Hi, I would say the vulnerability will be in jetty bundle not Geronimo (6.1.XX is included)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4461 Regards On 1/31/12, Jean-Baptiste Onofré <[email protected]> wrote: > Ohh sorry Diwakar, you talk about ServiceMix 3.x. > > Regarding ServiceMix 3.x and my previous e-mail, ServiceMix 3 uses the > same Geronimo components as ServiceMix components. > > Regards > JB > > On 01/31/2012 02:21 PM, diwakar wrote: >> Hi, >> >> >> ServiceMix embeds some Specs provided by Geronimo >> If it is only specs, can we ignore this particular security >> vulnerability from Servicemix pov. >> >> With Best Regards, >> Diwakar >> >> >> -- >> View this message in context: >> http://servicemix.396122.n5.nabble.com/Servicemix-3-x-Geronimo-Dependency-CVE-2011-5034-tp5443711p5444514.html >> Sent from the ServiceMix - User mailing list archive at Nabble.com. > > -- > Jean-Baptiste Onofré > [email protected] > http://blog.nanthrax.net > Talend - http://www.talend.com >
