myfaces-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <...@myfaces.apache.org>
Subject [jira] [Commented] (TOBAGO-1839) Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3 - CVE-2015-6748
Date Thu, 04 Jan 2018 17:10:00 GMT

    [ https://issues.apache.org/jira/browse/TOBAGO-1839?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16311677#comment-16311677
] 

Hudson commented on TOBAGO-1839:
--------------------------------

SUCCESS: Integrated in Jenkins build Tobago Trunk #1232 (See [https://builds.apache.org/job/Tobago%20Trunk/1232/])
TOBAGO-1839: Cross-site scripting (XSS) vulnerability in jsoup before (lofwyr: rev 34e4410f2cea76c78779627665c73905e2523824)
* (edit) pom.xml


> Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3 - CVE-2015-6748
> ------------------------------------------------------------------------------
>
>                 Key: TOBAGO-1839
>                 URL: https://issues.apache.org/jira/browse/TOBAGO-1839
>             Project: MyFaces Tobago
>          Issue Type: Task
>          Components: Core
>    Affects Versions: 2.1.0, 3.0.6
>            Reporter: Udo Schnurpfeil
>            Assignee: Udo Schnurpfeil
>             Fix For: 2.1.1, 4.1.0, 3.0.7
>
>
> Tobago uses jsoup by default. But the dependency can be updated to a newer version in
the application which uses Tobago.
> The next releases should reference an updated version of jsoup.
> Current version is 1.11.2



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message