-
Type:
Improvement
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: alloy-2.0.2, bridge-impl-4.1.3, portal-3.0.4, alloy-3.0.2, showcase-3.0.4
-
Labels:None
This task involves updating the commons-fileupload version to 1.3.3 (or removing the dependency completely if possible) to avoid CVE-2016-3092 and CVE-2016-1000031. These vulnerabilities do not affect any production code. They only affect demos.