Uploaded image for project: 'RESTEasy'
  1. RESTEasy
  2. RESTEASY-3467

Upgrade mime4j to version 0.8.11

    XMLWordPrintable

Details

    • Component Upgrade
    • Resolution: Done
    • Major
    • 5.0.10.Final, 6.2.8.Final, 7.0.0.Alpha1
    • 5.0.9.Final
    • None
    • None

    Description

      Tag: https://github.com/apache/james-mime4j/releases/tag/apache-mime4j-project-0.8.11
      Diff: https://github.com/apache/james-mime4j/compare/apache-mime4j-project-0.8.10...apache-mime4j-project-0.8.11

      [[INFO] |  |  \- org.jboss.resteasy:resteasy-multipart-provider:jar:5.0.9.Final:compile
[INFO] |  |     +- org.apache.james:apache-mime4j-dom:jar:0.8.9:compile
[INFO] |  |     |  \- org.apache.james:apache-mime4j-core:jar:0.8.9:compile
[INFO] |  |     \- org.apache.james:apache-mime4j-storage:jar:0.8.9:compile

      resteasy-multipart-provider:jar:5.0.9.Final depends upon a version of mime4j which appears to be vulnerable, see
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-21742
      https://lists.apache.org/thread/nrqzg93219wdj056pqfszsd33dc54kfy

      Attachments

        Issue Links

          clones

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. RESTEASY-3274 Upgrade mime4j to a more recent version

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              jperkins-rhn James Perkins
              fgrilli Federico Grilli
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: