mod_cluster-issues March 2019

mod_cluster-issues@lists.jboss.org

1 participants
13 discussions

[JBoss JIRA] (MODCLUSTER-677) Upgrade com.puppycrawl.tools:checkstyle to version 8.18 or later

by Radoslav Husar (Jira)

[ https://issues.jboss.org/browse/MODCLUSTER-677?page=com.atlassian.jira.pl... ] Radoslav Husar updated MODCLUSTER-677: -------------------------------------- Issue Type: Component Upgrade (was: Task) > Upgrade com.puppycrawl.tools:checkstyle to version 8.18 or later > ---------------------------------------------------------------- > > Key: MODCLUSTER-677 > URL: https://issues.jboss.org/browse/MODCLUSTER-677 > Project: mod_cluster > Issue Type: Component Upgrade > Components: Core & Container Integration (Java) > Affects Versions: 2.0.0.Alpha1 > Reporter: Radoslav Husar > Assignee: Radoslav Husar > Priority: Major > > 1 com.puppycrawl.tools:checkstyle vulnerability found in pom.xml 17 hours ago > Remediation > Upgrade com.puppycrawl.tools:checkstyle to version 8.18 or later. For example: > <dependency> > <groupId>com.puppycrawl.tools</groupId> > <artifactId>checkstyle</artifactId> > <version>[8.18,)</version> > </dependency> > Always verify the validity and compatibility of suggestions with your codebase. > Details > CVE-2019-9658 More information > moderate severity > Vulnerable versions: < 8.18 > Patched version: 8.18 > Checkstyle prior to 8.18 loads external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information. -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 9 months

1
0
0 / 0

[JBoss JIRA] (MODCLUSTER-677) Upgrade com.puppycrawl.tools:checkstyle to version 8.18 or later

by Radoslav Husar (Jira)

Radoslav Husar created MODCLUSTER-677: ----------------------------------------- Summary: Upgrade com.puppycrawl.tools:checkstyle to version 8.18 or later Key: MODCLUSTER-677 URL: https://issues.jboss.org/browse/MODCLUSTER-677 Project: mod_cluster Issue Type: Task Components: Core & Container Integration (Java) Affects Versions: 2.0.0.Alpha1 Reporter: Radoslav Husar Assignee: Radoslav Husar -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 9 months

1
0
0 / 0

[JBoss JIRA] (MODCLUSTER-677) Upgrade com.puppycrawl.tools:checkstyle to version 8.18 or later

by Radoslav Husar (Jira)

[ https://issues.jboss.org/browse/MODCLUSTER-677?page=com.atlassian.jira.pl... ] Radoslav Husar updated MODCLUSTER-677: -------------------------------------- Description: 1 com.puppycrawl.tools:checkstyle vulnerability found in pom.xml 17 hours ago Remediation Upgrade com.puppycrawl.tools:checkstyle to version 8.18 or later. For example: <dependency> <groupId>com.puppycrawl.tools</groupId> <artifactId>checkstyle</artifactId> <version>[8.18,)</version> </dependency> Always verify the validity and compatibility of suggestions with your codebase. Details CVE-2019-9658 More information moderate severity Vulnerable versions: < 8.18 Patched version: 8.18 Checkstyle prior to 8.18 loads external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information. > Upgrade com.puppycrawl.tools:checkstyle to version 8.18 or later > ---------------------------------------------------------------- > > Key: MODCLUSTER-677 > URL: https://issues.jboss.org/browse/MODCLUSTER-677 > Project: mod_cluster > Issue Type: Task > Components: Core & Container Integration (Java) > Affects Versions: 2.0.0.Alpha1 > Reporter: Radoslav Husar > Assignee: Radoslav Husar > Priority: Major > > 1 com.puppycrawl.tools:checkstyle vulnerability found in pom.xml 17 hours ago > Remediation > Upgrade com.puppycrawl.tools:checkstyle to version 8.18 or later. For example: > <dependency> > <groupId>com.puppycrawl.tools</groupId> > <artifactId>checkstyle</artifactId> > <version>[8.18,)</version> > </dependency> > Always verify the validity and compatibility of suggestions with your codebase. > Details > CVE-2019-9658 More information > moderate severity > Vulnerable versions: < 8.18 > Patched version: 8.18 > Checkstyle prior to 8.18 loads external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information. -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 9 months

1
0
0 / 0

← Newer
1
2
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

mod_cluster-issues March 2019