[ https://issues.apache.org/jira/browse/JAMES-2209?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Antoine Duprat closed JAMES-2209. --------------------------------- > Upgrade libraries containing CVEs > --------------------------------- > > Key: JAMES-2209 > URL: https://issues.apache.org/jira/browse/JAMES-2209 > Project: James Server > Issue Type: Bug > Affects Versions: master > Reporter: Thibaut SAUTEREAU > > The following libraries were reported by the OWASP Dependency Checker as > containing CVEs: > ActiveMQ (CVE-2015-5183 and CVE-2015-5184) > -> upgrade from 5.15.0 to 5.15.2 (last stable) > logback-classic (CVE-2017-5929) > -> upgrade from 1.1.7 to 1.1.11 (last stable of 1.1.x) > jetty (CVE-2017-9735) > -> upgrade from 9.4.4 to 9.4.7.v20170914 (last stable) -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org