tamaya-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Philipp Ottlinger (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (TAMAYA-386) Fix CVE warnings in Tamaya-core: Vertx and Checkstyle
Date Tue, 23 Apr 2019 20:52:00 GMT

    [ https://issues.apache.org/jira/browse/TAMAYA-386?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16824510#comment-16824510
] 

Philipp Ottlinger commented on TAMAYA-386:
------------------------------------------

[~acoburn] trying to upgrade checkstyle to 8.19 in Tamaya-core/pom.xml:L402 yields an error
message:
{code:java}
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-checkstyle-plugin:3.0.0:check
(checkstyle) on project tamaya-api: Failed during checkstyle configuration: SuppressionCommentFilter
is not allowed as a child in Checker -> [Help 1]

in 
[INFO] Reactor Summary for Apache Tamaya Base 0.4-incubating-SNAPSHOT:
[INFO]
[INFO] Apache Tamaya Base ................................. SUCCESS [ 3.546 s]
[INFO] Apache Tamaya Build Configuration .................. SUCCESS [ 0.836 s]
[INFO] Apache Tamaya Code - all ........................... SUCCESS [ 0.202 s]
[INFO] Apache Tamaya Core API ............................. FAILURE [ 13.719 s]{code}
 

Do you have any idea what this could mean or have worked with newer checkstyle versions? Thanks.

> Fix CVE warnings in Tamaya-core: Vertx and Checkstyle
> -----------------------------------------------------
>
>                 Key: TAMAYA-386
>                 URL: https://issues.apache.org/jira/browse/TAMAYA-386
>             Project: Tamaya
>          Issue Type: Improvement
>    Affects Versions: 0.4-incubating
>            Reporter: Philipp Ottlinger
>            Assignee: Philipp Ottlinger
>            Priority: Major
>             Fix For: 0.4-incubating
>
>
> Fix current CVE-alerts in Tamaya-Core:
> [https://github.com/apache/incubator-tamaya/network/alerts]
>  * Vertx >=3.5.4
>  ** [https://nvd.nist.gov/vuln/detail/CVE-2018-12537]
>  ** [https://nvd.nist.gov/vuln/detail/CVE-2018-12541]
>  * Checkstyle >=8.18 - [https://nvd.nist.gov/vuln/detail/CVE-2019-9658]



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message