A quick search shows that jetty is impacted, and produced several new
versions last week.
As the Target Platform is targeting 2023-09, I can check if we can update
to it.
Le lun. 16 oct. 2023 à 08:53, Aurélien Pupier <apupier(a)redhat.com> a écrit :
Hello,
Has the Target Platform been checked to not contain dependencies affected
by CVE-2023-44487 (HTTP/2 Rapid Reset) ?
Do we want to check for it even if we are community only with very limited
resources given that it seems to be a Major vulnerability?
On Mon, Oct 16, 2023 at 8:00 AM Stephane Bouchet <sbouchet(a)redhat.com>
wrote:
> Hello,
>
> It's a reminder that JBossTools 4.29.0.Final release is on the way.
>
> The TP will be frozen tomorrow Tuesday EOD UTC [1] and all source
> repositories will be frozen Wednesday EOD UTC.
>
> If you have pending PRs, please check them and make sure they are merged
> before the code freeze.
>
> Thank you,
>
> Regards,
>
> [1] see
https://issues.redhat.com/browse/JBIDE-29058
>
> --
>
> Stéphane Bouchet
>
> Senior Software Engineer, R&D
>
> Remote France
>
> Red Hat <
https://www.redhat.com/>
> <
https://www.redhat.com/>
> _______________________________________________
> jbosstools-dev mailing list -- jbosstools-dev(a)lists.jboss.org
> To unsubscribe send an email to jbosstools-dev-leave(a)lists.jboss.org
> Privacy Statement:
https://www.redhat.com/en/about/privacy-policy
> List Archives:
>
https://lists.jboss.org/archives/list/jbosstools-dev@lists.jboss.org/mess...
>
--
Stéphane Bouchet
Senior Software Engineer, R&D
Remote France
Red Hat <
https://www.redhat.com/>
<
https://www.redhat.com/>