New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update apache commons-text lib #5718
Comments
Thank you nevertheless for updating - since all scanners alert anyway when finding a vulnerable library (even though the effected class is not directly used). By using an up-to-date lib it is now much easier to argue with the decision makers / security guys... |
Looking at the contents of the ZIP and the Release Notes, commons-text v1.10 is not part of JMeter 5.5. Would anyone be able to confirm when this will be released? |
Jmeter 5.5 contains commons-text-1.9 and has been released in June 2022 long before this issue was created. The Update to 1.10 will be part of the next jmeter release... |
Thank you. That's what I thought, but the previous comments (Oct, Nov) made me want to ask the question. |
Expected behavior
Jmeter is using a vulnerable apache commons-text library. It should be updated to the latest version (currently 1.10).
Actual behavior
No response
Steps to reproduce the problem
JMeter Version
5.5
Java Version
No response
OS Version
No response
The text was updated successfully, but these errors were encountered: