View Issue Details

IDProjectCategoryView StatusLast Update
0004306SymmetricDSBugpublic2020-03-17 17:00
ReporterelongAssigned Toelong 
Priorityhigh 
Status closedResolutionfixed 
Product Version3.10.0 
Target Version3.10.11Fixed in Version3.10.11 
Summary0004306: Upgrade libraries with known vulnerabilities
DescriptionIn most cases, we're not using the vulnerable part of the library, but it's safer to just upgrade and avoid the assessment from security scans.

jackson-databind-2.9.8.jar -> 2.10.3
bcprov-jdk15on-1.59.jar -> 1.64
commons-beanutils-1.9.3.jar -> 1.9.4
spring-web-5.1.7.RELEASE.jar -> 5.2.3
jetty-9.4.19.v20190610 -> 9.4.26.v20200117
TagsNo tags attached.

Activities

There are no notes attached to this issue.

Related Changesets

SymmetricDS: 3.10 4444688a

2020-03-09 14:22:02

admin

Details Diff
0004306: Upgrade libraries with known vulnerabilities
0004306
mod - symmetric-assemble/common.gradle Diff File
mod - symmetric-assemble/gradle.properties Diff File
mod - symmetric-core/build.gradle Diff File
mod - symmetric-core/src/main/java/org/jumpmind/symmetric/monitor/MonitorTypeBatchError.java Diff File
mod - symmetric-core/src/main/java/org/jumpmind/symmetric/monitor/MonitorTypeLog.java Diff File
mod - symmetric-core/src/main/java/org/jumpmind/symmetric/monitor/MonitorTypeOfflineNodes.java Diff File
mod - symmetric-core/src/main/java/org/jumpmind/symmetric/notification/NotificationTypeEmail.java Diff File
mod - symmetric-core/src/main/java/org/jumpmind/symmetric/service/impl/UpdateService.java Diff File
add - symmetric-core/src/main/java/org/jumpmind/symmetric/util/SuperClassExclusion.java Diff File
mod - symmetric-io/build.gradle Diff File
mod - symmetric-io/src/main/java/org/jumpmind/symmetric/io/data/writer/CassandraDatabaseWriter.java Diff File
mod - symmetric-server/build.gradle Diff File

SymmetricDS: 3.9 f6f6d4fb

2020-03-17 16:48:29

admin

Details Diff
0004306: Upgrade libraries with known vulnerabilities
0004306
mod - symmetric-assemble/build.gradle Diff File
mod - symmetric-assemble/common.gradle Diff File
mod - symmetric-assemble/gradle.properties Diff File
mod - symmetric-core/build.gradle Diff File
mod - symmetric-io/build.gradle Diff File
mod - symmetric-io/src/main/java/org/jumpmind/symmetric/io/data/writer/CassandraDatabaseWriter.java Diff File
mod - symmetric-jdbc/build.gradle Diff File

Issue History

Date Modified Username Field Change
2020-03-09 14:20 elong New Issue
2020-03-09 14:20 elong Status new => assigned
2020-03-09 14:20 elong Assigned To => elong
2020-03-09 14:53 elong Status assigned => resolved
2020-03-09 14:53 elong Resolution open => fixed
2020-03-09 14:53 elong Fixed in Version => 3.10.11
2020-03-09 14:53 elong Issue cloned: 0004307
2020-03-09 15:00 admin Changeset attached => SymmetricDS 3.10 4444688a
2020-03-17 14:42 admin Status resolved => closed
2020-03-17 17:00 admin Changeset attached => SymmetricDS 3.9 f6f6d4fb