[jira] [Updated] (MNG-6312) Update Maven Wagon dependency

Karl Heinz Marbaise (JIRA) Sat, 06 Jan 2018 14:03:40 -0800

     [ 
https://issues.apache.org/jira/browse/MNG-6312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Karl Heinz Marbaise updated MNG-6312:
-------------------------------------
    Affects Version/s: 3.5.0

> Update Maven Wagon dependency
> -----------------------------
>
>                 Key: MNG-6312
>                 URL: https://issues.apache.org/jira/browse/MNG-6312
>             Project: Maven
>          Issue Type: Dependency upgrade
>    Affects Versions: 3.5.0
>            Reporter: Sylwester Lachiewicz
>             Fix For: 3.5.3
>
>
> Based on OWASP report - update Maven Wagon from 2.12 to 3.0.0 to fix known 
> vulnerability in shaded jsoup
> wagon-http-2.12-shaded.jar\META-INF/maven/org.jsoup/jsoup/pom.xml 
> (cpe:/a:jsoup:jsoup:1.7.2, org.jsoup:jsoup:1.7.2) : CVE-2015-6748



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (MNG-6312) Update Maven Wagon dependency

Reply via email to