Fwd: [xwiki/xwiki-commons] One of your dependencies may have a security vulnerability

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Fwd: [xwiki/xwiki-commons] One of your dependencies may have a security vulnerability

vmassol
Administrator
nice…

Even though we rolled back this upgrade since it has regressions ;)

-Vincent

> Begin forwarded message:
>
> From: GitHub <[hidden email]>
> Subject: [xwiki/xwiki-commons] One of your dependencies may have a security vulnerability
> Date: 16 October 2018 at 19:02:58 CEST
> To: xwiki/xwiki-commons <[hidden email]>
> Cc: Security alert <[hidden email]>
> Reply-To: xwiki/xwiki-commons <[hidden email]>
>
>  <https://github.com/> Sign in <https://github.com/login>
> vmassol,
> We found a potential security vulnerability in a repository for which you have been granted security alert access.
>
> xwiki/xwiki-commons <https://github.com/xwiki/xwiki-commons>
> Known moderate severity security vulnerability detected in org.dom4j:dom4j < 2.1.1 defined in pom.xml <https://github.com/xwiki/xwiki-commons/blob/master/pom.xml>.
> pom.xml <https://github.com/xwiki/xwiki-commons/blob/master/pom.xml> update suggested: org.dom4j:dom4j ~> 2.1.1.
> Always verify the validity and compatibility of suggestions with your codebase.
> Review vulnerable dependency <https://github.com/xwiki/xwiki-commons/network/alert/pom.xml/org.dom4j:dom4j/open>
>
> Only users who have been assigned access to security alerts will receive these notifications.
>
> Unsubscribe  <https://github.com/notifications/unsubscribe-vulnerability/AAmWKxhmdIzJDKAXPUTixtMdcH9wFC5uks5ulhFCgaJpZM4XezLT>· Email preferences <https://github.com/settings/emails> · Terms <https://help.github.com/articles/github-terms-of-service/> · Privacy <https://help.github.com/articles/github-privacy-policy/> · Sign into GitHub <https://github.com/login>
>
> GitHub, Inc.
> 88 Colin P Kelly Jr St.
> San Francisco, CA 94107
>

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: [xwiki/xwiki-commons] One of your dependencies may have a security vulnerability

vmassol
Administrator
FTR this is one feature of the FASTEN research project that XWiki SAS is going to participate to.

Thanks
-Vincent

> On 16 Oct 2018, at 19:24, Vincent Massol <[hidden email]> wrote:
>
> nice…
>
> Even though we rolled back this upgrade since it has regressions ;)
>
> -Vincent
>
>> Begin forwarded message:
>>
>> From: GitHub <[hidden email]>
>> Subject: [xwiki/xwiki-commons] One of your dependencies may have a security vulnerability
>> Date: 16 October 2018 at 19:02:58 CEST
>> To: xwiki/xwiki-commons <[hidden email]>
>> Cc: Security alert <[hidden email]>
>> Reply-To: xwiki/xwiki-commons <[hidden email]>
>>
>> <https://github.com/> Sign in <https://github.com/login>
>> vmassol,
>> We found a potential security vulnerability in a repository for which you have been granted security alert access.
>>
>> xwiki/xwiki-commons <https://github.com/xwiki/xwiki-commons>
>> Known moderate severity security vulnerability detected in org.dom4j:dom4j < 2.1.1 defined in pom.xml <https://github.com/xwiki/xwiki-commons/blob/master/pom.xml>.
>> pom.xml <https://github.com/xwiki/xwiki-commons/blob/master/pom.xml> update suggested: org.dom4j:dom4j ~> 2.1.1.
>> Always verify the validity and compatibility of suggestions with your codebase.
>> Review vulnerable dependency <https://github.com/xwiki/xwiki-commons/network/alert/pom.xml/org.dom4j:dom4j/open>
>>
>> Only users who have been assigned access to security alerts will receive these notifications.
>>
>> Unsubscribe  <https://github.com/notifications/unsubscribe-vulnerability/AAmWKxhmdIzJDKAXPUTixtMdcH9wFC5uks5ulhFCgaJpZM4XezLT>· Email preferences <https://github.com/settings/emails> · Terms <https://help.github.com/articles/github-terms-of-service/> · Privacy <https://help.github.com/articles/github-privacy-policy/> · Sign into GitHub <https://github.com/login>
>>
>> GitHub, Inc.
>> 88 Colin P Kelly Jr St.
>> San Francisco, CA 94107
>>
>