[
https://issues.apache.org/jira/browse/UIMA-6486?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Richard Eckart de Castilho resolved UIMA-6486.
----------------------------------------------
Resolution: Abandoned
Marking issue as abandoned as Jira is no longer used.
> Fix for FileUtil vulnerability in UIMA 2.*?
> -------------------------------------------
>
> Key: UIMA-6486
> URL: https://issues.apache.org/jira/browse/UIMA-6486
> Project: UIMA
> Issue Type: Bug
> Affects Versions: 2.11.0SDK
> Reporter: Benjamin De Boe
> Assignee: Richard Eckart de Castilho
> Priority: Major
>
> Hi,
> we distribute a custom annotator built on UIMA v2, which is affected by
> https://nvd.nist.gov/vuln/detail/CVE-2022-32287. We do not have any near-term
> bandwidth to upgrade our library to v3, and more critically some of our
> customers have other pipelines still running on v2 that they may not be able
> to migrate to v3 any time soon.
> Are there any plans to deliver a new v2.11 bugfix release that addresses this
> vulnerability?
> Thanks!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
