New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Developers Guide Java example has dependencies with vulnerabilities [DOC139] #142
Comments
Commented by: @mrotteveel Paul, I will do this; but I don't have enough rights to assign this ticket to myself. |
Modified by: @mrotteveeldescription: The Java example of the Developers Guide has a number dependencies that have known vulnerabilities (we were notified by GitHub). These need to be updated. Specifically: org.springframework:spring-core >= 4.3.0, < 4.3.18 defined in pom.xml. com.fasterxml.jackson.core:jackson-databind >= 2.8.0, < 2.8.9 defined in pom.xml. => The Java example of the Developers Guide has a number dependencies that have known vulnerabilities (we were notified by GitHub). These need to be updated. Specifically: org.springframework:spring-core >= 4.3.0, < 4.3.18 defined in pom.xml. com.fasterxml.jackson.core:jackson-databind < 2.8.11.1 defined in pom.xml. |
Modified by: @paulvinkassignee: Paul Vinkenoog [ paulvink ] => Mark Rotteveel [ avalanche1979 ] |
Commented by: @mrotteveel Pull request: #9 |
Commented by: @mrotteveel Published updated HTML + PDF and example zip on the site. |
Submitted by: @mrotteveel
The Java example of the Developers Guide has a number dependencies that have known vulnerabilities (we were notified by GitHub). These need to be updated.
Specifically:
org.springframework:spring-core >= 4.3.0, < 4.3.18 defined in pom.xml.
pom.xml update suggested: org.springframework:spring-core ~> 4.3.18.
com.fasterxml.jackson.core:jackson-databind < 2.8.11.1 defined in pom.xml.
pom.xml update suggested: com.fasterxml.jackson.core:jackson-databind ~> 2.8.11.1.
Commits: 9597272 60268b4
The text was updated successfully, but these errors were encountered: