jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Julian Reschke (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (JCRVLT-156) Review dependencies
Date Fri, 03 Feb 2017 20:04:53 GMT

     [ https://issues.apache.org/jira/browse/JCRVLT-156?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Julian Reschke updated JCRVLT-156:
----------------------------------
    Description: 
The pom currently references unstable releases of Jackrabbit and Oak. Is this necessary?

Also, other dependencies should be reviewed as well. For instance, commons-collections should
be updated to 3.2.2 (see https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-32731/version_id-187982/Apache-Commons-Collections-3.2.1.html)

  was:
The pom currently references unstable releases of Jackrabbit and Oak. Is this necessary?

Also, other dependencies should be reviewed as well. For instance, commons-collections should
be update to 3.2.2 (see https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-32731/version_id-187982/Apache-Commons-Collections-3.2.1.html)


> Review dependencies
> -------------------
>
>                 Key: JCRVLT-156
>                 URL: https://issues.apache.org/jira/browse/JCRVLT-156
>             Project: Jackrabbit FileVault
>          Issue Type: Task
>    Affects Versions: 3.1.36
>            Reporter: Julian Reschke
>
> The pom currently references unstable releases of Jackrabbit and Oak. Is this necessary?
> Also, other dependencies should be reviewed as well. For instance, commons-collections
should be updated to 3.2.2 (see https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-32731/version_id-187982/Apache-Commons-Collections-3.2.1.html)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message