[JBoss JIRA] (TEIID-5823) CVE's in jboss-fuse/teiid

Tuesday, 15 October 2019

    [
https://issues.jboss.org/browse/TEIID-5823?page=com.atlassian.jira.plugin...
] 

Steven Hawkins commented on TEIID-5823:
---------------------------------------

Actually this is also breaking things on master, I just didn't see it because the
wildfly build was pulled off of travis.  I'll see what can be done.

...
 CVE's in jboss-fuse/teiid
 -------------------------

                 Key: TEIID-5823
                 URL: https://issues.jboss.org/browse/TEIID-5823
             Project: Teiid
          Issue Type: Quality Risk
          Components: Build/Kits
    Affects Versions: 13.x, 12.3.1
            Reporter: Van Halbert
            Assignee: Van Halbert
            Priority: Blocker
             Fix For: 13.0, 7.5-12.3.1

 *Branch/Tag*: 12.3.1.fuse-750011-redhat-00001
 * *Severity*: {color:#f9423a}High{color}
 1.  apache commons collections
 *  Vulnerability ID: CVE-2015-6420
 2.  org.apache.lucene:lucene-queryparser - Remote Code Execution (RCE)
 * Vulnerability ID: CVE-2017-12629
 3.  org.slf4j:slf4j-ext - Access Restriction Bypass
 *  Vulnerability ID: CVE-2018-8088
 These changes will be committed to the teiid/teiid product branch 7.5-12.3.x and to
master. 

--
This message was sent by Atlassian Jira
(v7.13.8#713008)

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009