Uploaded image for project: 'Vnfsdk'
  1. Vnfsdk
  2. VNFSDK-369

Fix VNFSDK refrepo vulnerabilities

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Medium Medium
    • El Alto Release
    • None
    • None

      2017/4/17:

      https://nexus-iq.wl.linuxfoundation.org/assets/index.html#/reports/onap-vnfsdk-refrepo/0ca70c3c11dd4a44bff246d5fe87dee1

      org.postgresql : postgresql : 42.2.5, 

      the related CVE is marked as disputed (see https://nvd.nist.gov/vuln/detail/CVE-2019-9193 for further details). and it's commonly used and without a newer version. we'd like to ask exception for it. 

      Jackson:  we are working on using the Gson as the Alternative of jackson

      bootstrap: they publish the latest version 4.3.1 is non-vulnerable version. we will investigate this in next release.

       

      https://nexus-iq.wl.linuxfoundation.org/assets/index.html#/reports/onap-vnfsdk-refrepo/e40a62a7790d4311adf079d729ac1f1e

        1. image-2019-02-18-20-54-46-857.png
          image-2019-02-18-20-54-46-857.png
          36 kB

            mkr1481 mkr1481
            g310497 g310497
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: