-
Task
-
Resolution: Done
-
Medium
-
None
-
None
-
None
-
Policy El Alto 2 7/29-8/16, Policy El Alto 3 8/19-9/06
Per PTL meeting:
- Policy does not pull in tomcat-embed-core - not showing in CLM
- commons-bean-utils is pulled in by portal dependency - cannot fix until they do - and the repo will be deprecated post-Frankfurt anyway
- commons-fileupload is pulled in by portal dependency - cannot fix until they do - and the repo will be deprecated post-Frankfurt anyway
- dom4j - will not fix as it requires major upgrade for drools which is scheduled for Frankfurt
- policy does not pull in javax-servlet-api - not showing in CLM, no real recommendation anway
- bootstrap is pulled in by portal dependency - cannot fix until they do - and the repo will be deprecated post-Frankfurt anyway
- jquery is pulled in by portal dependency - cannot fix until they do - and the repo will be deprecated post-Frankfurt anyway
- relates to
-
POLICY-1982 Complete Vulnerability Review Table
- Closed
1.
|
commons-codec upgrade to 1.13 | Closed | Unassigned | |
2.
|
Investigate upgrade of org.springframework 4.3.24-RELEASE | Closed | mmokry |