Uploaded image for project: 'mod-data-import'
  1. mod-data-import
  2. MODDATAIMP-665

Update dependencies (RMB, Vertx, log4j, ...) (CVE-2021-44228)

    XMLWordPrintable

Details

    • Folijet Sprint 136
    • 0
    • Folijet
    • Lotus R1 2022
    • Related dependency upgrade

    Description

      Update dependencies fixing multiple vulnerabilities:

      Update RMB from 32.1.0 to 33.2.7.
      The RMB update indirectly updates log4j from 2.13.3 to 2.17.1 fixing  https://nvd.nist.gov/vuln/detail/CVE-2021-44228
      The RMB update indirectly updates jackson-databind from 2.11.3 to 2.13.1 fixing https://nvd.nist.gov/vuln/detail/CVE-2020-36518

      Update Vert.x from 4.0.0 to 4.2.6.

      Update mod-configuration-client from 5.6.0 to 5.7.5.

      Suppress mockito-core from runtime by setting <scope>provided</scope>.

      TestRail: Results

        Attachments

          Issue Links

            defines

            New Feature - New feature requests UXPROD-3262 NFR: Data Import R1 2022 Lotus Technical, NFR, & Misc work

            • P2 - normal priority level, must be included in the current development cycle
            • Closed

            Activity

              People

                julianladisch Julian Ladisch
                julianladisch Julian Ladisch
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases