Loading...

XML

Word

Printable

Details

Type: Task
Resolution: Done
Priority: Neutral
Fix Version/s: 3.5.0
Affects Version/s: None
Component/s: None
Labels:
- artt
- security

Template:
Acceptance criteria:

Empty

show more show less
Task DoR:

Empty

show more show less

Description

See BUILD-611. In this case, log4j dependency comes transitively via Magnolia's bom/main and does not affect the blossom module itself directly.
Third-party libraries unrelated to Spring are already scanned for CVEs in dx-core and add-ons.

Checklists

Acceptance criteria

Attachments

Activity

People

Assignee:: Federico Grilli

Reporter:: Federico Grilli

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 15/Dec/21 7:18 PM

Updated:: 24/Mar/22 5:45 PM

Resolved:: 05/Jan/22 10:13 AM

Checklists

Task DoR