[overlord-issues] [JBoss JIRA] (RTGOV-601) Enforcer issues in multiple modules
Brett Meyer (JIRA)
issues at jboss.org
Wed Oct 15 10:41:36 EDT 2014
[ https://issues.jboss.org/browse/RTGOV-601?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brett Meyer updated RTGOV-601:
------------------------------
Summary: Enforcer issues in multiple modules (was: Enforcer issues in org.overlord.rtgov.activity-management:activity)
> Enforcer issues in multiple modules
> -----------------------------------
>
> Key: RTGOV-601
> URL: https://issues.jboss.org/browse/RTGOV-601
> Project: RTGov (Run Time Governance)
> Issue Type: Bug
> Reporter: Brett Meyer
> Assignee: Gary Brown
>
> After upgrading to the BOM CR14, enforcer fails, but no actual errors are shown during the build. The only thing relevant I can find:
> {code}
> [WARNING] The dependency xercesImpl-2.9.1 matches a vulnerability recorded in the victims database. [CVE-2009-2625]
> [WARNING] Rule 0: com.redhat.victims.VictimsRule failed with message:
> +=======================+
> |VULNERABILITY DETECTED!|
> +=======================+
> For more information visit:
> - https://access.redhat.com/security/cve/CVE-2009-2625
> {code}
> What's odd is that we don't explicitly depend on xercesImpl. I'm not sure if that's a bug in the plugin: failing due to a warning on a transitive dependency.
> For now, enforcer is completely disabled on the module.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
More information about the overlord-issues
mailing list