Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2022-42889 Apache Commons Text #2669

Closed
robegelmeer opened this issue Nov 2, 2022 · 1 comment
Closed

CVE-2022-42889 Apache Commons Text #2669

robegelmeer opened this issue Nov 2, 2022 · 1 comment

Comments

@robegelmeer
Copy link

Context

  • MapFish print version: 3.29.4
  • Java version: Java 11 (Eclipse Adoptium: 11.0.16.1 (OpenJDK 64-Bit Server VM))
  • OS: Windows and Linux Ubuntu

Describe the bug

A few weeks ago there is a security vulnerability discovered in Apache Commons Text (CVE-2022-42889). This issue is in the version between 1.5 and 1.9 of Apache Commons Text. MapFish version 3.29.4 is using version 1.6 (commons-text-1.6.jar).

The issue is solved in version 1.10.
@sbrunner
Copy link
Member

It should be fixed with #2711

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sbrunner @robegelmeer