Update to log4j, RMB, Vert.x, postgresql

Description

Currently this module is using log4j 2.16.0 (vulnerable), Vert.x 4.1.0, RMB 33.0.2, postgresql 42.2.23 (vulnerable)

CSP Request Details

None

CSP Rejection Details

None

Potential Workaround

None

Attachments

Linked issues

blocks

MODOAIPMH-401

MODOAIPMH (mod-oai-pmh) Lotus BF release

defines

UXPROD-3340

Firebird - Lotus R1 2022 Enhancements/Bugfixes/Tech Debt

Checklist

hide

TestRail: Results

Activity

Show:

Viachaslau Khandramai March 16, 2022 at 7:30 AM

Versions are updated https://github.com/folio-org/mod-oai-pmh/blob/master/pom.xml.

Build successfully passed https://jenkins-aws.indexdata.com/job/folio-org/job/mod-oai-pmh/job/master/239/

Karate tests passed on https://folio-snapshot-okapi.dev.folio.org:443 :

Closing this story as technical task.

Slava

Craig McNally March 3, 2022 at 4:35 PM

The security team has reviewed this and assigned a priority. I've assigned it to you.

Done

Details

Assignee

Viachaslau Khandramai(Deactivated)

Reporter

Adam Dickmeiss

Labels

securitysecurity-reviewed

Priority

Story Points

Sprint

None

Development Team

Firebird

Fix versions

3.7.1

Release

Lotus (R1 2022) Bug Fix

RCA Group

Not a bug

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs

Created March 3, 2022 at 7:36 AM

Updated March 31, 2022 at 7:42 PM

Resolved March 16, 2022 at 7:30 AM

Configure

TestRail: Cases

TestRail: Runs