Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0045934
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] Y. DBSourceManagerminorhave not tried2021-02-22 15:062021-04-30 13:35
ReportershuehnerView Statuspublic 
Assigned Toalostale 
PrioritynormalResolutionfixedFixed in Version
StatusclosedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget VersionPR21Q3
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Merge Request Statusapproved
Review Assigned To
OBNetwork customerNo
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0045934: Update commons-collections in dbsm repo (3.1) to same version as present in backoffice (3.2.2)

DescriptionIssue 40161 update that library from 3.2.1 to latest 3.2.2 version to also get a security fix.

However there is 2nd copy of the same library in dbsm repo left at the older version.

Note that the older copy is only used to compile dbsm and not at runtime (in which updated copy from backoffice repo is already used).

So no runtime change is expected by this update but it removes out the outdated jar version coming up in repo scanning.
Steps To Reproducerun i.e. owasp-dependency check against dbsm repo
Proposed SolutionApply same update as done in 40161 also to dbsm repo.
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to design defect 0040161 closedalostale update commons-collections dependency 
related to defect 0046360 closedalostale obsolete libraries in dbsm classpath 

-  Notes
(0127556)
hgbot (developer)
2021-04-27 08:29

 Merge Request created: https://gitlab.com/openbravo/product/dbsm/-/merge_requests/23 [^]
(0127700)
hgbot (developer)
2021-04-30 12:33

 Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/dbsm [^]
Changeset: abaa2f54ddf2400f72878c7dacce85f93c881163
Author: Asier Lostalé <asier.lostale@openbravo.com>
Date: 2021-04-27T08:16:10+02:00
URL: https://gitlab.com/openbravo/product/dbsm/-/commit/abaa2f54ddf2400f72878c7dacce85f93c881163 [^]

fixes ISSUE-45934: commons-collections update (3.1 -> 3.2.2)

Updated library to match the version in Openbravo which is uesed at
runtime anyway.

---
A lib/commons-collections-3.2.2.jar
M .classpath
M src-test/.classpath
R lib/commons-collections-3.1.jar
---
(0127701)
hgbot (developer)
2021-04-30 12:33

 Merge request merged: https://gitlab.com/openbravo/product/dbsm/-/merge_requests/23 [^]

- Issue History
Date Modified Username Field Change
2021-02-22 15:06 shuehner New Issue
2021-02-22 15:06 shuehner Assigned To => platform
2021-02-22 15:06 shuehner OBNetwork customer => No
2021-02-22 15:06 shuehner Modules => Core
2021-02-22 15:06 shuehner Triggers an Emergency Pack => No
2021-02-22 15:06 shuehner Relationship added related to 0040161
2021-03-02 13:02 shuehner Target Version => PR21Q2
2021-03-31 06:59 alostale Target Version PR21Q2 => PR21Q3
2021-04-27 08:17 alostale Summary Update commons-collections in dbsm repo (3.2.1) to same version as present in backoffice (3.2.2) => Update commons-collections in dbsm repo (3.1) to same version as present in backoffice (3.2.2)
2021-04-27 08:29 hgbot Merge Request Status => open
2021-04-27 08:29 hgbot Note Added: 0127556
2021-04-27 08:45 alostale Relationship added related to 0046360
2021-04-30 12:33 hgbot Merge Request Status open => approved
2021-04-30 12:33 hgbot Resolution open => fixed
2021-04-30 12:33 hgbot Status new => closed
2021-04-30 12:33 hgbot Note Added: 0127700
2021-04-30 12:33 hgbot Note Added: 0127701
2021-04-30 13:35 alostale Assigned To platform => alostale

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker