[FACES-3378] Update commons-fileupload to version 1.3.3 to avoid security vulnerabilities in demos - Liferay Issues

XML

Word

Printable

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: alloy-2.0.2, bridge-impl-4.1.3, portal-3.0.4, alloy-3.0.2, showcase-3.0.4
Component/s: JSF Showcase, Liferay Faces Alloy / Showcase / Tests, Liferay Faces Bridge Impl / Demos / Tests, Liferay Faces Portal / Demos / Tests
Labels:
None

Description

This task involves updating the commons-fileupload version to 1.3.3 (or removing the dependency completely if possible) to avoid CVE-2016-3092 and CVE-2016-1000031. These vulnerabilities do not affect any production code. They only affect demos.

Attachments

Activity

People

Assignee:: Kyle Stiemann (Inactive)

Reporter:: Kyle Stiemann (Inactive)

Participants of an Issue:: Kyle Stiemann

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 03/Jan/19 10:31 AM

Updated:: 03/Jul/19 3:18 PM

Resolved:: 08/May/19 7:53 PM

Packages

Version	Package
alloy-2.0.2
bridge-impl-4.1.3
portal-3.0.4
alloy-3.0.2
showcase-3.0.4