[jira] [Commented] (FELIX-6235) Disallow DTDs when reading OBR repository files

2020-06-10 Thread Colm O hEigeartaigh (Jira)
[ https://issues.apache.org/jira/browse/FELIX-6235?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17130907#comment-17130907 ] Colm O hEigeartaigh commented on FELIX-6235: [~gnodet] - are there any plans to get 4.2.2 out

[jira] [Updated] (FELIX-6271) Make sure invalid bundles are deleted in BundleServlet

2020-04-30 Thread Colm O hEigeartaigh (Jira)
[ https://issues.apache.org/jira/browse/FELIX-6271?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh updated FELIX-6271: --- Description: If you attempt to upload an invalid bundle in BundleServlet (say a

[jira] [Created] (FELIX-6271) Make sure invalid bundles are deleted in BundleServlet

2020-04-30 Thread Colm O hEigeartaigh (Jira)
Colm O hEigeartaigh created FELIX-6271: -- Summary: Make sure invalid bundles are deleted in BundleServlet Key: FELIX-6271 URL: https://issues.apache.org/jira/browse/FELIX-6271 Project: Felix

[jira] [Created] (FELIX-6235) Disallow DTDs when reading OBR repository files

2020-03-02 Thread Colm O hEigeartaigh (Jira)
Colm O hEigeartaigh created FELIX-6235: -- Summary: Disallow DTDs when reading OBR repository files Key: FELIX-6235 URL: https://issues.apache.org/jira/browse/FELIX-6235 Project: Felix

[jira] [Created] (FELIX-6234) Update Snakeyaml

2020-03-02 Thread Colm O hEigeartaigh (Jira)
Colm O hEigeartaigh created FELIX-6234: -- Summary: Update Snakeyaml Key: FELIX-6234 URL: https://issues.apache.org/jira/browse/FELIX-6234 Project: Felix Issue Type: Improvement

[jira] [Commented] (FELIX-6185) jQuery <3.4.0 is vulnerable to prototype pollution attacks

2019-11-19 Thread Colm O hEigeartaigh (Jira)
[ https://issues.apache.org/jira/browse/FELIX-6185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16977416#comment-16977416 ] Colm O hEigeartaigh commented on FELIX-6185: [~cziegeler] - I think the fix for version

[jira] [Created] (FELIX-6193) Update maven-archiver + plexus-utils

2019-10-17 Thread Colm O hEigeartaigh (Jira)
Colm O hEigeartaigh created FELIX-6193: -- Summary: Update maven-archiver + plexus-utils Key: FELIX-6193 URL: https://issues.apache.org/jira/browse/FELIX-6193 Project: Felix Issue Type:

[jira] [Created] (FELIX-6189) Make sure jar/zip files are jailed to the destination directory

2019-10-08 Thread Colm O hEigeartaigh (Jira)
Colm O hEigeartaigh created FELIX-6189: -- Summary: Make sure jar/zip files are jailed to the destination directory Key: FELIX-6189 URL: https://issues.apache.org/jira/browse/FELIX-6189 Project:

[jira] [Commented] (FELIX-6179) Fix Jetty Client Authentication

2019-09-10 Thread Colm O hEigeartaigh (Jira)
[ https://issues.apache.org/jira/browse/FELIX-6179?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16926902#comment-16926902 ] Colm O hEigeartaigh commented on FELIX-6179: PR submitted:

[jira] [Created] (FELIX-6179) Fix Jetty Client Authentication

2019-09-10 Thread Colm O hEigeartaigh (Jira)
Colm O hEigeartaigh created FELIX-6179: -- Summary: Fix Jetty Client Authentication Key: FELIX-6179 URL: https://issues.apache.org/jira/browse/FELIX-6179 Project: Felix Issue Type: Bug

[jira] [Commented] (FELIX-6035) Allow urlhandlers to create urls for jrt protocol without an add-opens

2019-02-01 Thread Colm O hEigeartaigh (JIRA)
[ https://issues.apache.org/jira/browse/FELIX-6035?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16758228#comment-16758228 ] Colm O hEigeartaigh commented on FELIX-6035: Please backport to 5.x as well, as it's causing