jmeter depends on obsolete commons-httpclient library #3682
Comments
|
Sebb (migrated from Bugzilla): |
|
@milamberspace (migrated from Bugzilla): @sebb I not sure that the issue was an incorrect choice of the HTTP request implementation. I thinks that is to create a jmeter package for a Linux distribution, the maintainer must add dependencies of the HC3.x because JMeter offer the possibility to use HC3 HTTP request implementation. For example Debian : One minor security issue for HC (3/4) |
|
Markus Koschany (migrated from Bugzilla): We would prefer that jmeter no longer requires to build-depend on commons-httpclient. |
Markus Koschany (Bug 58514):
jmeter depends on commons-httpclient. https://hc.apache.org/httpclient-3.x/
This library has reached EOL status four years ago and was replaced by Apache httpcomponents-client:
https://hc.apache.org/httpcomponents-client-ga/index.html
commons-httpclient was affected by multiple security issues in the past but is no longer supported by its upstream developers. This makes it difficult for Linux distributions to provide any support for applications and libraries which still depend on commons-httpclient.
Please consider to make the switch to httpcomponents-client
Severity: normal
OS: Linux
The text was updated successfully, but these errors were encountered: