Code Review / odlparent.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: f7600fd) | patch
Exclude Derby from pax-jdbc-features 66/110666/10
authorPeter Suna <peter.suna@pantheon.tech>
Tue, 12 Mar 2024 12:07:42 +0000 (13:07 +0100)
committerRobert Varga <nite@hq.sk>
Sun, 14 Apr 2024 07:07:19 +0000 (07:07 +0000)
commitda509203f56747b3de501ffeed973f490cefae29
treec858174a948d6a2d81bf8fd59afe41ed51d55ebatree | snapshot
parentf7600fde3ff31b218a9ebf02ec21303e2152e8cfcommit | diff
Exclude Derby from pax-jdbc-features

The pax-jdbc-features 1.5.7 includes a transitive dependency on
Derby version 10.14.2.0, which introduces a critical vulnerability:
https://nvd.nist.gov/vuln/detail/CVE-2022-46337

Current fix is available only for Java 21.

JIRA: ODLPARENT-306
Change-Id: Ied65ef7392436780b7b05ae27ec49def08f66665
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
features/odl-karaf-feat-jdbc/pom.xml diff | blob | history
karaf/karaf4-parent/pom.xml diff | blob | history
odlparent