OFBiz OFBiz - Commits

svn commit: r1741416 [1/3] - in /ofbiz/trunk/tools/security/dependency-check: dependency-check-report.html suppress.xml

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
jleroux@apache.org
Reply | Threaded
Open this post in threaded view
|

svn commit: r1741416 [1/3] - in /ofbiz/trunk/tools/security/dependency-check: dependency-check-report.html suppress.xml

jleroux@apache.org
Author: jleroux
Date: Thu Apr 28 11:51:08 2016
New Revision: 1741416

URL: http://svn.apache.org/viewvc?rev=1741416&view=rev
Log:
Updates OWASP dependency check files.
Several changes, notably:
* removes all Tomcat libs suppresses (in catalina\lib) and rather adds a sole suppress based on CVEs (current Tomcat version not concerned)
* same for jsp-api-2.3
* a new vulnerability is identified: CVE-2015-1776 for hadoop libs (in solr component)

Modified:
    ofbiz/trunk/tools/security/dependency-check/dependency-check-report.html
    ofbiz/trunk/tools/security/dependency-check/suppress.xml

Free forum by Nabble Edit this page