Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0052255 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] A. Platform | major | have not tried | 2023-04-26 13:34 | 2023-11-21 09:13 | |||
| Reporter | kousalya_r | View Status | public | |||||
| Assigned To | kousalya_r | |||||||
| Priority | normal | Resolution | no change required | Fixed in Version | ||||
| Status | closed | Fix in branch | Fixed in SCM revision | |||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Review Assigned To | ||||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0052255: Request to provide valid version for jettison-1.3-patched.jar | |||||||
| Description | Please provide us a valid version to replace the jar jettison-1.3-patched.jar that China has reported the vulnerability. | |||||||
| Steps To Reproduce | China has requested version 1.5.4 | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||||||||||||||||
|
||||||||||||||||||||
 Relationships |
|
Notes |
|
|
(0157374) AugustoMauch (administrator) 2023-11-20 17:41 |
Kousalya, that upgrade of that library is very complex, see [1]. Could you share with me via chat the details of the vulnerability? To see if we are really exposed to it, and if so, if there are other ways of avoiding the vulnerability other than upgrading the library. [1] https://issues.openbravo.com/view.php?id=51132 [^] |
|
(0157398) AugustoMauch (administrator) 2023-11-21 09:13 |
It has been confirmed that the current version does not have the vulnerability that the client was concerned about |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2023-04-26 13:34 | kousalya_r | New Issue | |
| 2023-04-26 13:34 | kousalya_r | Assigned To | => Triage Platform Base |
| 2023-04-26 13:34 | kousalya_r | Modules | => Core |
| 2023-04-26 13:34 | kousalya_r | Triggers an Emergency Pack | => No |
| 2023-04-26 13:35 | kousalya_r | Summary | jettison-1.3-patched.jar => Request to provide valid version for jettison-1.3-patched.jar |
| 2023-04-26 13:37 | kousalya_r | Description Updated | View Revisions |
| 2023-04-26 13:38 | kousalya_r | Relationship added | depends on 0037151 |
| 2023-04-26 13:39 | kousalya_r | Relationship added | depends on 0037135 |
| 2023-04-26 13:41 | kousalya_r | Steps to Reproduce Updated | View Revisions |
| 2023-05-15 11:08 | AugustoMauch | Assigned To | Triage Platform Base => kousalya_r |
| 2023-05-15 11:08 | AugustoMauch | Status | new => feedback |
| 2023-11-20 17:41 | AugustoMauch | Note Added: 0157374 | |
| 2023-11-21 09:13 | AugustoMauch | Note Added: 0157398 | |
| 2023-11-21 09:13 | AugustoMauch | Status | feedback => closed |
| 2023-11-21 09:13 | AugustoMauch | Resolution | open => no change required |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |