Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove commons-httpclient dependency #15

Closed
dzc34 opened this issue Jan 14, 2017 · 0 comments
Closed

Remove commons-httpclient dependency #15

dzc34 opened this issue Jan 14, 2017 · 0 comments
Assignees
@dzc34
Labels
type: dependencies type: security

Comments

@dzc34
Copy link
Member

dzc34 commented Jan 14, 2017

Vulnerability

in Apache Commons HttpClient before 4.2.3
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6153

Same job than HttpComponents HttpClient

"The Commons HttpClient project is now end of life, and is no longer being developed. It has been replaced by the Apache HttpComponents project in its HttpClient and HttpCore modules, which offer better performance and more flexibility. " http://hc.apache.org/httpclient-3.x/

"The Commons HttpClient project used to be a part of Commons, but is now part of Apache HttpComponents" http://commons.apache.org/
@dzc34 dzc34 self-assigned this Jan 14, 2017
@dzc34 dzc34 changed the title Removed commons-httpclient dependency Remove commons-httpclient dependency Jan 14, 2017
dzc34 added a commit to dzc34/Contrast-Finder that referenced this issue Jan 14, 2017
@dzc34
Merge branch 'upgrading-dependencies' into develop
eab46e0 
Fixed Asqatasun#13 - Upgraded Apache.HttpComponents HttpClient to v4.3.6
Fixed Asqatasun#14 - Upgraded SpringFrameworkt to v3.2.12 and remove spring-asm
Fixed Asqatasun#15 - Removed commons-httpclient dependency
@dzc34 dzc34 closed this as completed in 7255f73 Jan 14, 2017
dzc34 added a commit to dzc34/Contrast-Finder that referenced this issue Jan 15, 2017
@dzc34
Merge branch 'upgrading-dependencies' into develop
59a2aca 
* upgrading-dependencies:
  Fixed Asqatasun#16 - Changed JSTL artifact (jstl:jstl -> org.apache.taglibs:taglibs-standard-jstlel)
  Fixed Asqatasun#15 - Removed commons-httpclient dependency
  Fixed Asqatasun#14 - Upgraded SpringFrameworkt to v3.2.12 and remove spring-asm
  Fixed Asqatasun#13 - Upgraded Apache.HttpComponents HttpClient to v4.3.6
dzc34 added a commit to dzc34/Contrast-Finder that referenced this issue Jan 15, 2017
@dzc34
Contrast-Finder v0.4.2
3d2886b 
----------------------
  set version to 0.4.2
  Updated CHANGELOG
  Fixed Asqatasun#16 - Changed JSTL artifact (jstl:jstl -> org.apache.taglibs:taglibs-standard-jstlel)
  Fixed Asqatasun#15 - Removed commons-httpclient dependency
  Fixed Asqatasun#14 - Upgraded SpringFrameworkt to v3.2.12 and remove spring-asm
  Fixed Asqatasun#13 - Upgraded Apache.HttpComponents HttpClient to v4.3.6
  updated CONTRIBUTING.md
  fixed Asqatasun#11 - color contrast falling for links
  fixed Asqatasun#10 - color contrast failing for "the color should be between (...)"
  Dockerfile : typo
  set version to 0.4.2-dev
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dzc34 dzc34

Labels
type: dependencies type: security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dzc34