Uploaded image for project: 'Tools (JBoss Tools)'
  1. Tools (JBoss Tools)
  2. JBIDE-21119

Update 4.5y.x TP to m2e 1.6.x (with fix for apache commons collections 3.2.2 / COLLECTIONS-580 / JBDS-3560)

    XMLWordPrintable

Details

    Description

      Fred said:

      So the m2e archetype feature also embeds a version of vulnerable commons-collections, that we need to fix upstream (even though it's not really vulnerable, just makes people cringy) – JBDS-3560

      So, we need a new version of m2e 1.6.x (with fix for apache commons collections 3.2.2 / COLLECTIONS-580 / JBDS-3560) and we can then mirror it and update the 4.50.x and 4.51.x TPs (for JBDS 9.1, not 9.0.1).

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. JBIDE-21118 Update 4.60.x TP to m2e 1.7 (with fix for apache commons collections 3.2.2 / COLLECTIONS-580 / JBDS-3560)

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is related to

          Bug - A problem that impairs or prevents the functions of the product. JBDS-3560 Arbitrary remote code execution with InvokerTransformer (COLLECTIONS-580)

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          relates to

          Sub-task - The sub-task of the issue JBIDE-21106 Update to m2e 1.7 and m2e-wtp 1.3

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              nickboldt Nick Boldt
              nickboldt Nick Boldt
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: