLING-12268 > URL: https://issues.apache.org/jira/browse/SLING-12268 > Project: Sling > Issue Type: Bug > Components: Commons >Reporter: Remo Liechti >Assignee: Remo Liechti >Priority: Major > Fix For: Commons JSON 2.0.24 > > > Current version of apache commons json is affected by > [https://nvd.nist.gov/vuln/detail/CVE-2022-47937] > Due to the relicenced base library ([https://github.com/stleary/JSON-java)], > that now uses the 'public domain', the fix of that CVE is as simple as > migrating to the latest codebase of said library. > Along this, it would be beneficial to perform some side activities, such as > the upgrade to the latest parent pom and junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
