[teiid-issues] [JBoss JIRA] (TEIID-5823) CVE's in jboss-fuse/teiid
Steven Hawkins (Jira)
issues at jboss.org
Tue Oct 15 08:27:00 EDT 2019
[ https://issues.jboss.org/browse/TEIID-5823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13799606#comment-13799606 ]
Steven Hawkins commented on TEIID-5823:
---------------------------------------
Actually this is also breaking things on master, I just didn't see it because the wildfly build was pulled off of travis. I'll see what can be done.
> CVE's in jboss-fuse/teiid
> -------------------------
>
> Key: TEIID-5823
> URL: https://issues.jboss.org/browse/TEIID-5823
> Project: Teiid
> Issue Type: Quality Risk
> Components: Build/Kits
> Affects Versions: 13.x, 12.3.1
> Reporter: Van Halbert
> Assignee: Van Halbert
> Priority: Blocker
> Fix For: 13.0, 7.5-12.3.1
>
>
> *Branch/Tag*: 12.3.1.fuse-750011-redhat-00001
> * *Severity*: {color:#f9423a}High{color}
> 1. apache commons collections
> * Vulnerability ID: CVE-2015-6420
> 2. org.apache.lucene:lucene-queryparser - Remote Code Execution (RCE)
> * Vulnerability ID: CVE-2017-12629
> 3. org.slf4j:slf4j-ext - Access Restriction Bypass
> * Vulnerability ID: CVE-2018-8088
> These changes will be committed to the teiid/teiid product branch 7.5-12.3.x and to master.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the teiid-issues
mailing list