Uploaded image for project: 'Policy Framework'
  1. Policy Framework
  2. POLICY-1882

Review current CLM jobs and security upgrade recommendations

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Medium Medium
    • El Alto Release
    • None
    • None
    • None

      Per PTL meeting:

      https://wiki.onap.org/display/DW/PTL+2019-06-24?preview=/64007424/64009295/ONAP%20Vulnerability%20management%20for%20El%20Alto%20release_PP_v4%20(2).pptx

       

      • Policy does not pull in tomcat-embed-core - not showing in CLM
      • commons-bean-utils is pulled in by portal dependency - cannot fix until they do - and the repo will be deprecated post-Frankfurt anyway
      • commons-fileupload is pulled in by portal dependency - cannot fix until they do - and the repo will be deprecated post-Frankfurt anyway
      • dom4j - will not fix as it requires major upgrade for drools which is scheduled for Frankfurt
      • policy does not pull in javax-servlet-api - not showing in CLM, no real recommendation anway
      • bootstrap is pulled in by portal dependency - cannot fix until they do - and the repo will be deprecated post-Frankfurt anyway
      • jquery is pulled in by portal dependency - cannot fix until they do - and the repo will be deprecated post-Frankfurt anyway

        1.
        		 commons-codec upgrade to 1.13 Sub-task Closed Unassigned
        2.
        		 Investigate upgrade of org.springframework 4.3.24-RELEASE Sub-task Closed mmokry

            pdragosh pdragosh
            pdragosh pdragosh
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: