OFBiz OFBiz - Dev

[jira] [Commented] (OFBIZ-5744) We need to upgrade Birt which uses Axis 1.4 because of CVE-2014-3596

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] [Commented] (OFBIZ-5744) We need to upgrade Birt which uses Axis 1.4 because of CVE-2014-3596

Nicolas Malin (Jira)

    [ https://issues.apache.org/jira/browse/OFBIZ-5744?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15243313#comment-15243313 ]

Jacques Le Roux commented on OFBIZ-5744:
----------------------------------------

Actually there is more than that, see https://svn.apache.org/viewvc/ofbiz/trunk/tools/security/dependency-check/dependency-check-report.html?view=co&revision=HEAD

> We need to upgrade Birt which uses Axis 1.4 because of CVE-2014-3596
> --------------------------------------------------------------------
>
>                 Key: OFBIZ-5744
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-5744
>             Project: OFBiz
>          Issue Type: Bug
>          Components: specialpurpose/birt
>    Affects Versions: 11.04.06, 12.04.05, 14.12.01
>            Reporter: Jacques Le Roux
>
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3596



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
Free forum by Nabble Edit this page