hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruchika Mahajan <ruchika.mahaja...@gmail.com>
Subject Re: Regarding CVE-2012-5783 in commons-httpclient-3.1.jar
Date Wed, 06 Aug 2014 05:46:21 GMT
Thanks Oleg.
S, does that mean the only solution for removing this vulnerability is to
upgrade HC 3.1 to 4.x.

Thanks in Advance.

BR,
Ruchika


On Tue, Aug 5, 2014 at 1:52 PM, Oleg Kalnichevski <olegk@apache.org> wrote:

> On Tue, 2014-08-05 at 13:00 +0530, Ruchika Mahajan wrote:
> > Hi,
> >
> > We are using "*commons-httpclient-3.1.jar*" in our project and observed
> > "CVE-2012-5783" vulnerability in it.
> > Do we have any update or patch for commons-httpclient-3.x jar for
> removing
> > this vulnerability.
> >
> > BR,
> > Ruchika
>
> HC 3.1 is at end of life since Jan 2011. It is no longer supported or
> updated.
>
> Oleg
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message