cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] FDU-SE-LAB opened a new issue #3119: Your project apache/cloudstack is using buggy third-party libraries [WARNING]
Date Mon, 07 Jan 2019 02:39:36 GMT
FDU-SE-LAB opened a new issue #3119: Your project apache/cloudstack is using buggy third-party
libraries [WARNING]
URL: https://github.com/apache/cloudstack/issues/3119
 
 
   Hi, there!
   We are a research team working on third-party library analysis. We have found that some
widely-used third-party libraries in your project have major/critical bugs, which will degrade
the quality of your project. We highly recommend you to update those libraries to new versions.
   
   We have attached the buggy third-party libraries and corresponding jira issue links below
for you to have more detailed information.
     1  org.apache.httpcomponents httpclient (pom.xml)
     version: 4.5.4
   
     Jira issues:
     evictExpiredConnections does not work as intended
     affectsVersions:4.5.4;5.0 Alpha3
     https://issues.apache.org/jira/projects/HTTPCLIENT/issues/HTTPCLIENT-1835?filter=allopenissues
     NullPointerException in SystemDefaultCredentialsProvider.getCredentials when AuthScope.orgin
is null
     affectsVersions:4.5.4
     https://issues.apache.org/jira/projects/HTTPCLIENT/issues/HTTPCLIENT-1888?filter=allopenissues
     Inspecting the Redirect inside a RedirectStrategy mutates the RedirectLocations array
     affectsVersions:4.5.4
     https://issues.apache.org/jira/projects/HTTPCLIENT/issues/HTTPCLIENT-1893?filter=allopenissues
     connection leak issue when OutOfMemory
     affectsVersions:4.5.3;4.5.4;4.5.5
     https://issues.apache.org/jira/projects/HTTPCLIENT/issues/HTTPCLIENT-1924?filter=allopenissues
   
   
   
   
     2  commons-io commons-io (pom.xml)
     version: 2.6
   
     Jira issues:
     .gitattributes not correctly applied
     affectsVersions:2.6
     https://issues.apache.org/jira/projects/IO/issues/IO-516?filter=allopenissues
     FilenameUtils.normalize should verify hostname syntax in UNC path
     affectsVersions:2.6
     https://issues.apache.org/jira/projects/IO/issues/IO-559?filter=allopenissues
     Missing Javadoc in FilenameUtils causing Travis-CI build to fail
     affectsVersions:2.6
     https://issues.apache.org/jira/projects/IO/issues/IO-570?filter=allopenissues
   
   
   
   
     3  commons-codec commons-codec (pom.xml)
     version: 1.11
   
     Jira issues:
     InputStream not closed
     affectsVersions:1.10;1.11
     https://issues.apache.org/jira/projects/CODEC/issues/CODEC-225?filter=allopenissues
   
   
   
   
     4  commons-lang commons-lang (pom.xml)
     version: 2.6
   
     Jira issues:
     Remove unnecessary synchronization from registry lookup in EqualsBuilder and HashCodeBuilder
     affectsVersions:2.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-1230?filter=allopenissues
     LocaleUtils - DCL idiom is not thread-safe
     affectsVersions:2.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-803?filter=allopenissues
     Exception when combining custom and choice format in ExtendedMessageFormat
     affectsVersions:2.5;2.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-917?filter=allopenissues
   
   
   
   
     5  org.apache.commons commons-lang3 (pom.xml)
     version: 3.6
   
     Jira issues:
     StackOverflowError on TypeUtils.toString(...) for a generic return type of Enum.valueOf
     affectsVersions:3.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-1348?filter=allopenissues
     EqualsBuilder#isRegistered: swappedPair construction bug
     affectsVersions:3.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-1349?filter=allopenissues
     ConstructorUtils.invokeConstructor(Class; Object...) regression
     affectsVersions:3.5;3.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-1350?filter=allopenissues
     TimeZone.getTimeZone() in FastDateParser causes resource contention
     affectsVersions:3.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-1355?filter=allopenissues
     org.apache.commons.lang3.time.FastDateParser should use toUpperCase(Locale)
     affectsVersions:3.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-1357?filter=allopenissues
     ExceptionUtils.getThrowableList() is using deprecated ExceptionUtils.getCause()
     affectsVersions:3.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-1361?filter=allopenissues
     ExceptionUtils#getRootCause(Throwable t) should return t if no lower level cause exists
     affectsVersions:3.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-1364?filter=allopenissues
   
   
   
   
   Sincerely~
   FDU Software Engineering Lab
   Jan 7th,2019

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message