[jbosstools-issues] [JBoss JIRA] (JBIDE-26301) Reduce CVE issues in org.fusesource.ide bundles

Nick Boldt (JIRA) issues at jboss.org
Tue Sep 11 10:58:00 EDT 2018 

     [ https://issues.jboss.org/browse/JBIDE-26301?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Nick Boldt updated JBIDE-26301:
-------------------------------
    Fix Version/s: 4.9.0.Final
                       (was: 4.9.0.AM3)


> Reduce CVE issues in org.fusesource.ide bundles
> -----------------------------------------------
>
>                 Key: JBIDE-26301
>                 URL: https://issues.jboss.org/browse/JBIDE-26301
>             Project: Tools (JBoss Tools)
>          Issue Type: Bug
>          Components: central-update
>            Reporter: Nick Boldt
>            Assignee: Nick Boldt
>             Fix For: 4.9.0.Final
>
>
> Some CVE issues exist in fuse bundles:
> {code:title=unpacked/devstudio-12.9.0.AM2-v20180808-0721-B3149-updatesite-core/}
> org.fusesource.ide.camel.model.service.impl.v2151redhat621216_11.1.0.v20180723-1842.jar/libs
> org.fusesource.ide.camel.model.service.impl.v2151redhat621216_11.1.0.v20180723-1842.jar/libs/camel-core-2.15.1.redhat-621216.jar/META-INF/maven/org.apache.camel/camel-core
> org.fusesource.ide.camel.model.service.impl.v2170redhat630347_11.1.0.v20180725-0619.jar/libs
> org.fusesource.ide.camel.model.service.impl.v2170redhat630347_11.1.0.v20180725-0619.jar/libs/camel-core-2.17.0.redhat-630347.jar/META-INF/maven/org.apache.camel/camel-core
> org.fusesource.ide.camel.model.service.impl.v2181redhat000021_11.1.0.v20180723-1842.jar/libs
> org.fusesource.ide.camel.model.service.impl.v2181redhat000021_11.1.0.v20180723-1842.jar/libs/camel-core-2.18.1.redhat-000021.jar/META-INF/maven/org.apache.camel/camel-core
> org.fusesource.ide.camel.model.service.impl.v2181redhat000021_11.1.0.v20180723-1842.jar/libs/camel-core-2.18.1.redhat-000021.jar/META-INF/maven/org.apache.camel/spi-annotations
> org.fusesource.ide.camel.model.service.impl.v2203_11.1.0.v20180723-1842.jar/libs
> org.fusesource.ide.camel.model.service.impl.v2210fuse000077redhat1_11.1.0.v20180723-1842.jar/libs
> org.fusesource.ide.camel.model.service.impl_11.1.0.v20180801-0947.jar/libs
> org.fusesource.ide.jmx.activemq_11.1.0.v20180723-1842.jar/libs
> org.fusesource.ide.wsdl2rest_11.1.0.v20180807-1302.jar/libs{code}
> -- https://dev-platform-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/view/Devstudio/view/jbosstools-releng/job/devstudio.cve.report-merged/lastBuild/dependency-check-jenkins-pluginResult/
> Verification: check if we have fewer CVEs after updating to newer version of fuse 11.1.x:
> https://dev-platform-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/view/Devstudio/view/jbosstools-releng/job/devstudio.cve.report/lastBuild/dependency-check-jenkins-pluginResult/HIGH/ vs. #103
> https://dev-platform-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/view/Devstudio/view/jbosstools-releng/job/devstudio.cve.report-merged/lastBuild/dependency-check-jenkins-pluginResult/HIGH/ vs. build #87



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jbosstools-issues mailing list