-
Story
-
Resolution: Done
-
High
-
None
-
None
-
Portal Sprint 6, Portal Sprint 7
The following security issues have been identified by Nexus IQ Server (tool used by LF) on 2017-12-23. See the attached report - RED Security issues.
1.
|
CVE-2015-5211 - Spring - File Upload issue. Upgrade to 4.2.2 | Closed | sa282w | |
2.
|
NVD - CVE-2016-1000341: bouncycastle issue. Upgrade to 2.4.4 | Closed | sa282w | |
3.
|
CVE-2017-5929: Logback. Upgrade to 1.2.x | Closed | sa282w | |
4.
|
CVE-2017-7957 xstream. Upgrade to version 1.4.7-2+ | Closed | sa282w | |
5.
|
CVE-2013-2186,CVE-2014-0050,CVE-2016-1000 031,CVE-2016-3092 Apache Commons FileUpload, MultipartStream, | Closed | tattasunder | |
6.
|
CVE-2015-0254 JSTL-Upgrade to 1.2.3+ | Closed | sa282w | |
7.
|
CVE-2017-12629: Apache Lucene: Upgrade to 7.1+ | Closed | sa282w | |
8.
|
EELF change to address the reported security issue | Closed | sa282w |