Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
0045934Openbravo ERPY. DBSourceManagerpublic2021-02-22 15:062021-04-30 13:35
shuehner 
alostale 
normalminorhave not tried
closedfixed 
5
 
PR21Q3 
Core
No
0045934: Update commons-collections in dbsm repo (3.1) to same version as present in backoffice (3.2.2)
Issue 40161 update that library from 3.2.1 to latest 3.2.2 version to also get a security fix.

However there is 2nd copy of the same library in dbsm repo left at the older version.

Note that the older copy is only used to compile dbsm and not at runtime (in which updated copy from backoffice repo is already used).

So no runtime change is expected by this update but it removes out the outdated jar version coming up in repo scanning.
run i.e. owasp-dependency check against dbsm repo
Apply same update as done in 40161 also to dbsm repo.
No tags attached.
related to design defect 0040161 closed alostale update commons-collections dependency 
related to defect 0046360 closed alostale obsolete libraries in dbsm classpath 
Issue History
2021-02-22 15:06shuehnerNew Issue
2021-02-22 15:06shuehnerAssigned To => platform
2021-02-22 15:06shuehnerModules => Core
2021-02-22 15:06shuehnerTriggers an Emergency Pack => No
2021-02-22 15:06shuehnerRelationship addedrelated to 0040161
2021-03-02 13:02shuehnerTarget Version => PR21Q2
2021-03-31 06:59alostaleTarget VersionPR21Q2 => PR21Q3
2021-04-27 08:17alostaleSummaryUpdate commons-collections in dbsm repo (3.2.1) to same version as present in backoffice (3.2.2) => Update commons-collections in dbsm repo (3.1) to same version as present in backoffice (3.2.2)
2021-04-27 08:29hgbotNote Added: 0127556
2021-04-27 08:45alostaleRelationship addedrelated to 0046360
2021-04-30 12:33hgbotResolutionopen => fixed
2021-04-30 12:33hgbotStatusnew => closed
2021-04-30 12:33hgbotNote Added: 0127700
2021-04-30 12:33hgbotNote Added: 0127701
2021-04-30 13:35alostaleAssigned Toplatform => alostale

Notes
(0127556)
hgbot   
2021-04-27 08:29   
Merge Request created: https://gitlab.com/openbravo/product/dbsm/-/merge_requests/23 [^]
(0127700)
hgbot   
2021-04-30 12:33   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/dbsm [^]
Changeset: abaa2f54ddf2400f72878c7dacce85f93c881163
Author: Asier Lostalé <asier.lostale@openbravo.com>
Date: 2021-04-27T08:16:10+02:00
URL: https://gitlab.com/openbravo/product/dbsm/-/commit/abaa2f54ddf2400f72878c7dacce85f93c881163 [^]

fixes ISSUE-45934: commons-collections update (3.1 -> 3.2.2)

Updated library to match the version in Openbravo which is uesed at
runtime anyway.

---
A lib/commons-collections-3.2.2.jar
M .classpath
M src-test/.classpath
R lib/commons-collections-3.1.jar
---
(0127701)
hgbot   
2021-04-30 12:33   
Merge request merged: https://gitlab.com/openbravo/product/dbsm/-/merge_requests/23 [^]