[
https://issues.apache.org/jira/browse/MNG-6312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16325355#comment-16325355
]
Sylwester Lachiewicz commented on MNG-6312:
-------------------------------------------
Yours patch shoud be enugh - i run ITs on windows almost with success.
Only one error
{code}
testitReactorShouldResultInExpectedOrder(org.apache.maven.it.MavenITmng6057CheckReactorOrderTest)
Time elapsed: 1.699 sec <<< FAILURE!
junit.framework.AssertionFailedError: expected:<3> but was:<5>
at junit.framework.Assert.fail(Assert.java:47)
org.apache.maven.it.MavenITmng6057CheckReactorOrderTest.testitReactorShouldResultInExpectedOrder(MavenITmng6057CheckReactorOrderTest.java:69)
{code}
Result from test with maven 3.5.3-SNAPSHOT
{code}
[INFO] Reactor Build Order:
[INFO]
[INFO] base-project [pom]
[INFO] module-1 [pom]
[INFO] module-2 [jar]
{code}
but this looks like related to already fixed MNG-6057 maybe test in ITs should
be adjusted?
> Update Maven Wagon dependency
> -----------------------------
>
> Key: MNG-6312
> URL: https://issues.apache.org/jira/browse/MNG-6312
> Project: Maven
> Issue Type: Dependency upgrade
> Affects Versions: 3.5.0
> Reporter: Sylwester Lachiewicz
> Assignee: Karl Heinz Marbaise
> Fix For: 3.5.3
>
>
> Based on OWASP report - update Maven Wagon from 2.12 to 3.0.0 to fix known
> vulnerability in shaded jsoup
> wagon-http-2.12-shaded.jar\META-INF/maven/org.jsoup/jsoup/pom.xml
> (cpe:/a:jsoup:jsoup:1.7.2, org.jsoup:jsoup:1.7.2) : CVE-2015-6748
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
