[jira] [Commented] (TAP5-2794) Upgrade away from vulnerable commons-io and commons-fileupload dependencies

ASF subversion and git services (Jira) Sat, 26 Oct 2024 06:11:05 -0700


    [ 
https://issues.apache.org/jira/browse/TAP5-2794?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17893075#comment-17893075
 ]


ASF subversion and git services commented on TAP5-2794:
-------------------------------------------------------

Commit 5e2af49edef5ccfca9e578e38ce908ea0e36a8cb in tapestry-5's branch 
refs/heads/javax from Thiago H. de Paula Figueiredo
[ https://gitbox.apache.org/repos/asf?p=tapestry-5.git;h=5e2af49ed ]

TAP5-2794: upgrade commons-io and commons-fileupload

dependencies so we don't use versions with known security
vulnerabilities.

> Upgrade away from vulnerable commons-io and commons-fileupload dependencies
> ---------------------------------------------------------------------------
>
>                 Key: TAP5-2794
>                 URL: https://issues.apache.org/jira/browse/TAP5-2794
>             Project: Tapestry 5
>          Issue Type: Bug
>          Components: tapestry-http, tapestry-upload
>            Reporter: Thiago Henrique De Paula Figueiredo
>            Assignee: Thiago Henrique De Paula Figueiredo
>            Priority: Critical
>
> The vulnerabilities can be seen at 
> https://mvnrepository.com/artifact/org.apache.tapestry/tapestry-upload/5.9.0-preview-2.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (TAP5-2794) Upgrade away from vulnerable commons-io and commons-fileupload dependencies

Reply via email to