You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A CVE just popped up that is blocking 2.13.x builds (doesn't affect DDF master because it's been upgraded to Karaf 4.2.2). Suppressing this CVE since it's mitigated by file system hardening. Will also update the release notes to be explicit about the vulnerability and point to the hardening guide.
[ERROR] One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '7.0':
00:26:45 [ERROR]
00:26:45 [ERROR] org.apache.karaf.jaas.boot-4.2.1.jar: CVE-2018-11788
00:26:45 [ERROR]
00:26:45 [ERROR] See the dependency-check report for more details.
Description
A CVE just popped up that is blocking 2.13.x builds (doesn't affect DDF master because it's been upgraded to Karaf 4.2.2). Suppressing this CVE since it's mitigated by file system hardening. Will also update the release notes to be explicit about the vulnerability and point to the hardening guide.
Build reference: https://jenkins.codice.org/job/DDF-Jobs/job/2.13.x/job/pr/job/Linux/597/console
Expected behavior (if applicable):
N/A
Version
2.13.6-SNAPSHOT
Additional Information
N/A
The text was updated successfully, but these errors were encountered: